Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/3545bcezzNS441gt-jkyzl_b86g.roa
File: 3545bcezzNS441gt-jkyzl_b86g.roa (raw, json)
Hash identifier: O0BpvTR3nBVOEuF2Kn/PGM6Ne+tlNLp+lvrBKFVknbQ=
Subject key identifier: DF:9E:39:6D:C7:B3:CC:D4:B8:E3:58:2D:FA:39:32:CE:5F:DB:F3:A8
Certificate issuer: /CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
Certificate serial: BF
Authority key identifier: EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/3545bcezzNS441gt-jkyzl_b86g.roa
Signing time: Fri 05 Jul 2024 08:15:16 +0000
ROA not before: Fri 05 Jul 2024 08:15:16 +0000
ROA not after: Fri 04 Oct 2024 07:31:42 +0000
asID: 139076
IP address blocks: 202.160.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 07:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191 (0xbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
Validity
Not Before: Jul 5 08:15:16 2024 GMT
Not After : Oct 4 07:31:42 2024 GMT
Subject: CN=DF9E396DC7B3CCD4B8E3582DFA3932CE5FDBF3A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:25:47:da:d2:24:06:10:08:2b:a4:26:ee:
b1:e7:84:23:d1:04:41:0b:b9:05:d9:a7:b4:36:3d:
4d:d9:4e:d3:00:6a:db:b2:ca:8b:d5:77:e8:69:dc:
b8:a5:7b:8c:60:fa:2c:c8:3d:04:8b:ed:b6:67:a3:
5b:ea:3e:fe:89:c5:a4:d1:8f:70:e4:bf:be:e6:c7:
62:c3:cf:c2:f8:1f:b0:ac:44:cc:69:d4:5a:3d:47:
cc:74:91:59:59:d7:54:f0:54:e3:8d:b4:a0:ce:f2:
b9:7f:23:17:09:8f:b6:88:7e:0e:42:db:cd:ce:27:
58:1e:cf:ea:5a:74:12:ed:c2:75:77:dd:df:ad:c9:
39:b7:b7:3b:13:ab:0b:bf:68:85:f5:38:8c:28:10:
19:07:64:94:0e:0e:37:6c:33:1d:b2:50:01:d2:58:
04:29:57:84:94:7e:03:c2:66:e5:66:6e:a8:3c:48:
96:bc:d0:d3:b7:90:eb:f4:67:b7:98:3c:30:59:0c:
bf:c1:02:21:0e:da:4c:63:fe:0d:5a:81:ea:b5:7d:
ae:b7:ba:54:9e:6d:f8:a6:eb:7b:51:8f:bd:92:cd:
50:ab:d4:32:34:11:e9:85:66:37:a0:59:74:0e:8d:
fe:b0:29:2c:22:38:bf:92:61:00:8c:12:8c:20:ed:
1b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9E:39:6D:C7:B3:CC:D4:B8:E3:58:2D:FA:39:32:CE:5F:DB:F3:A8
X509v3 Authority Key Identifier:
keyid:EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/7NL9w4Uip0pCLee9HAJtVeCNnpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/3545bcezzNS441gt-jkyzl_b86g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.64.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:a6:44:29:ea:b8:35:24:48:5a:84:aa:22:c5:da:ca:a9:c5:
4d:ca:a9:0e:af:c5:3c:98:90:15:88:5d:af:ae:35:0c:33:4d:
5d:6c:ab:f3:bd:11:ac:0f:4b:3c:89:8f:43:ad:12:42:f7:7e:
3c:bf:13:36:e5:54:5d:e6:9c:fa:13:d5:68:fa:42:22:a7:66:
6f:53:3f:18:d7:08:9a:ba:55:a9:fd:c1:06:4a:f1:ad:18:cb:
a5:32:14:49:a2:ef:e6:41:6c:84:a6:57:09:b8:76:c7:20:44:
fc:51:76:7b:0e:c6:e7:0a:ad:f0:e2:cc:37:8a:e7:ed:65:ef:
9c:de:b1:a5:c7:2a:6f:bd:d5:87:0c:ac:47:31:91:34:ec:70:
c2:58:c0:43:d4:52:db:84:99:6f:65:6a:fa:a3:e5:57:b7:6e:
a7:21:c9:ef:32:46:52:5f:93:3f:28:1e:ef:69:d2:12:13:c1:
a7:1a:fb:9a:ef:74:8d:d4:01:19:6e:30:84:6c:f2:99:9a:f9:
37:2f:19:b1:86:1c:4b:c1:2b:c6:c2:02:63:1a:db:5b:8a:b0:
c0:7e:04:c8:01:c0:b7:5c:55:7c:1e:77:ec:fc:e9:74:57:93:
ed:b9:d5:27:8f:d0:5b:12:1d:50:ac:c5:33:7d:22:0c:19:11:
ed:e6:b3:1b
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUNE
MkZEQzM4NTIyQTc0QTQyMkRFN0JEMUMwMjZENTVFMDhEOUU5QTAeFw0yNDA3MDUw
ODE1MTZaFw0yNDEwMDQwNzMxNDJaMDMxMTAvBgNVBAMTKERGOUUzOTZEQzdCM0ND
RDRCOEUzNTgyREZBMzkzMkNFNUZEQkYzQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqLyVH2tIkBhAIK6Qm7rHnhCPRBEELuQXZp7Q2PU3ZTtMAatuy
yovVd+hp3Lile4xg+izIPQSL7bZno1vqPv6JxaTRj3Dkv77mx2LDz8L4H7CsRMxp
1Fo9R8x0kVlZ11TwVOONtKDO8rl/IxcJj7aIfg5C283OJ1gez+padBLtwnV33d+t
yTm3tzsTqwu/aIX1OIwoEBkHZJQODjdsMx2yUAHSWAQpV4SUfgPCZuVmbqg8SJa8
0NO3kOv0Z7eYPDBZDL/BAiEO2kxj/g1ageq1fa63ulSebfim63tRj72SzVCr1DI0
EemFZjegWXQOjf6wKSwiOL+SYQCMEowg7RvlAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU3545bcezzNS441gt+jkyzl/b86gwHwYDVR0jBBgwFoAU7NL9w4Uip0pCLee9
HAJtVeCNnpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxL
RVJBLzdOTDl3NFVpcDBwQ0xlZTlIQUp0VmVDTm5wby5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvN05MOXc0VWlwMHBDTGVlOUhBSnRWZUNObnBvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxLRVJBLzM1NDViY2V6ek5T
NDQxZ3Qtamt5emxfYjg2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPKoEAwDQYJKoZIhvcNAQELBQADggEBAD2mRCnquDUkSFqEqiLF2sqpxU3K
qQ6vxTyYkBWIXa+uNQwzTV1sq/O9EawPSzyJj0OtEkL3fjy/EzblVF3mnPoT1Wj6
QiKnZm9TPxjXCJq6Van9wQZK8a0Yy6UyFEmi7+ZBbISmVwm4dscgRPxRdnsOxucK
rfDizDeK5+1l75zesaXHKm+91YcMrEcxkTTscMJYwEPUUtuEmW9lavqj5Ve3bqch
ye8yRlJfkz8oHu9p0hITwaca+5rvdI3UARluMIRs8pma+TcvGbGGHEvBK8bCAmMa
21uKsMB+BMgBwLdcVXwed+z86XRXk+251SeP0FsSHVCsxTN9IgwZEe3msxs=
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:46:30 2024 by rpki-client on console-fra.rpki-client.org