Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/P-uF4Hxk2C1zPe1nAfBdhVijD9I.roa
File: P-uF4Hxk2C1zPe1nAfBdhVijD9I.roa (raw, json)
Hash identifier: ooGiGIkG9BefG9mC2UZxyi0/Q2yh4/4N21ca0BDKst0=
Subject key identifier: 3F:EB:85:E0:7C:64:D8:2D:73:3D:ED:67:01:F0:5D:85:58:A3:0F:D2
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/P-uF4Hxk2C1zPe1nAfBdhVijD9I.roa
Signing time: Thu 15 Sep 2022 02:42:24 +0000
ROA not before: Thu 15 Sep 2022 02:42:24 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.40.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:24 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3FEB85E07C64D82D733DED6701F05D8558A30FD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4f:7d:d7:ae:8a:74:45:5b:25:d9:eb:c9:dd:
fa:a7:f4:98:20:0f:f1:98:75:b9:bd:72:6e:16:8b:
48:15:44:15:23:0b:f3:89:26:43:72:81:ae:b8:d5:
d1:9e:94:b2:59:72:e9:9b:ab:74:a0:d2:7d:80:ac:
98:b1:2c:ae:0f:8f:55:e3:54:ab:74:de:71:8d:ab:
5d:ae:f1:c6:0e:0c:bc:38:d8:7e:fd:5c:3c:84:5e:
44:b6:17:1c:c4:7a:e7:e9:5d:69:60:64:a5:bd:c1:
2d:93:44:ef:c3:32:f0:01:9f:c7:69:ba:3c:48:8d:
c3:c3:b1:50:b3:5d:a8:09:ea:e0:01:20:a8:c4:3a:
04:d8:77:af:10:05:3d:30:48:60:a4:c9:21:16:09:
db:8b:ec:00:33:e8:9b:72:a5:69:09:e6:de:c9:51:
47:bb:d4:e4:53:57:f3:20:c6:8b:cc:56:a1:fb:d7:
59:a0:64:71:66:f4:b0:e5:eb:5b:5a:06:d0:07:cb:
97:08:55:55:07:35:c2:f2:e9:02:72:8e:f7:f9:b8:
a9:13:66:fe:e8:b0:00:c2:6b:e5:09:80:3d:30:af:
71:04:ab:72:aa:87:33:b0:9c:38:da:68:2d:09:07:
2c:b8:64:67:70:4a:c1:db:57:76:6b:82:3f:23:cc:
b2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EB:85:E0:7C:64:D8:2D:73:3D:ED:67:01:F0:5D:85:58:A3:0F:D2
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/P-uF4Hxk2C1zPe1nAfBdhVijD9I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.40.0/21
Signature Algorithm: sha256WithRSAEncryption
58:d0:79:a5:d4:3d:a9:84:b5:a8:15:f2:4c:c8:a7:a7:5d:00:
56:4a:40:ce:c1:9c:43:e0:5d:be:b8:3d:9c:12:91:f2:5c:9a:
b7:1c:1e:a0:8f:ea:6d:94:86:d3:ae:b4:93:3f:bd:05:6d:00:
7e:3a:42:0a:93:22:c0:ca:57:33:12:0f:66:30:71:be:c6:6e:
9b:f3:52:f0:bf:5b:99:8e:98:9e:18:4d:6a:55:b8:8f:61:74:
4c:56:92:af:1b:93:cc:58:cf:fc:5b:7d:94:34:8e:f9:98:36:
89:38:59:dc:48:dd:ef:83:3b:60:71:67:9c:05:c0:ff:da:14:
0b:b3:4a:37:67:40:c6:ce:61:1c:fc:3a:3e:9a:0b:d2:f2:cc:
04:d7:76:40:49:c4:9e:80:95:8f:d4:a6:a3:d4:9d:f7:43:03:
7f:2e:b3:71:38:6c:d1:2d:cf:08:59:d0:5d:1c:26:d5:69:27:
0f:d4:a6:4c:1c:10:4f:85:40:6f:ab:b6:13:11:5c:f1:35:34:
10:37:3d:3d:45:02:16:c7:71:af:16:9a:ad:38:a1:38:3b:55:
6f:f0:83:cf:d8:3c:48:b9:a5:ea:1b:26:ef:31:ce:f4:00:59:
11:e1:6f:2f:b6:6b:40:8a:c9:90:06:76:df:13:e4:41:de:a7:
06:e1:48:c0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMjRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNGRUI4NUUwN0M2NEQ4
MkQ3MzNERUQ2NzAxRjA1RDg1NThBMzBGRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsT33Xrop0RVsl2evJ3fqn9JggD/GYdbm9cm4Wi0gVRBUjC/OJ
JkNyga641dGelLJZcumbq3Sg0n2ArJixLK4Pj1XjVKt03nGNq12u8cYODLw42H79
XDyEXkS2FxzEeufpXWlgZKW9wS2TRO/DMvABn8dpujxIjcPDsVCzXagJ6uABIKjE
OgTYd68QBT0wSGCkySEWCduL7AAz6JtypWkJ5t7JUUe71ORTV/MgxovMVqH711mg
ZHFm9LDl61taBtAHy5cIVVUHNcLy6QJyjvf5uKkTZv7osADCa+UJgD0wr3EEq3Kq
hzOwnDjaaC0JByy4ZGdwSsHbV3Zrgj8jzLK5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUP+uF4Hxk2C1zPe1nAfBdhVijD9IwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUC11RjRIeGsyQzF6UGUxbkFmQmRo
VmlqRDlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bKDAN
BgkqhkiG9w0BAQsFAAOCAQEAWNB5pdQ9qYS1qBXyTMinp10AVkpAzsGcQ+Bdvrg9
nBKR8lyatxweoI/qbZSG0660kz+9BW0AfjpCCpMiwMpXMxIPZjBxvsZum/NS8L9b
mY6YnhhNalW4j2F0TFaSrxuTzFjP/Ft9lDSO+Zg2iThZ3Ejd74M7YHFnnAXA/9oU
C7NKN2dAxs5hHPw6PpoL0vLMBNd2QEnEnoCVj9Smo9Sd90MDfy6zcThs0S3PCFnQ
XRwm1WknD9SmTBwQT4VAb6u2ExFc8TU0EDc9PUUCFsdxrxaarTihODtVb/CDz9g8
SLml6hsm7zHO9ABZEeFvL7ZrQIrJkAZ23xPkQd6nBuFIwA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org