Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/48--i853SXtL7e5DqzlSqBq722w.roa
File: 48--i853SXtL7e5DqzlSqBq722w.roa (raw, json)
Hash identifier: QVxIYG/XLhWcsiLgWJL+yKdGnSbBMbJwzl2mjW5kgEg=
Subject key identifier: E3:CF:BE:8B:CE:77:49:7B:4B:ED:EE:43:AB:39:52:A8:1A:BB:DB:6C
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/48--i853SXtL7e5DqzlSqBq722w.roa
Signing time: Thu 15 Sep 2022 02:42:34 +0000
ROA not before: Thu 15 Sep 2022 02:42:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E3CFBE8BCE77497B4BEDEE43AB3952A81ABBDB6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2e:f8:d4:79:c4:c8:e2:16:a0:bd:0b:a8:3f:
66:30:c9:67:9e:4e:ce:01:0c:6b:4f:35:95:01:62:
a0:86:7d:b1:a8:d2:83:89:83:79:e9:13:37:b7:9b:
55:44:c0:ae:f0:60:9c:87:db:e7:aa:c3:8b:83:6d:
a1:9f:f1:68:fb:06:ed:eb:2f:b5:6b:46:f5:91:3a:
ce:d4:d4:a5:7e:8f:66:3c:11:a6:65:f4:fb:22:55:
3b:6c:95:c7:ed:13:06:64:bd:99:01:42:d0:b4:3f:
23:0f:ad:0c:72:bb:52:a7:fb:b6:fe:66:66:03:33:
15:bb:f1:e3:79:72:a1:d5:96:8b:5f:e4:db:ee:de:
9f:45:4d:d9:88:ec:93:f4:ea:da:d5:66:80:21:ac:
2c:62:22:43:4b:91:5d:10:d9:5d:09:a0:d4:c3:85:
fd:d8:36:b1:a6:58:0c:98:4c:11:75:0d:1f:3e:77:
43:1e:4d:c8:bd:86:db:30:4b:ed:ea:91:8f:86:60:
61:c3:01:ef:8e:f4:42:89:c4:3c:c4:0d:c8:90:5c:
a7:e6:b9:05:a1:7c:0f:06:c0:ef:9f:63:d0:54:8d:
79:ce:3d:26:07:06:7e:5c:bb:ed:ee:a9:d5:c4:cc:
4b:6f:88:d6:34:15:f8:b1:0c:c3:3d:ed:e3:a2:0a:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CF:BE:8B:CE:77:49:7B:4B:ED:EE:43:AB:39:52:A8:1A:BB:DB:6C
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/48--i853SXtL7e5DqzlSqBq722w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.53.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:56:a7:99:7e:25:b5:be:57:82:b8:96:1b:83:52:3c:84:07:
bb:a4:9b:30:f1:3f:9c:eb:1e:39:1e:58:a6:f7:81:4a:2c:1c:
98:7e:72:d3:69:dc:fb:1a:cc:9a:15:7e:d7:0d:2e:8f:76:8d:
6a:0e:3b:47:f1:b5:9d:dd:73:31:d2:e3:73:c5:13:15:f3:83:
2d:c3:31:07:db:03:44:63:35:a6:2d:6d:24:dd:2e:b9:c0:db:
53:fd:33:38:fa:2d:c9:b3:22:aa:7c:1f:a0:08:22:8d:c9:1d:
9c:7d:cb:54:e5:62:ef:db:62:bb:7d:5c:c8:fe:36:75:24:e9:
d3:d4:e6:6c:9b:48:d3:7c:54:28:95:ec:ec:ae:59:a4:1d:6f:
49:e3:be:03:04:ba:67:29:c5:bc:28:5a:c9:aa:95:f8:88:0f:
2f:40:66:3a:13:fc:50:d0:58:52:73:74:4b:38:80:cc:fe:21:
c4:f8:9d:69:eb:68:62:86:94:a4:28:87:01:bd:98:b6:d2:15:
93:4e:d9:e6:06:a7:2f:4e:6b:e3:ce:6a:93:90:fb:42:18:67:
6e:ce:29:07:64:de:29:93:d9:87:54:f9:8d:eb:e4:85:6e:85:
0b:53:14:e9:fb:44:16:28:1a:70:b4:d4:33:d2:c1:7a:44:e3:
7a:fa:8b:72
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUzQ0ZCRThCQ0U3NzQ5
N0I0QkVERUU0M0FCMzk1MkE4MUFCQkRCNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGLvjUecTI4hagvQuoP2YwyWeeTs4BDGtPNZUBYqCGfbGo0oOJ
g3npEze3m1VEwK7wYJyH2+eqw4uDbaGf8Wj7Bu3rL7VrRvWROs7U1KV+j2Y8EaZl
9PsiVTtslcftEwZkvZkBQtC0PyMPrQxyu1Kn+7b+ZmYDMxW78eN5cqHVlotf5Nvu
3p9FTdmI7JP06trVZoAhrCxiIkNLkV0Q2V0JoNTDhf3YNrGmWAyYTBF1DR8+d0Me
Tci9htswS+3qkY+GYGHDAe+O9EKJxDzEDciQXKfmuQWhfA8GwO+fY9BUjXnOPSYH
Bn5cu+3uqdXEzEtviNY0FfixDMM97eOiCiGZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU48++i853SXtL7e5DqzlSqBq722wwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vNDgtLWk4NTNTWHRMN2U1RHF6bFNx
QnE3MjJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bNTAN
BgkqhkiG9w0BAQsFAAOCAQEAX1anmX4ltb5XgriWG4NSPIQHu6SbMPE/nOseOR5Y
pveBSiwcmH5y02nc+xrMmhV+1w0uj3aNag47R/G1nd1zMdLjc8UTFfODLcMxB9sD
RGM1pi1tJN0uucDbU/0zOPotybMiqnwfoAgijckdnH3LVOVi79tiu31cyP42dSTp
09TmbJtI03xUKJXs7K5ZpB1vSeO+AwS6ZynFvChayaqV+IgPL0BmOhP8UNBYUnN0
SziAzP4hxPidaetoYoaUpCiHAb2YttIVk07Z5ganL05r485qk5D7Qhhnbs4pB2Te
KZPZh1T5jevkhW6FC1MU6ftEFigacLTUM9LBekTjevqLcg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org