Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/CYAIQQyHQbfbSRzyQ_lZN4t1-fI.roa
File: CYAIQQyHQbfbSRzyQ_lZN4t1-fI.roa (raw, json)
Hash identifier: LpyxTcttO2pWViamZvoo0R3QnX+EkzGFQas+zBOyous=
Subject key identifier: 09:80:08:41:0C:87:41:B7:DB:49:1C:F2:43:F9:59:37:8B:75:F9:F2
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CYAIQQyHQbfbSRzyQ_lZN4t1-fI.roa
Signing time: Thu 15 Sep 2022 02:42:30 +0000
ROA not before: Thu 15 Sep 2022 02:42:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 124.150.128.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=098008410C8741B7DB491CF243F959378B75F9F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d6:10:12:37:c5:34:a6:2d:90:07:37:f3:37:
dc:2e:48:b0:c0:ea:c7:34:4c:c0:ed:af:0a:68:fe:
71:a5:f5:f5:69:f1:60:b4:6f:5d:db:fb:b9:25:68:
06:b3:93:97:6a:ae:b0:b2:9b:2c:a0:f9:3e:ce:65:
03:de:94:8a:fd:a7:f7:be:be:35:48:5d:ab:2b:32:
e4:5b:87:47:f4:3c:b0:1d:ac:f7:b0:81:dd:bc:4e:
b1:51:0d:4d:6e:41:cf:c2:f5:a4:7d:83:47:af:25:
88:91:15:63:b2:a4:17:76:23:a1:40:29:40:35:d1:
a8:14:3b:7a:92:20:d9:dc:3e:85:0b:60:3b:db:22:
16:e7:22:5f:9b:44:f0:ce:f0:df:c8:04:bd:ab:0d:
18:2b:df:e4:36:71:78:e5:ee:89:bc:a6:2e:21:26:
e8:9d:27:f6:fd:c9:fb:59:b9:f8:7e:89:10:3b:d3:
78:bf:00:65:f0:fa:b5:98:78:f3:e2:ac:1b:79:ea:
15:34:d9:95:b7:0c:08:95:48:e7:3f:5a:2c:4a:54:
17:43:c4:c2:7b:23:a0:c9:9f:3d:36:23:32:d9:a6:
29:24:91:7b:e3:97:fe:98:d9:9d:2a:40:10:3e:f8:
92:5d:73:1e:36:bd:16:4f:93:9b:22:71:d5:d1:53:
75:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:80:08:41:0C:87:41:B7:DB:49:1C:F2:43:F9:59:37:8B:75:F9:F2
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CYAIQQyHQbfbSRzyQ_lZN4t1-fI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.128.0/21
Signature Algorithm: sha256WithRSAEncryption
76:f1:3d:3e:72:da:54:49:ad:f1:a8:5b:48:3b:30:8e:16:0a:
62:ea:99:71:35:8d:bb:e4:99:1e:f2:48:7e:b9:7f:02:5b:bc:
bf:4c:7d:3c:a2:2e:7d:07:c4:7d:97:d7:68:35:6c:7f:ed:f2:
23:4e:a7:89:6c:b2:08:45:bc:b0:a2:fb:b5:ee:79:83:69:94:
19:22:ea:70:3c:ea:34:b1:55:6f:d0:b2:f4:45:d2:2e:f4:49:
76:d6:4f:9f:ef:fd:41:85:70:14:bc:f3:12:a1:ac:ea:cc:12:
aa:69:ee:62:74:0c:5e:16:5f:8c:16:4b:da:9c:32:c9:17:60:
d6:1d:cf:56:8a:86:ce:43:49:e6:9e:c3:f7:46:32:ad:7e:cc:
08:f1:73:7e:6e:86:09:f0:4b:d5:d8:f7:93:7f:18:7e:03:6b:
0d:65:8b:17:0b:a0:68:dd:35:81:8b:80:09:5b:ab:a5:de:91:
2b:6e:7e:74:e0:17:6f:39:6a:24:63:90:db:c2:a1:cd:55:3e:
98:df:7c:7a:41:b5:a7:cb:da:c1:99:72:61:4e:eb:00:ba:18:
13:9d:06:6d:4b:00:1b:dd:60:8c:1d:93:c7:26:5e:47:e6:a9:
b6:9a:ba:3d:9f:51:b8:dd:2e:6b:56:1c:b2:8c:67:75:d8:f1:
0f:48:d2:4c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA5ODAwODQxMEM4NzQx
QjdEQjQ5MUNGMjQzRjk1OTM3OEI3NUY5RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs1hASN8U0pi2QBzfzN9wuSLDA6sc0TMDtrwpo/nGl9fVp8WC0
b13b+7klaAazk5dqrrCymyyg+T7OZQPelIr9p/e+vjVIXasrMuRbh0f0PLAdrPew
gd28TrFRDU1uQc/C9aR9g0evJYiRFWOypBd2I6FAKUA10agUO3qSINncPoULYDvb
IhbnIl+bRPDO8N/IBL2rDRgr3+Q2cXjl7om8pi4hJuidJ/b9yftZufh+iRA703i/
AGXw+rWYePPirBt56hU02ZW3DAiVSOc/WixKVBdDxMJ7I6DJnz02IzLZpikkkXvj
l/6Y2Z0qQBA++JJdcx42vRZPk5sicdXRU3U5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCYAIQQyHQbfbSRzyQ/lZN4t1+fIwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQ1lBSVFReUhRYmZiU1J6eVFfbFpO
NHQxLWZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3yWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAdvE9PnLaVEmt8ahbSDswjhYKYuqZcTWNu+SZHvJI
frl/Alu8v0x9PKIufQfEfZfXaDVsf+3yI06niWyyCEW8sKL7te55g2mUGSLqcDzq
NLFVb9Cy9EXSLvRJdtZPn+/9QYVwFLzzEqGs6swSqmnuYnQMXhZfjBZL2pwyyRdg
1h3PVoqGzkNJ5p7D90YyrX7MCPFzfm6GCfBL1dj3k38YfgNrDWWLFwugaN01gYuA
CVurpd6RK25+dOAXbzlqJGOQ28KhzVU+mN98ekG1p8vawZlyYU7rALoYE50GbUsA
G91gjB2TxyZeR+aptpq6PZ9RuN0ua1YcsoxnddjxD0jSTA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org