Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
File: ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa (raw, json)
Hash identifier: cRShh2+kRRrhC3TYQ6CxYqX7Q64P4CYC0vk8zBU4boQ=
Subject key identifier: B9:F4:04:10:B6:96:AA:18:37:99:F0:F5:E3:E0:BC:30:D4:35:05:BF
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0861
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
Signing time: Mon 26 Aug 2024 05:24:10 +0000
ROA not before: Mon 26 Aug 2024 05:24:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 103.148.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Sep 2024 19:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2145 (0x861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Aug 26 05:24:10 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B9F40410B696AA183799F0F5E3E0BC30D43505BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6e:79:3f:8c:a1:f5:9d:b4:32:3c:43:65:9e:
3a:7e:ae:3e:c8:53:be:8b:a3:83:4a:b9:ad:a2:bf:
23:04:0a:47:6a:1a:7b:b6:0a:b5:62:97:55:82:6d:
c5:39:27:8b:c9:90:3a:e0:1f:f2:bf:0c:c9:84:83:
cb:68:f5:49:33:e4:e9:e1:0e:be:0d:05:46:6b:65:
7c:d9:09:86:b8:ff:39:bc:c4:e1:0f:23:ee:47:4f:
fd:e7:c4:e0:e2:69:80:bb:f5:2c:c9:6f:11:f8:31:
e4:dd:7b:50:20:40:6b:ba:15:c1:17:c4:a7:0b:ed:
cd:b2:48:d5:92:7a:88:d8:93:8f:fc:0d:82:20:a9:
ab:5f:30:c6:17:18:13:bf:48:ab:92:26:9a:82:d4:
b2:9e:5b:8c:85:28:61:89:6c:02:4c:d4:72:a4:3c:
86:03:3e:55:50:a8:80:48:9c:90:a7:43:18:a4:56:
28:8d:d1:e9:f3:e7:34:4f:43:dc:8d:ee:f5:de:cf:
5b:f4:85:c3:90:0f:de:be:1f:15:00:c9:32:d2:f4:
a7:66:bd:58:02:61:93:8d:79:17:07:64:12:15:f6:
2f:2e:bf:3d:66:cf:c9:25:cd:af:c4:b4:6b:80:e7:
4f:76:8d:1c:22:6f:dd:1b:c9:5b:2f:41:84:69:2e:
75:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F4:04:10:B6:96:AA:18:37:99:F0:F5:E3:E0:BC:30:D4:35:05:BF
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/ufQEELaWqhg3mfD14-C8MNQ1Bb8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.72.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:68:05:3d:b6:e7:8e:0b:f8:5f:5a:55:af:9a:9d:74:e3:45:
e9:f3:a0:dd:b9:c7:80:db:0c:fa:2c:eb:e3:ea:3a:53:9c:0a:
97:a7:70:52:ab:33:c7:36:45:93:f8:05:44:f7:95:9e:db:2c:
e6:eb:1f:75:4e:4c:29:82:73:f3:ad:5b:e4:d0:64:81:8f:b8:
34:cf:91:09:7f:be:a0:29:79:25:2b:9d:5f:09:c7:8e:10:32:
ee:73:49:e0:dc:82:63:23:f9:4f:68:db:88:a9:f3:45:24:d5:
f3:ca:b2:e3:c4:bb:bd:09:b4:f5:7d:22:40:17:df:3d:b1:34:
90:1b:92:41:e5:38:d8:3f:f9:28:b1:e3:75:28:73:11:08:87:
60:e7:1f:2f:f3:ee:a1:86:35:b9:34:a4:06:d3:ae:83:d3:a5:
66:a2:10:a9:21:e5:a8:ab:7b:f6:e2:b1:e8:52:69:fa:57:aa:
14:95:c5:83:09:28:38:29:5c:09:72:a2:c8:01:f4:d2:67:50:
2c:09:7b:23:9f:50:54:5e:bc:60:8c:21:64:01:18:e7:d1:c3:
6a:bc:d0:c1:5b:d0:a3:20:33:9d:37:fa:22:dc:f5:0e:c5:af:
50:3f:37:6e:ba:05:13:8e:70:04:24:49:de:67:5d:35:f3:70:
45:92:5a:9a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNDA4MjYw
NTI0MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI5RjQwNDEwQjY5NkFB
MTgzNzk5RjBGNUUzRTBCQzMwRDQzNTA1QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFbnk/jKH1nbQyPENlnjp+rj7IU76Lo4NKua2ivyMECkdqGnu2
CrVil1WCbcU5J4vJkDrgH/K/DMmEg8to9Ukz5OnhDr4NBUZrZXzZCYa4/zm8xOEP
I+5HT/3nxODiaYC79SzJbxH4MeTde1AgQGu6FcEXxKcL7c2ySNWSeojYk4/8DYIg
qatfMMYXGBO/SKuSJpqC1LKeW4yFKGGJbAJM1HKkPIYDPlVQqIBInJCnQxikViiN
0enz5zRPQ9yN7vXez1v0hcOQD96+HxUAyTLS9KdmvVgCYZONeRcHZBIV9i8uvz1m
z8klza/EtGuA5092jRwib90byVsvQYRpLnUVAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUufQEELaWqhg3mfD14+C8MNQ1Bb8wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL3VmUUVFTGFXcWhnM21mRDE0LUM4TU5R
MUJiOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBAGxoBT22544L+F9aVa+anXTjRenzoN25x4DbDPos6+Pq
OlOcCpencFKrM8c2RZP4BUT3lZ7bLObrH3VOTCmCc/OtW+TQZIGPuDTPkQl/vqAp
eSUrnV8Jx44QMu5zSeDcgmMj+U9o24ip80Uk1fPKsuPEu70JtPV9IkAX3z2xNJAb
kkHlONg/+Six43UocxEIh2DnHy/z7qGGNbk0pAbTroPTpWaiEKkh5aire/bisehS
afpXqhSVxYMJKDgpXAlyosgB9NJnUCwJeyOfUFRevGCMIWQBGOfRw2q80MFb0KMg
M503+iLc9Q7Fr1A/N266BROOcAQkSd5nXTXzcEWSWpo=
-----END CERTIFICATE-----
Generated at Sat Sep 21 21:00:10 2024 by rpki-client on console-ams.rpki-client.org