Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/POdiyUHbrcDvTe05zNgHljuIRzY.roa
File: POdiyUHbrcDvTe05zNgHljuIRzY.roa (raw, json)
Hash identifier: re9rWy1l6lpXtt81vPXxzRyZwc/IhG8d39P4WX/nXXk=
Subject key identifier: 3C:E7:62:C9:41:DB:AD:C0:EF:4D:ED:39:CC:D8:07:96:3B:88:47:36
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/POdiyUHbrcDvTe05zNgHljuIRzY.roa
Signing time: Thu 15 Sep 2022 02:42:30 +0000
ROA not before: Thu 15 Sep 2022 02:42:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 124.150.132.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3CE762C941DBADC0EF4DED39CCD807963B884736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7e:b1:94:2f:84:d2:b5:7d:8a:6d:7e:f5:af:
95:59:db:bc:50:b1:f0:88:ae:ed:d8:92:02:9b:ab:
3c:9d:cc:5c:20:5b:fd:8d:19:40:86:86:2b:5a:7f:
5a:44:38:1d:ed:67:c6:bc:6d:3b:65:70:00:5e:48:
c2:51:c1:a6:12:05:fc:a0:80:be:e0:21:6c:20:c7:
f7:e4:b1:83:6d:47:01:47:a8:b3:91:3d:e2:d6:67:
25:56:ef:f8:76:4c:7b:4f:dc:cf:82:70:6f:16:f4:
74:57:7c:7d:95:57:14:87:83:db:78:29:da:1d:75:
6f:63:1c:56:d1:5d:f7:22:9b:c9:30:ab:ca:ec:3f:
f2:05:33:61:3e:0e:b8:8d:3e:0a:f9:a4:30:68:ca:
40:60:f4:01:c0:69:fb:df:15:dc:2b:ce:2a:30:48:
ed:fe:b5:80:1f:98:bc:aa:eb:bb:59:1d:73:88:ca:
fd:fc:ff:b7:f6:e1:f2:a3:28:2e:99:62:37:b3:0c:
fb:1c:e5:d1:a9:8d:e6:f0:c3:c3:5e:ee:22:71:ff:
dc:c7:0c:8c:0f:f5:5e:af:fa:e4:3e:1a:45:2a:25:
40:b2:65:6a:e6:59:3f:67:1d:3c:17:7f:d7:05:5b:
b7:64:20:d4:23:2f:52:e1:d8:be:9a:8c:6f:99:74:
d3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E7:62:C9:41:DB:AD:C0:EF:4D:ED:39:CC:D8:07:96:3B:88:47:36
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/POdiyUHbrcDvTe05zNgHljuIRzY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.132.0/22
Signature Algorithm: sha256WithRSAEncryption
00:f3:55:4f:a8:de:b0:d5:bb:d1:66:f2:3b:cd:d6:85:99:2b:
e9:53:33:fe:71:9b:08:c8:b5:a0:92:f4:e3:a2:13:a1:65:eb:
19:3d:55:61:3d:38:63:e6:43:d9:4f:be:d9:7c:56:e7:34:81:
9b:95:3b:4a:c6:d9:1c:54:18:05:12:3a:b6:84:45:25:a3:26:
18:43:da:4a:e4:a3:5c:68:cc:29:95:48:78:87:6b:4b:a8:72:
b3:ac:2d:a0:3c:45:4f:3b:8a:7f:ce:d6:f2:12:c0:9b:c1:dc:
08:2e:e8:42:3b:4b:2a:17:1f:e4:72:5c:47:a9:7f:98:3d:20:
bb:97:5d:92:78:cb:e8:7b:85:b1:43:fe:d6:d3:28:f0:85:d9:
3e:20:75:7d:14:7a:6f:36:39:de:51:e0:ab:24:53:53:52:ee:
3a:5d:4a:13:6b:29:e8:ac:48:6e:f2:48:9a:27:0d:cc:46:e1:
88:bf:9c:e9:a9:7e:f1:91:f8:b7:0a:35:bf:d0:c4:4e:76:a0:
5f:b8:fe:c1:eb:49:1b:b4:aa:fd:15:59:22:3f:29:59:96:7a:
55:01:3b:00:70:a8:54:f2:d9:84:8e:4d:59:c1:a3:5d:83:8c:
4f:61:77:00:cb:6f:db:14:ba:e4:4b:52:40:f5:cf:a8:6d:da:
32:98:7d:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNDRTc2MkM5NDFEQkFE
QzBFRjRERUQzOUNDRDgwNzk2M0I4ODQ3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2frGUL4TStX2KbX71r5VZ27xQsfCIru3YkgKbqzydzFwgW/2N
GUCGhitaf1pEOB3tZ8a8bTtlcABeSMJRwaYSBfyggL7gIWwgx/fksYNtRwFHqLOR
PeLWZyVW7/h2THtP3M+CcG8W9HRXfH2VVxSHg9t4KdoddW9jHFbRXfcim8kwq8rs
P/IFM2E+DriNPgr5pDBoykBg9AHAafvfFdwrziowSO3+tYAfmLyq67tZHXOIyv38
/7f24fKjKC6ZYjezDPsc5dGpjebww8Ne7iJx/9zHDIwP9V6v+uQ+GkUqJUCyZWrm
WT9nHTwXf9cFW7dkINQjL1Lh2L6ajG+ZdNNJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPOdiyUHbrcDvTe05zNgHljuIRzYwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUE9kaXlVSGJyY0R2VGUwNXpOZ0hs
anVJUnpZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnyWhDAN
BgkqhkiG9w0BAQsFAAOCAQEAAPNVT6jesNW70WbyO83WhZkr6VMz/nGbCMi1oJL0
46IToWXrGT1VYT04Y+ZD2U++2XxW5zSBm5U7SsbZHFQYBRI6toRFJaMmGEPaSuSj
XGjMKZVIeIdrS6hys6wtoDxFTzuKf87W8hLAm8HcCC7oQjtLKhcf5HJcR6l/mD0g
u5ddknjL6HuFsUP+1tMo8IXZPiB1fRR6bzY53lHgqyRTU1LuOl1KE2sp6KxIbvJI
micNzEbhiL+c6al+8ZH4two1v9DETnagX7j+wetJG7Sq/RVZIj8pWZZ6VQE7AHCo
VPLZhI5NWcGjXYOMT2F3AMtv2xS65EtSQPXPqG3aMph9IQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:18:40 2023 by rpki-client on console-fra.rpki-client.org