Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/J_2FW3VpCxYbaIX5b2tROGkGyd4.roa
File: J_2FW3VpCxYbaIX5b2tROGkGyd4.roa (raw, json)
Hash identifier: Lsowb5DQm56yMPSWG3UGngb2IpiMFkgYG7PjxldAQFk=
Subject key identifier: 27:FD:85:5B:75:69:0B:16:1B:68:85:F9:6F:6B:51:38:69:06:C9:DE
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/J_2FW3VpCxYbaIX5b2tROGkGyd4.roa
Signing time: Thu 15 Sep 2022 02:42:32 +0000
ROA not before: Thu 15 Sep 2022 02:42:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 103.20.40.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:32 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=27FD855B75690B161B6885F96F6B51386906C9DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:1f:3c:19:ae:8e:da:ba:58:61:51:e7:90:
b1:58:a1:69:31:3e:40:92:b7:6a:d2:d3:ee:b6:26:
4d:fd:af:12:6d:b4:79:ba:8e:d1:6f:60:5d:a7:d9:
27:25:7b:c1:03:b5:e4:81:f0:3f:1e:88:a1:1a:ac:
26:0a:65:a7:75:4c:51:23:1d:db:b1:14:42:e9:62:
89:41:da:19:2c:4c:0d:1c:d7:a8:86:cd:55:c2:7c:
e3:27:7e:be:82:da:df:a7:73:20:91:24:85:42:68:
d1:a8:31:3b:90:e9:6b:b1:06:f4:95:3f:10:af:32:
30:6c:9e:d3:65:9a:22:39:c6:e5:76:b1:64:3d:6d:
08:1a:4c:fd:91:ca:59:d6:9f:b7:7d:ed:4e:5c:f4:
ad:52:35:65:ac:d1:ac:cd:23:e7:08:71:3f:7b:4d:
fe:15:bb:68:59:c0:d1:0d:26:9a:bd:18:a1:17:4f:
71:bd:04:3b:50:df:3a:55:93:2f:bf:e8:11:bb:88:
6d:bc:b8:03:39:57:44:5e:07:72:8a:7c:d3:d1:86:
4b:29:82:d8:4f:bb:72:2d:79:ea:11:4c:8f:4c:29:
84:cd:da:71:70:b9:9a:0d:0b:9a:48:0e:c5:a0:88:
44:3e:1f:f5:b5:25:4c:0f:bc:c1:b6:39:99:16:03:
fa:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FD:85:5B:75:69:0B:16:1B:68:85:F9:6F:6B:51:38:69:06:C9:DE
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/J_2FW3VpCxYbaIX5b2tROGkGyd4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:4d:72:d4:b2:ef:5b:42:51:87:1f:37:d7:b6:06:bd:77:32:
e6:74:32:51:39:8b:8b:de:09:02:2e:f4:5b:5e:49:87:1a:a1:
f8:40:34:4c:f7:49:03:57:91:2d:06:74:a0:c6:5e:0e:be:a3:
a9:b6:4c:9b:12:50:91:07:94:d2:79:52:d3:00:cc:09:10:c9:
86:b3:cf:48:83:91:47:85:d3:06:83:33:7e:61:ba:a7:51:f5:
a6:1b:1b:8b:46:34:61:09:bc:e4:c8:fc:e8:34:37:5d:bc:ab:
eb:22:b3:48:25:b5:8b:e5:af:be:05:6a:5b:32:b6:8a:59:56:
36:df:18:d5:13:64:49:92:43:ed:d1:dc:4b:a9:49:16:d9:e3:
a8:b4:50:13:0e:16:35:97:b3:2f:40:fc:a0:65:61:80:f8:4f:
73:79:e8:21:ab:ef:cf:30:66:30:48:20:22:8f:0c:d6:5b:7a:
2e:af:76:dd:48:ac:90:f5:51:fd:a1:68:e3:48:fd:fc:42:68:
4f:da:61:38:4b:6a:6f:e7:ae:b1:28:ed:b0:f4:65:a8:7c:e7:
4a:05:8f:1d:2c:4b:9e:a7:a2:6c:59:31:29:59:63:81:c4:ce:
24:ba:f7:df:69:92:06:d4:0f:8a:67:23:9f:98:52:7f:83:6b:
75:73:0c:9f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI3RkQ4NTVCNzU2OTBC
MTYxQjY4ODVGOTZGNkI1MTM4NjkwNkM5REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9HR88Ga6O2rpYYVHnkLFYoWkxPkCSt2rS0+62Jk39rxJttHm6
jtFvYF2n2Scle8EDteSB8D8eiKEarCYKZad1TFEjHduxFELpYolB2hksTA0c16iG
zVXCfOMnfr6C2t+ncyCRJIVCaNGoMTuQ6WuxBvSVPxCvMjBsntNlmiI5xuV2sWQ9
bQgaTP2RylnWn7d97U5c9K1SNWWs0azNI+cIcT97Tf4Vu2hZwNENJpq9GKEXT3G9
BDtQ3zpVky+/6BG7iG28uAM5V0ReB3KKfNPRhkspgthPu3IteeoRTI9MKYTN2nFw
uZoNC5pIDsWgiEQ+H/W1JUwPvMG2OZkWA/pNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJ/2FW3VpCxYbaIX5b2tROGkGyd4wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vSl8yRlczVnBDeFliYUlYNWIydFJP
R2tHeWQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcUKDAN
BgkqhkiG9w0BAQsFAAOCAQEATk1y1LLvW0JRhx8317YGvXcy5nQyUTmLi94JAi70
W15Jhxqh+EA0TPdJA1eRLQZ0oMZeDr6jqbZMmxJQkQeU0nlS0wDMCRDJhrPPSIOR
R4XTBoMzfmG6p1H1phsbi0Y0YQm85Mj86DQ3Xbyr6yKzSCW1i+WvvgVqWzK2illW
Nt8Y1RNkSZJD7dHcS6lJFtnjqLRQEw4WNZezL0D8oGVhgPhPc3noIavvzzBmMEgg
Io8M1lt6Lq923UiskPVR/aFo40j9/EJoT9phOEtqb+eusSjtsPRlqHznSgWPHSxL
nqeibFkxKVljgcTOJLr332mSBtQPimcjn5hSf4NrdXMMnw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:18:40 2023 by rpki-client on console-fra.rpki-client.org