Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/R5x19jiYNUXd9wopfJiVnvQfXMk.roa
File: R5x19jiYNUXd9wopfJiVnvQfXMk.roa (raw, json)
Hash identifier: h06xQkH1zKRRGWcmcxDsrMYSDmBTXnMiXvddenutr5E=
Subject key identifier: 47:9C:75:F6:38:98:35:45:DD:F7:0A:29:7C:98:95:9E:F4:1F:5C:C9
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0BA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/R5x19jiYNUXd9wopfJiVnvQfXMk.roa
Signing time: Thu 15 Sep 2022 02:42:32 +0000
ROA not before: Thu 15 Sep 2022 02:42:32 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38843
IP address blocks: 223.27.56.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2985 (0xba9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 15 02:42:32 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=479C75F638983545DDF70A297C98959EF41F5CC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4c:22:ed:c6:9c:a7:4a:68:4e:5a:e4:31:f1:
eb:25:6c:f4:91:94:70:3c:49:b7:36:11:c3:80:7f:
a6:2b:b5:a9:a3:ff:be:ee:26:a5:d8:cb:3a:c5:d9:
a3:21:64:b8:bd:3c:1d:2b:1b:01:15:ab:67:3a:7c:
de:1f:aa:2b:fb:48:f7:f5:9c:0c:3b:c1:3b:f7:41:
d5:e6:d5:7a:8b:b8:52:33:1d:03:95:89:47:02:5a:
6a:92:f7:15:bb:de:3b:39:70:a8:49:3a:be:5a:18:
c1:d0:0d:29:96:8b:73:05:3f:e0:fa:61:0d:04:5d:
d9:bf:59:48:c4:f5:d8:7b:49:c0:ad:49:8d:be:47:
79:00:03:3d:08:39:cd:6f:c1:b3:ca:7a:6e:d9:51:
05:39:51:8c:72:f5:80:ee:b4:cb:2b:c9:65:ce:4c:
b2:f7:df:47:d4:1c:37:21:07:8d:58:32:d1:af:11:
fd:94:c4:a0:2c:a4:1e:94:95:53:e2:9f:67:b7:c3:
1d:a6:09:a6:6b:d7:10:8b:57:4e:d3:77:ad:88:ef:
0c:7b:1d:cb:00:d9:0a:98:25:4d:e3:86:bb:04:9f:
7f:e9:af:6f:9a:b4:cc:7a:40:13:b0:74:d5:a2:2b:
f8:53:a6:65:88:2a:7f:69:3d:bf:35:b4:3a:36:69:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9C:75:F6:38:98:35:45:DD:F7:0A:29:7C:98:95:9E:F4:1F:5C:C9
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/R5x19jiYNUXd9wopfJiVnvQfXMk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.56.0/21
Signature Algorithm: sha256WithRSAEncryption
12:08:80:3c:6d:4e:2d:d0:48:2f:50:f5:7c:a9:1a:9e:cc:8c:
ce:64:de:34:76:b8:9c:d7:4c:b7:67:b1:66:8e:ba:94:df:aa:
7f:5d:02:9a:a6:45:63:13:3d:1e:ad:c4:30:ba:13:b9:07:ea:
bb:dd:9f:04:3b:ae:e4:56:41:66:e5:35:d4:36:68:08:3c:4d:
99:e3:ae:e2:65:52:37:25:c7:a8:7f:82:b6:bd:97:0a:3d:c2:
1c:12:48:f2:a4:a8:35:be:ae:d3:cd:33:52:15:81:a6:ae:bd:
bf:b2:f5:7e:55:5f:64:66:f6:b7:94:23:7d:08:97:6b:26:3a:
53:ba:6c:f5:93:33:7e:cc:78:02:60:53:f3:6a:dd:8d:cf:dd:
50:1b:17:1d:0b:4f:3c:fc:0f:b2:b4:ce:54:a7:2f:bb:58:fd:
02:73:8d:c3:5c:0f:ce:c1:d1:09:a6:3d:20:14:00:7f:5a:52:
82:e8:bc:96:7c:66:e0:79:28:78:4d:1c:49:a2:df:49:2e:1c:
aa:49:ce:21:b7:05:f9:70:70:4d:12:da:0d:b0:58:77:c0:ea:
d6:44:63:ee:9e:e1:5b:00:7a:28:da:f9:8e:be:a7:dc:81:60:
66:0d:fa:02:00:80:cd:72:cf:ff:f7:27:cf:7b:c2:13:00:97:
c8:d8:f4:9f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMjA5MTUw
MjQyMzJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQ3OUM3NUY2Mzg5ODM1
NDVEREY3MEEyOTdDOTg5NTlFRjQxRjVDQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGTCLtxpynSmhOWuQx8eslbPSRlHA8Sbc2EcOAf6Yrtamj/77u
JqXYyzrF2aMhZLi9PB0rGwEVq2c6fN4fqiv7SPf1nAw7wTv3QdXm1XqLuFIzHQOV
iUcCWmqS9xW73js5cKhJOr5aGMHQDSmWi3MFP+D6YQ0EXdm/WUjE9dh7ScCtSY2+
R3kAAz0IOc1vwbPKem7ZUQU5UYxy9YDutMsryWXOTLL330fUHDchB41YMtGvEf2U
xKAspB6UlVPin2e3wx2mCaZr1xCLV07Td62I7wx7HcsA2QqYJU3jhrsEn3/pr2+a
tMx6QBOwdNWiK/hTpmWIKn9pPb81tDo2aWKFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUR5x19jiYNUXd9wopfJiVnvQfXMkwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUjV4MTlqaVlOVVhkOXdvcGZKaVZu
dlFmWE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bODAN
BgkqhkiG9w0BAQsFAAOCAQEAEgiAPG1OLdBIL1D1fKkansyMzmTeNHa4nNdMt2ex
Zo66lN+qf10CmqZFYxM9Hq3EMLoTuQfqu92fBDuu5FZBZuU11DZoCDxNmeOu4mVS
NyXHqH+Ctr2XCj3CHBJI8qSoNb6u080zUhWBpq69v7L1flVfZGb2t5QjfQiXayY6
U7ps9ZMzfsx4AmBT82rdjc/dUBsXHQtPPPwPsrTOVKcvu1j9AnONw1wPzsHRCaY9
IBQAf1pSgui8lnxm4HkoeE0cSaLfSS4cqknOIbcF+XBwTRLaDbBYd8Dq1kRj7p7h
WwB6KNr5jr6n3IFgZg36AgCAzXLP//cnz3vCEwCXyNj0nw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org