Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/1dSUbND3UJ4lBeHY14R_FEuDZ0Y.roa
File: 1dSUbND3UJ4lBeHY14R_FEuDZ0Y.roa (raw, json)
Hash identifier: dSLgOHw9VUSreSDqz7my558cq+tf3XQR+S5Gyi806pk=
Subject key identifier: D5:D4:94:6C:D0:F7:50:9E:25:05:E1:D8:D7:84:7F:14:4B:83:67:46
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/1dSUbND3UJ4lBeHY14R_FEuDZ0Y.roa
Signing time: Thu 15 Sep 2022 02:42:29 +0000
ROA not before: Thu 15 Sep 2022 02:42:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 124.150.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:29 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D5D4946CD0F7509E2505E1D8D7847F144B836746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:48:39:8f:7c:4a:01:85:e5:03:83:2a:e3:c6:
8a:a5:a5:c1:6a:92:47:94:3f:72:32:40:46:a9:a2:
fc:6f:54:34:ef:5e:cc:b1:be:da:db:31:f3:db:22:
57:c0:5b:0e:4f:cf:7d:51:f4:4b:04:5d:6c:bc:df:
fc:b3:b0:bd:a5:1e:51:35:cd:6b:13:e7:9e:01:03:
65:a6:42:97:1f:30:06:ff:3e:04:f1:35:8f:de:f8:
5a:5a:b1:cf:8f:b2:7a:bc:9c:98:9e:75:22:2c:14:
d4:33:49:53:6d:e3:1c:cd:6b:32:58:ad:c2:1d:ae:
11:82:2c:0b:cf:80:18:7c:76:f1:3d:1a:88:01:26:
fb:a6:49:c2:18:25:25:11:c2:88:59:67:cf:ef:25:
2a:77:5a:47:0d:be:3d:d3:9c:f9:65:15:ad:bd:67:
56:a0:c0:1a:dd:3a:a8:dc:58:7f:f9:5a:81:6b:d6:
c6:f3:7f:a9:7c:dd:62:df:50:67:e0:3e:e2:3d:f5:
a0:62:6d:de:f9:b2:31:b0:28:49:cf:f8:1b:93:b7:
ad:00:3c:a6:f8:bd:21:12:4f:a0:5c:73:77:be:ba:
fe:ee:74:e6:67:48:24:a3:17:f0:3b:64:2e:3c:30:
bc:97:57:30:05:0e:f4:4c:5c:de:d3:56:47:57:3d:
c5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:94:6C:D0:F7:50:9E:25:05:E1:D8:D7:84:7F:14:4B:83:67:46
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/1dSUbND3UJ4lBeHY14R_FEuDZ0Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.130.0/24
Signature Algorithm: sha256WithRSAEncryption
17:db:4e:a1:95:0c:bc:6b:cf:41:39:7e:0e:74:ec:13:58:6e:
36:a5:83:c0:59:e8:12:83:91:dc:32:56:a8:4c:26:6f:4f:95:
8b:91:e0:df:cd:e0:75:2e:e0:be:76:b5:53:d6:0f:a7:7e:06:
78:5e:cb:56:e9:a6:51:ba:6a:bc:9e:18:a3:14:5a:40:60:e8:
46:b1:cf:3b:5d:e9:d3:62:b2:d7:7d:ea:c7:da:46:cd:ca:22:
51:f7:b5:2b:87:24:32:84:42:cb:39:8e:f0:59:eb:87:82:7c:
2a:0b:ff:6d:e8:d1:51:1f:1a:96:e6:69:96:b0:7b:33:60:81:
7b:6a:16:14:33:f2:53:b1:50:77:cf:06:dd:2c:5f:c7:c3:bb:
7c:30:ab:ef:6e:ab:cb:56:47:27:4d:19:89:f2:41:85:81:65:
6d:2a:87:9e:84:45:54:db:29:11:8f:8b:88:88:ec:71:7f:f6:
78:97:f9:67:e3:d3:7d:7e:f5:1a:81:57:44:c6:b6:84:e2:b0:
74:38:a8:20:6c:1c:7d:56:c6:da:a3:90:5a:88:8d:9a:20:0f:
b9:ee:ae:c1:f0:84:62:22:94:14:5b:d3:e9:13:45:ab:5c:7f:
c9:26:05:ee:05:0a:2a:bf:22:e1:93:b9:54:92:b0:cd:07:fb:
dc:37:58:44
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ1RDQ5NDZDRDBGNzUw
OUUyNTA1RTFEOEQ3ODQ3RjE0NEI4MzY3NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYSDmPfEoBheUDgyrjxoqlpcFqkkeUP3IyQEapovxvVDTvXsyx
vtrbMfPbIlfAWw5Pz31R9EsEXWy83/yzsL2lHlE1zWsT554BA2WmQpcfMAb/PgTx
NY/e+Fpasc+Psnq8nJiedSIsFNQzSVNt4xzNazJYrcIdrhGCLAvPgBh8dvE9GogB
JvumScIYJSURwohZZ8/vJSp3WkcNvj3TnPllFa29Z1agwBrdOqjcWH/5WoFr1sbz
f6l83WLfUGfgPuI99aBibd75sjGwKEnP+BuTt60APKb4vSEST6Bcc3e+uv7udOZn
SCSjF/A7ZC48MLyXVzAFDvRMXN7TVkdXPcVhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1dSUbND3UJ4lBeHY14R/FEuDZ0YwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vMWRTVWJORDNVSjRsQmVIWTE0Ul9G
RXVEWjBZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHyWgjAN
BgkqhkiG9w0BAQsFAAOCAQEAF9tOoZUMvGvPQTl+DnTsE1huNqWDwFnoEoOR3DJW
qEwmb0+Vi5Hg383gdS7gvna1U9YPp34GeF7LVummUbpqvJ4YoxRaQGDoRrHPO13p
02Ky133qx9pGzcoiUfe1K4ckMoRCyzmO8Fnrh4J8Kgv/bejRUR8aluZplrB7M2CB
e2oWFDPyU7FQd88G3Sxfx8O7fDCr726ry1ZHJ00ZifJBhYFlbSqHnoRFVNspEY+L
iIjscX/2eJf5Z+PTfX71GoFXRMa2hOKwdDioIGwcfVbG2qOQWoiNmiAPue6uwfCE
YiKUFFvT6RNFq1x/ySYF7gUKKr8i4ZO5VJKwzQf73DdYRA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org