Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ULC/YZZw9GOh4MdQUxWcFxR--JynfsU.roa
File: YZZw9GOh4MdQUxWcFxR--JynfsU.roa (raw, json)
Hash identifier: HMFVG+nApnj7P9Z2rrDqr9tBkoINFWL0rdY5YCn4cT4=
Subject key identifier: 61:96:70:F4:63:A1:E0:C7:50:53:15:9C:17:14:7E:F8:9C:A7:7E:C5
Certificate issuer: /CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Certificate serial: 048D
Authority key identifier: BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/YZZw9GOh4MdQUxWcFxR--JynfsU.roa
Signing time: Mon 26 Aug 2024 05:34:33 +0000
ROA not before: Mon 26 Aug 2024 05:34:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 134823
IP address blocks: 103.157.42.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 17:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1165 (0x48d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Validity
Not Before: Aug 26 05:34:33 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=619670F463A1E0C75053159C17147EF89CA77EC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c9:9f:a5:89:2d:96:03:5d:07:4e:c4:b9:09:
d3:1f:82:cf:92:5b:2d:4c:45:b9:06:97:b9:0c:3d:
8e:5c:a0:00:bc:51:ea:a9:af:8f:c0:a7:f6:ec:fd:
d5:46:3a:ab:4c:cf:96:7e:51:d8:58:8e:a0:99:d5:
a3:2b:08:b6:a2:23:7b:a2:bb:b6:ed:7f:f4:da:45:
08:04:6e:5b:21:42:26:b3:b6:d1:ae:22:7f:b8:ae:
52:cb:35:af:ae:77:a1:f8:44:de:bd:49:70:06:fb:
9e:be:d0:c2:7e:ec:44:20:b8:c3:d6:31:aa:7b:ae:
46:8b:68:f1:fa:1d:72:8b:bb:a2:61:61:73:69:c1:
25:5e:0e:3e:12:06:ef:5f:24:3f:9e:eb:e6:88:87:
71:c8:93:9c:ba:c5:2b:04:a4:c6:e6:a8:4b:ff:b0:
a7:3f:28:7c:40:c2:75:89:70:d6:aa:07:7e:be:38:
5e:88:d3:78:9f:60:16:bd:c8:0f:42:2d:f7:9e:20:
0a:5d:98:ce:8d:90:18:a7:9a:d9:83:51:2d:8a:30:
08:c9:64:61:ac:f5:9b:50:cb:c9:58:c9:5b:83:dc:
6c:73:85:d7:03:d3:37:8d:d7:35:de:4f:ad:bc:e8:
de:d5:7b:55:d7:11:d8:56:cf:b9:5c:1f:fc:0c:10:
f2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:96:70:F4:63:A1:E0:C7:50:53:15:9C:17:14:7E:F8:9C:A7:7E:C5
X509v3 Authority Key Identifier:
keyid:BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/v7t_e1xYMjSQh1hJuO3aSV7xexs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/YZZw9GOh4MdQUxWcFxR--JynfsU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.42.0/23
Signature Algorithm: sha256WithRSAEncryption
72:9e:db:dc:46:74:b9:cc:6d:6d:b8:5f:46:16:dc:c4:82:c7:
fd:52:d5:c8:0a:5b:ec:1d:f6:68:bf:1e:77:93:f5:80:70:5a:
be:d6:b7:74:86:89:42:7a:1c:2a:c9:72:45:07:44:91:da:9b:
11:0d:0c:07:a0:5e:35:92:f1:fd:02:b0:b1:a9:4c:dd:3c:e2:
00:1e:eb:3e:86:3a:6e:ce:b4:f0:65:2a:6f:73:3f:4d:d9:26:
34:e9:9b:8a:02:b6:73:02:7b:1e:5f:31:c5:fa:4a:f7:a0:7e:
f9:62:3f:d6:b0:b0:1b:f8:f7:91:fa:41:d2:9f:2f:f0:e7:93:
39:65:cf:82:72:51:5d:ed:35:05:ff:03:97:92:8e:8a:07:8a:
05:6f:6c:b9:df:c9:86:4d:e3:f4:b5:0d:26:eb:de:07:22:ef:
d6:4a:84:36:eb:07:3c:90:fe:96:68:5c:70:0e:9c:9b:20:bb:
8f:d0:d3:93:67:11:44:de:52:66:72:62:da:e0:9a:57:46:ad:
07:fa:a1:80:70:c0:23:c5:b7:a6:48:94:5b:cc:96:df:7a:73:
0e:7c:3d:c2:4a:53:22:41:15:1e:d8:9e:83:ec:c3:83:cd:e6:
18:1c:12:89:da:a6:7b:0f:7b:7c:7b:5f:7f:ea:e9:2a:31:ca:
ef:dc:e3:1d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkZC
QjdGN0I1QzU4MzIzNDkwODc1ODQ5QjhFRERBNDk1RUYxN0IxQjAeFw0yNDA4MjYw
NTM0MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYxOTY3MEY0NjNBMUUw
Qzc1MDUzMTU5QzE3MTQ3RUY4OUNBNzdFQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDByZ+liS2WA10HTsS5CdMfgs+SWy1MRbkGl7kMPY5coAC8Ueqp
r4/Ap/bs/dVGOqtMz5Z+UdhYjqCZ1aMrCLaiI3uiu7btf/TaRQgEblshQiazttGu
In+4rlLLNa+ud6H4RN69SXAG+56+0MJ+7EQguMPWMap7rkaLaPH6HXKLu6JhYXNp
wSVeDj4SBu9fJD+e6+aIh3HIk5y6xSsEpMbmqEv/sKc/KHxAwnWJcNaqB36+OF6I
03ifYBa9yA9CLfeeIApdmM6NkBinmtmDUS2KMAjJZGGs9ZtQy8lYyVuD3GxzhdcD
0zeN1zXeT6286N7Ve1XXEdhWz7lcH/wMEPLxAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUYZZw9GOh4MdQUxWcFxR++JynfsUwHwYDVR0jBBgwFoAUv7t/e1xYMjSQh1hJ
uO3aSV7xexswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL3Y3
dF9lMXhZTWpTUWgxaEp1TzNhU1Y3eGV4cy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djd0X2UxeFlNalNRaDFoSnVPM2FTVjd4ZXhzLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL1laWnc5R09oNE1kUVV4V2NGeFItLUp5
bmZzVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnnSowDQYJ
KoZIhvcNAQELBQADggEBAHKe29xGdLnMbW24X0YW3MSCx/1S1cgKW+wd9mi/HneT
9YBwWr7Wt3SGiUJ6HCrJckUHRJHamxENDAegXjWS8f0CsLGpTN084gAe6z6GOm7O
tPBlKm9zP03ZJjTpm4oCtnMCex5fMcX6SvegfvliP9awsBv495H6QdKfL/Dnkzll
z4JyUV3tNQX/A5eSjooHigVvbLnfyYZN4/S1DSbr3gci79ZKhDbrBzyQ/pZoXHAO
nJsgu4/Q05NnEUTeUmZyYtrgmldGrQf6oYBwwCPFt6ZIlFvMlt96cw58PcJKUyJB
FR7YnoPsw4PN5hgcEonapnsPe3x7X3/q6Soxyu/c4x0=
-----END CERTIFICATE-----
Generated at Sun Sep 22 21:24:35 2024 by rpki-client on console-ams.rpki-client.org