Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/IF61QOTQ06F66az32SG-3QZZabs.roa
File: IF61QOTQ06F66az32SG-3QZZabs.roa (raw, json)
Hash identifier: XJto+F3V2vTvk7MLjteeicvQsDedw6LZjkTp3YpC1Cc=
Subject key identifier: 20:5E:B5:40:E4:D0:D3:A1:7A:E9:AC:F7:D9:21:BE:DD:06:59:69:BB
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1077
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IF61QOTQ06F66az32SG-3QZZabs.roa
Signing time: Tue 16 May 2023 08:36:14 +0000
ROA not before: Tue 16 May 2023 08:36:14 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9922
IP address blocks: 124.218.168.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4215 (0x1077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:14 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=205EB540E4D0D3A17AE9ACF7D921BEDD065969BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bf:52:04:0b:92:4f:00:8c:d3:8d:db:2f:7e:
48:47:07:8a:ca:1f:fe:0b:40:a7:3d:1f:7e:28:ef:
1d:e2:52:3a:ea:ca:97:d3:ae:a2:da:d2:2d:d7:b7:
e2:14:f3:6b:33:74:2a:9b:20:8f:04:2e:0f:bd:63:
4b:49:f0:09:11:0e:a6:02:ca:24:2c:ed:1a:e8:8c:
26:92:ab:5f:b7:7b:f9:b0:40:ae:fc:f3:b7:a5:53:
6a:da:f7:3e:7e:ac:7b:a2:bc:ad:70:11:de:40:84:
91:27:24:e4:f0:92:c9:cb:0f:89:39:9c:d5:0e:71:
38:d4:cb:a1:c2:48:57:b0:97:6d:a8:bd:94:e5:bf:
70:d9:10:14:5a:af:fa:42:7e:bb:73:26:7c:d0:a8:
3a:69:3f:f7:42:69:b7:c4:0c:e4:c3:db:f5:e2:96:
5d:a4:1f:16:4d:16:f3:9f:38:93:55:0f:14:f9:28:
a5:45:92:31:d5:3d:2a:aa:29:99:14:58:4f:a4:4d:
1a:65:81:d1:38:bc:7a:8f:7e:2e:22:a1:dd:3e:d0:
fc:eb:cc:77:bd:06:a6:be:24:06:76:8a:2e:65:52:
9b:a9:8d:b2:9f:df:9c:98:97:98:47:79:ee:48:59:
09:a9:e7:5b:cf:d8:2e:4d:bb:92:e7:65:79:27:16:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5E:B5:40:E4:D0:D3:A1:7A:E9:AC:F7:D9:21:BE:DD:06:59:69:BB
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IF61QOTQ06F66az32SG-3QZZabs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:6c:5d:06:43:2a:9b:d7:7d:81:e3:3a:e6:fb:13:d8:40:92:
a0:b8:a9:39:5b:cf:97:a4:8e:7c:a4:6a:1a:6b:c1:d9:31:98:
e5:bb:1b:b5:bc:73:19:a6:8a:dd:1e:20:10:91:d4:92:d8:2c:
4c:3d:33:2c:26:b6:8e:9a:45:86:d6:fb:24:c2:12:d1:06:83:
e3:db:24:7a:48:57:7a:da:93:ad:13:bd:22:81:af:fd:15:73:
22:f6:d9:80:ed:6e:95:52:a6:0e:00:c1:6f:86:ae:93:64:1f:
d0:ef:60:41:21:a0:58:c5:ed:5a:91:0b:21:73:85:6a:e3:49:
ab:02:b2:99:97:a1:62:98:ab:66:99:71:fb:00:7b:ae:77:82:
ee:ec:bd:0b:94:1a:44:52:2f:c9:f8:94:bf:91:2e:15:49:20:
98:f5:d0:28:e8:c3:4b:37:cf:d0:8a:a4:fc:07:27:0e:ee:29:
9a:4d:5e:d0:c6:79:9f:19:20:e0:28:34:5b:ce:d0:0f:94:f1:
3c:10:03:d3:f1:1b:3b:c1:1e:59:18:4c:e7:52:25:e1:c8:3b:
c7:64:c4:59:c0:41:83:76:97:43:fd:67:be:7b:76:8c:4d:3e:
41:ea:c0:de:1b:52:28:49:4f:98:13:0a:65:ed:89:54:56:3f:
5e:3a:42:f3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDIwNUVCNTQwRTREMEQz
QTE3QUU5QUNGN0Q5MjFCRUREMDY1OTY5QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyv1IEC5JPAIzTjdsvfkhHB4rKH/4LQKc9H34o7x3iUjrqypfT
rqLa0i3Xt+IU82szdCqbII8ELg+9Y0tJ8AkRDqYCyiQs7RrojCaSq1+3e/mwQK78
87elU2ra9z5+rHuivK1wEd5AhJEnJOTwksnLD4k5nNUOcTjUy6HCSFewl22ovZTl
v3DZEBRar/pCfrtzJnzQqDppP/dCabfEDOTD2/Xill2kHxZNFvOfOJNVDxT5KKVF
kjHVPSqqKZkUWE+kTRplgdE4vHqPfi4iod0+0PzrzHe9Bqa+JAZ2ii5lUpupjbKf
35yYl5hHee5IWQmp51vP2C5Nu5LnZXknFrAJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIF61QOTQ06F66az32SG+3QZZabswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSUY2MVFPVFEwNkY2NmF6MzJTRy0z
UVpaYWJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaqDAN
BgkqhkiG9w0BAQsFAAOCAQEAn2xdBkMqm9d9geM65vsT2ECSoLipOVvPl6SOfKRq
GmvB2TGY5bsbtbxzGaaK3R4gEJHUktgsTD0zLCa2jppFhtb7JMIS0QaD49skekhX
etqTrRO9IoGv/RVzIvbZgO1ulVKmDgDBb4auk2Qf0O9gQSGgWMXtWpELIXOFauNJ
qwKymZehYpirZplx+wB7rneC7uy9C5QaRFIvyfiUv5EuFUkgmPXQKOjDSzfP0Iqk
/AcnDu4pmk1e0MZ5nxkg4Cg0W87QD5TxPBAD0/EbO8EeWRhM51Il4cg7x2TEWcBB
g3aXQ/1nvnt2jE0+QerA3htSKElPmBMKZe2JVFY/XjpC8w==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:44 2023 by rpki-client on console-fra.rpki-client.org