Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/AjvYBZjxMtd9mMtwyPgJvT_55PE.roa
File: AjvYBZjxMtd9mMtwyPgJvT_55PE.roa (raw, json)
Hash identifier: a+HrT4xwpJTVNjQVdtKhx5xwe4SlBPqKGUbIv8kqZFo=
Subject key identifier: 02:3B:D8:05:98:F1:32:D7:7D:98:CB:70:C8:F8:09:BD:3F:F9:E4:F1
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AjvYBZjxMtd9mMtwyPgJvT_55PE.roa
Signing time: Thu 15 Sep 2022 02:39:54 +0000
ROA not before: Thu 15 Sep 2022 02:39:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.200.64.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:39:54 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=023BD80598F132D77D98CB70C8F809BD3FF9E4F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:21:cd:57:0c:ef:f3:4d:42:16:14:eb:6c:
f5:1f:2d:eb:d3:25:7f:08:98:5d:94:f3:97:84:7b:
7d:fd:7f:6d:93:b6:ae:53:48:e7:69:dc:53:45:b9:
a1:22:8d:75:48:a9:36:da:d1:97:fc:01:97:62:dd:
a8:d6:2f:43:76:b6:80:fb:2b:f2:02:12:b1:b8:2b:
4f:d6:12:e4:67:64:f5:bc:2b:ad:93:72:f1:e6:2c:
0c:46:05:7f:b4:5e:c2:2b:49:f0:fe:74:f5:0b:6b:
75:7f:d3:a7:d8:27:f2:25:e5:5d:20:9b:c6:f0:ac:
37:1d:bd:1f:b5:8e:66:57:11:d6:a7:a9:48:66:ad:
7d:e3:8d:f9:ac:4f:09:79:b1:5b:ff:7a:5c:b1:0f:
2d:99:3f:f0:18:f2:5e:5b:6c:3d:8e:1f:41:8f:87:
8d:77:91:b5:36:1f:88:ba:54:5b:db:37:c1:d8:6c:
ff:13:11:fc:70:ae:ef:79:01:03:7d:d9:3f:3c:f0:
48:2f:6b:a1:60:4c:1f:48:a2:f1:f1:44:68:37:17:
12:70:6f:aa:c4:80:26:ad:7d:41:a9:6c:ea:ba:50:
56:1d:9e:16:c2:e5:9f:7e:7b:dd:b9:36:ae:d0:08:
d7:cb:02:6e:03:7e:49:2b:f2:f2:2f:ed:4b:64:4e:
d4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3B:D8:05:98:F1:32:D7:7D:98:CB:70:C8:F8:09:BD:3F:F9:E4:F1
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AjvYBZjxMtd9mMtwyPgJvT_55PE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2a:aa:e6:8a:3c:63:87:c4:2e:72:b8:5e:78:ee:b7:ed:03:e1:
0c:fd:da:7d:e8:2d:00:71:5e:25:2b:70:05:a6:98:08:6b:11:
1b:20:d3:82:a6:c4:7a:0c:a2:ea:59:8f:d1:6e:45:d2:e5:6d:
97:84:1b:e9:4e:35:44:da:cf:b2:d3:60:a1:55:dd:19:5d:89:
60:f7:3c:27:33:9e:f4:16:0a:26:dd:83:5a:88:29:aa:45:cb:
43:44:85:e1:68:17:26:60:bb:c8:2c:6b:38:81:36:dd:fa:b3:
18:da:d3:67:17:8a:89:b7:68:43:11:6e:9c:aa:bd:87:90:9c:
98:9c:44:2b:3e:a2:ed:02:c0:12:3c:e3:33:ab:b0:85:81:c6:
7f:87:b5:50:7d:48:48:f5:6e:f0:16:0d:01:bd:d1:b0:5e:82:
98:1e:52:72:c7:86:0a:2f:d0:2c:06:b0:eb:86:d3:3d:66:83:
77:2e:a6:3b:92:a7:cf:22:7f:5c:01:57:3e:ea:83:aa:ac:84:
0f:34:a5:bc:8a:c4:ad:aa:be:49:cf:65:14:06:6d:29:03:50:
ee:ec:1b:a9:c4:db:c3:20:62:33:82:c0:e6:a1:3b:54:ff:64:
ca:2a:76:00:de:dc:e6:6a:ce:fe:dd:56:57:61:a5:27:20:69:
54:7d:7e:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDAyM0JEODA1OThGMTMy
RDc3RDk4Q0I3MEM4RjgwOUJEM0ZGOUU0RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7niHNVwzv801CFhTrbPUfLevTJX8ImF2U85eEe339f22Ttq5T
SOdp3FNFuaEijXVIqTba0Zf8AZdi3ajWL0N2toD7K/ICErG4K0/WEuRnZPW8K62T
cvHmLAxGBX+0XsIrSfD+dPULa3V/06fYJ/Il5V0gm8bwrDcdvR+1jmZXEdanqUhm
rX3jjfmsTwl5sVv/elyxDy2ZP/AY8l5bbD2OH0GPh413kbU2H4i6VFvbN8HYbP8T
Efxwru95AQN92T888Egva6FgTB9IovHxRGg3FxJwb6rEgCatfUGpbOq6UFYdnhbC
5Z9+e925Nq7QCNfLAm4Dfkkr8vIv7UtkTtQnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAjvYBZjxMtd9mMtwyPgJvT/55PEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQWp2WUJaanhNdGQ5bU10d3lQZ0p2
VF81NVBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKqrmijxjh8QucrheeO637QPhDP3afegtAHFeJStw
BaaYCGsRGyDTgqbEegyi6lmP0W5F0uVtl4Qb6U41RNrPstNgoVXdGV2JYPc8JzOe
9BYKJt2DWogpqkXLQ0SF4WgXJmC7yCxrOIE23fqzGNrTZxeKibdoQxFunKq9h5Cc
mJxEKz6i7QLAEjzjM6uwhYHGf4e1UH1ISPVu8BYNAb3RsF6CmB5ScseGCi/QLAaw
64bTPWaDdy6mO5KnzyJ/XAFXPuqDqqyEDzSlvIrEraq+Sc9lFAZtKQNQ7uwbqcTb
wyBiM4LA5qE7VP9kyip2AN7c5mrO/t1WV2GlJyBpVH1+IQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org