Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/CuMpznkSu7AN5KrAq1F5y-YtMmM.roa
File: CuMpznkSu7AN5KrAq1F5y-YtMmM.roa (raw, json)
Hash identifier: YZWCz2jUu4dSGFv89OYz1nCgVnOQZCu+CjGgCSKPyB0=
Subject key identifier: 0A:E3:29:CE:79:12:BB:B0:0D:E4:AA:C0:AB:51:79:CB:E6:2D:32:63
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10A3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CuMpznkSu7AN5KrAq1F5y-YtMmM.roa
Signing time: Tue 16 May 2023 08:36:26 +0000
ROA not before: Tue 16 May 2023 08:36:26 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 2404::/26 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4259 (0x10a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:26 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0AE329CE7912BBB00DE4AAC0AB5179CBE62D3263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:51:db:c0:58:83:24:bb:81:23:63:5c:d7:1e:
58:01:6c:60:c1:c4:44:06:8f:f3:da:64:90:3a:9e:
69:71:7a:b3:5a:3b:7f:38:04:a4:a7:76:6c:cb:d5:
ba:e1:b4:b9:cd:d3:7b:90:95:92:5e:f8:68:96:4b:
fa:e1:00:2d:ec:a9:1d:f8:39:07:03:2f:4a:1d:5a:
98:f1:a8:bf:f4:72:1e:5d:0f:6d:23:15:66:03:1a:
21:3e:0e:4a:ba:d1:ea:62:f1:7b:d3:91:77:df:8b:
f3:82:00:ff:84:f5:57:8a:53:d9:de:10:a5:9f:dc:
74:4c:53:f5:cc:b0:82:5e:d8:cd:e8:b3:23:5b:91:
8f:73:91:cb:94:0f:d2:95:90:13:b7:86:b1:88:bc:
c3:67:39:e4:2a:65:1c:c8:1f:07:fe:2a:cd:d0:ae:
0b:cb:1c:51:c7:83:63:7c:34:ff:b0:c9:ea:aa:5a:
98:9c:0b:67:d3:29:23:73:e7:69:d9:1f:c3:45:b4:
3e:1a:65:44:c8:da:59:a1:6c:a8:98:4e:f2:55:a7:
3d:cf:d0:23:46:98:29:c7:f8:2f:0c:f7:40:ae:09:
6c:d7:74:cd:3d:fa:b6:dd:ba:7b:4d:e5:74:83:ee:
e0:c0:86:18:0b:f5:3a:fd:2e:69:54:a9:f5:02:16:
ae:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E3:29:CE:79:12:BB:B0:0D:E4:AA:C0:AB:51:79:CB:E6:2D:32:63
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CuMpznkSu7AN5KrAq1F5y-YtMmM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404::/26
Signature Algorithm: sha256WithRSAEncryption
3b:3e:86:28:45:e5:89:06:5d:b7:29:75:2d:ab:7a:1b:3a:37:
62:84:ee:2f:10:da:38:bc:f6:7d:d0:bc:da:94:ae:ea:18:31:
31:79:09:65:ea:7c:a2:36:b6:b9:b2:b8:af:c0:91:7a:fc:53:
55:d5:4c:03:8a:57:74:35:e4:a5:0f:84:d4:fb:81:1b:e9:c2:
63:02:94:04:46:dd:55:d2:59:df:14:66:32:9e:ed:c3:b7:ab:
b0:6a:fe:3a:03:3f:56:22:d8:77:d7:b3:20:99:6f:03:46:65:
ed:f5:d2:cf:b1:76:53:eb:f0:80:22:64:7c:fc:35:9e:3f:b8:
55:c4:6c:55:f0:0e:c9:9a:d7:f0:a1:df:af:75:f3:e4:f7:bd:
7e:ac:8c:5f:49:4d:1f:6e:d3:a3:eb:54:f4:c8:cc:65:1d:88:
b9:19:5e:47:80:14:ba:28:59:78:72:72:ca:2c:5e:5a:d8:34:
bb:a1:4d:86:71:32:d8:40:0c:b9:01:3e:e0:a0:b3:af:59:7f:
89:f3:63:90:a2:04:1d:fc:3b:08:72:da:af:84:23:be:86:2b:
8e:8c:c7:34:ba:e8:a0:eb:32:07:c7:11:d1:19:c0:20:c1:83:
22:a0:ab:cf:e9:19:31:0c:d1:32:85:04:46:5e:25:d6:c3:d3:
65:22:d9:57
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICEKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBBRTMyOUNFNzkxMkJC
QjAwREU0QUFDMEFCNTE3OUNCRTYyRDMyNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJUdvAWIMku4EjY1zXHlgBbGDBxEQGj/PaZJA6nmlxerNaO384
BKSndmzL1brhtLnN03uQlZJe+GiWS/rhAC3sqR34OQcDL0odWpjxqL/0ch5dD20j
FWYDGiE+Dkq60epi8XvTkXffi/OCAP+E9VeKU9neEKWf3HRMU/XMsIJe2M3osyNb
kY9zkcuUD9KVkBO3hrGIvMNnOeQqZRzIHwf+Ks3QrgvLHFHHg2N8NP+wyeqqWpic
C2fTKSNz52nZH8NFtD4aZUTI2lmhbKiYTvJVpz3P0CNGmCnH+C8M90CuCWzXdM09
+rbduntN5XSD7uDAhhgL9Tr9LmlUqfUCFq67AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUCuMpznkSu7AN5KrAq1F5y+YtMmMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQ3VNcHpua1N1N0FONUtyQXExRjV5
LVl0TW1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBiQEAAAw
DQYJKoZIhvcNAQELBQADggEBADs+hihF5YkGXbcpdS2rehs6N2KE7i8Q2ji89n3Q
vNqUruoYMTF5CWXqfKI2trmyuK/AkXr8U1XVTAOKV3Q15KUPhNT7gRvpwmMClARG
3VXSWd8UZjKe7cO3q7Bq/joDP1Yi2HfXsyCZbwNGZe310s+xdlPr8IAiZHz8NZ4/
uFXEbFXwDsma1/Ch36918+T3vX6sjF9JTR9u06PrVPTIzGUdiLkZXkeAFLooWXhy
csosXlrYNLuhTYZxMthADLkBPuCgs69Zf4nzY5CiBB38Owhy2q+EI76GK46MxzS6
6KDrMgfHEdEZwCDBgyKgq8/pGTEM0TKFBEZeJdbD02Ui2Vc=
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:44 2023 by rpki-client on console-fra.rpki-client.org