Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/EQ0VxDeU-srBrxJjXhI6OjBLm08.roa
File: EQ0VxDeU-srBrxJjXhI6OjBLm08.roa (raw, json)
Hash identifier: hM+PsDIth40BtinvTVodLHXK8rI3jkLaBLi+IwDDVeA=
Subject key identifier: 11:0D:15:C4:37:94:FA:CA:C1:AF:12:63:5E:12:3A:3A:30:4B:9B:4F
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/EQ0VxDeU-srBrxJjXhI6OjBLm08.roa
Signing time: Thu 15 Sep 2022 02:42:22 +0000
ROA not before: Thu 15 Sep 2022 02:42:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.32.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:22 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=110D15C43794FACAC1AF12635E123A3A304B9B4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b1:53:ed:98:b9:4a:7c:43:aa:97:4e:5c:a3:
05:0a:c1:fd:d6:ac:53:bc:a6:37:be:fc:eb:01:be:
db:38:79:d6:ef:99:d8:b3:75:f2:80:60:b8:e7:62:
e4:15:27:21:da:f5:33:94:b2:2f:0c:ee:9b:33:b7:
70:d7:a3:d0:49:33:42:40:0f:6d:95:64:1a:b8:68:
6a:c4:ee:9b:ca:56:e4:cf:ca:17:f6:31:16:2d:5d:
8e:27:a1:46:52:02:35:5f:01:39:f2:ff:53:0e:b1:
cc:4c:6c:d2:92:de:2b:20:a1:2c:76:1c:c5:b2:ad:
08:b2:ad:c4:01:84:0f:2d:30:83:6a:5e:9b:aa:48:
5b:e8:1a:e3:9f:4b:04:d8:29:fb:91:34:26:34:a3:
75:83:81:e6:be:63:e6:ee:23:ff:80:c6:6f:04:a1:
8e:e2:a9:bf:7e:0f:3a:6a:b5:09:a8:51:2a:46:c0:
2f:c2:3d:84:ad:a3:e1:80:9e:32:6c:7d:3e:2d:c4:
23:b8:f0:d0:1e:ab:5a:7e:86:55:66:84:cd:9e:f5:
f8:c5:5e:a5:92:b6:ec:57:62:47:53:62:4f:4c:fe:
06:c3:c1:d4:e3:41:dd:1f:d1:cc:10:30:fe:37:b5:
88:91:cd:a4:85:bd:1b:54:0f:65:4a:95:67:53:f7:
c4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:0D:15:C4:37:94:FA:CA:C1:AF:12:63:5E:12:3A:3A:30:4B:9B:4F
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/EQ0VxDeU-srBrxJjXhI6OjBLm08.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:c9:6c:fc:66:0e:98:76:21:7c:ed:a2:e0:9f:a6:31:f9:ec:
8a:ce:b9:05:ef:76:eb:10:ab:37:78:7e:72:b4:b5:d5:cd:6c:
d5:a3:93:10:f8:d5:5d:4f:a6:66:ed:41:78:0f:cd:70:8e:d5:
d9:4d:ef:c8:20:38:62:4a:e2:65:86:22:ff:40:5a:16:c0:86:
b3:40:06:b4:de:80:bf:ac:38:32:72:f0:32:eb:32:bd:82:f3:
6d:83:75:ac:7e:fe:df:d6:34:f8:7a:ea:46:24:b1:db:84:a7:
82:63:91:73:f7:a8:6a:6c:07:16:a4:6a:54:54:1e:3a:e8:a5:
7a:c3:4e:c8:9e:28:39:c7:0f:b2:28:9b:3c:0a:4e:f9:82:9d:
26:88:87:58:60:51:84:13:b7:3e:1c:56:bc:c7:c9:b0:93:2e:
a0:98:37:a7:37:eb:4a:45:b5:1d:da:44:53:c0:24:e7:c1:45:
6a:ea:b5:ff:88:f1:d4:98:67:86:d5:2e:8b:64:ed:1a:a4:d5:
d6:13:91:74:cf:f0:92:ef:7f:3f:9a:48:30:94:77:c5:6c:53:
f6:bc:e5:7d:55:40:08:14:1d:5d:bc:0b:0b:5a:44:ea:bf:01:
11:20:6c:9a:7c:b9:8f:d8:10:80:56:eb:bf:fd:ee:4d:eb:61:
50:26:48:25
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDExMEQxNUM0Mzc5NEZB
Q0FDMUFGMTI2MzVFMTIzQTNBMzA0QjlCNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCssVPtmLlKfEOql05cowUKwf3WrFO8pje+/OsBvts4edbvmdiz
dfKAYLjnYuQVJyHa9TOUsi8M7pszt3DXo9BJM0JAD22VZBq4aGrE7pvKVuTPyhf2
MRYtXY4noUZSAjVfATny/1MOscxMbNKS3isgoSx2HMWyrQiyrcQBhA8tMINqXpuq
SFvoGuOfSwTYKfuRNCY0o3WDgea+Y+buI/+Axm8EoY7iqb9+DzpqtQmoUSpGwC/C
PYSto+GAnjJsfT4txCO48NAeq1p+hlVmhM2e9fjFXqWStuxXYkdTYk9M/gbDwdTj
Qd0f0cwQMP43tYiRzaSFvRtUD2VKlWdT98TbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUEQ0VxDeU+srBrxJjXhI6OjBLm08wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vRVEwVnhEZVUtc3JCcnhKalhoSTZP
akJMbTA4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBd8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEATMls/GYOmHYhfO2i4J+mMfnsis65Be926xCrN3h+
crS11c1s1aOTEPjVXU+mZu1BeA/NcI7V2U3vyCA4YkriZYYi/0BaFsCGs0AGtN6A
v6w4MnLwMusyvYLzbYN1rH7+39Y0+HrqRiSx24SngmORc/eoamwHFqRqVFQeOuil
esNOyJ4oOccPsiibPApO+YKdJoiHWGBRhBO3PhxWvMfJsJMuoJg3pzfrSkW1HdpE
U8Ak58FFauq1/4jx1JhnhtUui2TtGqTV1hORdM/wku9/P5pIMJR3xWxT9rzlfVVA
CBQdXbwLC1pE6r8BESBsmny5j9gQgFbrv/3uTethUCZIJQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org