Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/52Y83rCRsU4HlcNnFpwQ_Jtii0Y.roa
File: 52Y83rCRsU4HlcNnFpwQ_Jtii0Y.roa (raw, json)
Hash identifier: 0iW0tVu4T4tfwGIrGP08BnOdtbpFC+sJeigxnDK5O0E=
Subject key identifier: E7:66:3C:DE:B0:91:B1:4E:07:95:C3:67:16:9C:10:FC:9B:62:8B:46
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0CB6
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/52Y83rCRsU4HlcNnFpwQ_Jtii0Y.roa
Signing time: Fri 01 Sep 2023 09:59:37 +0000
ROA not before: Fri 01 Sep 2023 09:59:37 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24167
IP address blocks: 140.109.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 02:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3254 (0xcb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 1 09:59:37 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E7663CDEB091B14E0795C367169C10FC9B628B46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:d0:b2:6a:63:da:12:1d:88:28:a1:51:7d:
6e:f1:29:b8:26:8e:69:6a:26:39:b2:43:52:34:6a:
ff:1c:db:f7:d0:d5:4b:cc:c2:fc:65:b4:40:5b:c6:
77:c0:07:c2:b8:c5:18:4e:5e:f9:36:45:d8:9e:e6:
6e:c3:dd:bd:8c:e5:41:f2:75:83:6d:e9:2b:c9:04:
04:92:c9:41:8e:18:15:f3:ba:55:77:de:c5:d1:ee:
52:9e:b4:dd:af:27:41:b5:1e:eb:7c:49:05:0a:8c:
c2:66:8d:e6:ea:88:f1:d6:9b:e2:22:67:6a:e0:23:
e4:a7:5e:17:d6:f4:66:09:8f:c4:b8:4f:ae:bc:52:
dd:34:a8:0b:15:4e:c6:9d:5d:e6:be:f2:53:a5:01:
9e:90:41:cf:6b:9f:a6:85:20:79:66:77:d1:6a:89:
94:ef:7d:8c:de:14:41:81:64:52:4b:52:be:7f:77:
29:94:f1:07:7b:e7:c1:80:a6:0a:81:1e:9a:b8:53:
52:9f:b7:12:dc:3f:12:e3:cb:1e:dd:67:7a:d8:09:
a1:14:1a:12:14:04:29:88:50:6c:2b:55:4f:94:46:
f8:03:3e:9d:62:32:d5:31:73:c4:ea:06:fd:ea:91:
0a:1d:4a:30:cb:bc:de:e9:82:a3:b3:4d:1b:21:7d:
d8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:66:3C:DE:B0:91:B1:4E:07:95:C3:67:16:9C:10:FC:9B:62:8B:46
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/52Y83rCRsU4HlcNnFpwQ_Jtii0Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.109.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0b:d9:a5:59:23:fa:4d:9f:34:aa:e6:80:1d:00:2e:a1:56:
9c:5f:70:81:2c:e3:ed:f8:fe:4e:eb:53:2d:aa:0a:be:0f:79:
0c:89:43:8b:42:c1:ab:40:15:ae:f8:b5:be:19:00:dd:ae:6a:
3d:9f:c3:23:a2:a8:80:be:92:9e:4f:3d:a0:fc:8d:e2:55:6e:
5b:5b:98:e1:59:77:a4:7b:69:f1:46:c6:96:1f:54:09:48:eb:
26:69:15:c0:25:98:a4:b3:ec:65:56:a5:a6:38:e9:63:fd:58:
94:96:17:7d:3c:b7:4b:3b:7a:28:27:97:98:fc:a0:86:a1:e2:
14:73:80:f1:31:11:0d:c3:7c:87:21:5d:b9:78:4a:7f:7d:26:
aa:1b:05:2b:5b:dc:c9:10:d0:82:63:4c:10:e7:26:f2:1b:8c:
11:39:97:5c:f1:ad:dd:7a:83:eb:80:f0:a7:0f:9c:46:cc:7a:
2b:0d:72:13:68:b4:eb:2f:04:2e:b5:c0:7c:32:eb:df:db:dd:
22:24:30:24:95:2a:7c:d1:01:4e:c4:e0:c0:60:cc:d5:7f:6a:
ce:ef:86:c5:11:cb:2b:88:02:72:23:33:b4:04:03:71:72:78:
f0:b1:8a:a5:15:dc:a1:65:ae:15:26:d1:2a:0e:b7:a8:f8:b7:
cc:d2:3d:7d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDLYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MzdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEU3NjYzQ0RFQjA5MUIx
NEUwNzk1QzM2NzE2OUMxMEZDOUI2MjhCNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwz9CyamPaEh2IKKFRfW7xKbgmjmlqJjmyQ1I0av8c2/fQ1UvM
wvxltEBbxnfAB8K4xRhOXvk2Rdie5m7D3b2M5UHydYNt6SvJBASSyUGOGBXzulV3
3sXR7lKetN2vJ0G1Hut8SQUKjMJmjebqiPHWm+IiZ2rgI+SnXhfW9GYJj8S4T668
Ut00qAsVTsadXea+8lOlAZ6QQc9rn6aFIHlmd9FqiZTvfYzeFEGBZFJLUr5/dymU
8Qd758GApgqBHpq4U1KftxLcPxLjyx7dZ3rYCaEUGhIUBCmIUGwrVU+URvgDPp1i
MtUxc8TqBv3qkQodSjDLvN7pgqOzTRshfdghAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU52Y83rCRsU4HlcNnFpwQ/Jtii0YwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC81Mlk4M3JDUnNVNEhsY05uRnB3
UV9KdGlpMFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjG1i
MA0GCSqGSIb3DQEBCwUAA4IBAQAdC9mlWSP6TZ80quaAHQAuoVacX3CBLOPt+P5O
61Mtqgq+D3kMiUOLQsGrQBWu+LW+GQDdrmo9n8MjoqiAvpKeTz2g/I3iVW5bW5jh
WXeke2nxRsaWH1QJSOsmaRXAJZiks+xlVqWmOOlj/ViUlhd9PLdLO3ooJ5eY/KCG
oeIUc4DxMRENw3yHIV25eEp/fSaqGwUrW9zJENCCY0wQ5ybyG4wROZdc8a3deoPr
gPCnD5xGzHorDXITaLTrLwQutcB8Muvf290iJDAklSp80QFOxODAYMzVf2rO74bF
EcsriAJyIzO0BANxcnjwsYqlFdyhZa4VJtEqDreo+LfM0j19
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:45 2024 by rpki-client on console-fra.rpki-client.org