Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/HU1abrOfO-EdZP8P4u-a4PHGYlw.roa
File: HU1abrOfO-EdZP8P4u-a4PHGYlw.roa (raw, json)
Hash identifier: 4tLnCJSavOYKWvQ8paB9ZHZ8D8eDQ5oZz9ZptTp5NDc=
Subject key identifier: 1D:4D:5A:6E:B3:9F:3B:E1:1D:64:FF:0F:E2:EF:9A:E0:F1:C6:62:5C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 102D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HU1abrOfO-EdZP8P4u-a4PHGYlw.roa
Signing time: Tue 16 May 2023 08:35:50 +0000
ROA not before: Tue 16 May 2023 08:35:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 203.79.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4141 (0x102d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:35:50 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1D4D5A6EB39F3BE11D64FF0FE2EF9AE0F1C6625C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:a4:99:c8:95:bb:fb:8a:cd:31:f0:aa:b5:
c0:54:ed:77:78:0f:b6:d3:b0:60:f6:a0:1e:91:44:
02:55:39:e5:2d:da:0d:77:d2:4c:db:71:11:03:fa:
59:dc:19:4b:6f:a8:9d:51:d2:85:67:c6:69:b3:16:
83:87:76:de:17:2d:52:3f:7b:83:9d:4b:aa:cf:d4:
5b:69:58:3b:c6:b6:8b:f8:b8:36:77:89:31:c9:56:
7e:17:b4:bb:f4:20:c7:1f:89:21:e1:f6:b0:ab:12:
77:40:8b:8f:a0:6c:77:da:c4:59:e1:f9:bc:d4:3b:
27:55:71:22:dc:24:ad:4c:46:05:11:c7:08:d3:d8:
36:e1:9d:f4:be:f4:ef:cc:68:ca:c7:2e:82:a7:50:
96:50:5b:cd:77:45:be:97:95:55:1f:b7:20:31:ee:
19:5f:9e:78:9e:93:dc:62:ca:ba:f0:71:17:4a:1e:
4b:cd:08:70:43:a9:ca:2c:63:37:41:c1:0c:7d:70:
1b:79:6c:99:27:74:ea:4e:93:e5:50:52:7c:6d:4f:
ca:ba:8b:ac:28:83:f3:92:01:14:75:17:9c:31:7f:
43:98:f2:a2:52:26:55:2e:2d:3d:53:ed:53:fa:f1:
64:24:4a:1e:ec:0f:d2:f4:c4:d3:d8:87:88:06:7d:
d9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:4D:5A:6E:B3:9F:3B:E1:1D:64:FF:0F:E2:EF:9A:E0:F1:C6:62:5C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HU1abrOfO-EdZP8P4u-a4PHGYlw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ed:61:8f:ee:a3:1a:43:5f:ac:c4:d5:72:5b:99:42:2d:9a:
ce:d2:32:c2:9d:0a:a8:8e:a5:b4:2d:d2:30:6c:76:4d:e8:cf:
81:82:10:f9:d4:79:80:cf:32:2d:1f:17:24:3b:62:0e:a4:e4:
47:c8:2c:5e:72:d4:5a:72:da:61:4f:98:9e:8a:be:ea:85:b6:
39:9d:1c:6b:2e:ee:e2:3f:f1:e4:5b:72:ab:0b:bf:55:9d:3c:
90:c3:da:e8:bf:e2:26:29:cc:78:8d:64:54:9f:0a:71:2a:5d:
c7:f1:14:8e:bd:57:23:d3:d8:97:9d:78:62:c2:09:b9:38:0a:
57:05:fc:66:55:e5:c6:30:e8:a9:cd:eb:6c:91:10:18:4f:65:
4f:1c:98:ce:81:59:8a:b7:c5:4f:5b:ad:fd:ec:fd:e1:db:49:
5b:b4:b0:f3:b7:ee:36:a5:aa:6d:02:67:76:ee:28:d4:fb:4f:
0b:a2:c1:31:4d:6b:9d:09:16:82:b1:da:f6:ab:e1:a5:a5:19:
7b:b4:27:90:bf:e4:24:ea:d9:71:d6:f2:2a:49:9c:0a:4c:79:
7e:df:03:6a:c7:8c:6b:59:c4:9a:8a:6b:a7:66:e5:da:9c:ee:
ea:10:9b:19:96:e4:37:43:17:0a:ac:1a:08:69:a0:56:34:ac:
9e:42:0a:7e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFENEQ1QTZFQjM5RjNC
RTExRDY0RkYwRkUyRUY5QUUwRjFDNjYyNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDEaSZyJW7+4rNMfCqtcBU7Xd4D7bTsGD2oB6RRAJVOeUt2g13
0kzbcRED+lncGUtvqJ1R0oVnxmmzFoOHdt4XLVI/e4OdS6rP1FtpWDvGtov4uDZ3
iTHJVn4XtLv0IMcfiSHh9rCrEndAi4+gbHfaxFnh+bzUOydVcSLcJK1MRgURxwjT
2DbhnfS+9O/MaMrHLoKnUJZQW813Rb6XlVUftyAx7hlfnniek9xiyrrwcRdKHkvN
CHBDqcosYzdBwQx9cBt5bJkndOpOk+VQUnxtT8q6i6wog/OSARR1F5wxf0OY8qJS
JlUuLT1T7VP68WQkSh7sD9L0xNPYh4gGfdnDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHU1abrOfO+EdZP8P4u+a4PHGYlwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSFUxYWJyT2ZPLUVkWlA4UDR1LWE0
UEhHWWx3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMtP+zAN
BgkqhkiG9w0BAQsFAAOCAQEALe1hj+6jGkNfrMTVcluZQi2aztIywp0KqI6ltC3S
MGx2TejPgYIQ+dR5gM8yLR8XJDtiDqTkR8gsXnLUWnLaYU+Ynoq+6oW2OZ0cay7u
4j/x5Ftyqwu/VZ08kMPa6L/iJinMeI1kVJ8KcSpdx/EUjr1XI9PYl514YsIJuTgK
VwX8ZlXlxjDoqc3rbJEQGE9lTxyYzoFZirfFT1ut/ez94dtJW7Sw87fuNqWqbQJn
du4o1PtPC6LBMU1rnQkWgrHa9qvhpaUZe7QnkL/kJOrZcdbyKkmcCkx5ft8DaseM
a1nEmoprp2bl2pzu6hCbGZbkN0MXCqwaCGmgVjSsnkIKfg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:18 2023 by rpki-client on console-ams.rpki-client.org