Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/JMDsUuFsbF48rvtLpqSzpIZQ-cc.roa
File: JMDsUuFsbF48rvtLpqSzpIZQ-cc.roa (raw, json)
Hash identifier: tdc+QDppBeNUvOLgk7nq/DfWdH4zdbgWvSAWrRM/0J0=
Subject key identifier: 24:C0:EC:52:E1:6C:6C:5E:3C:AE:FB:4B:A6:A4:B3:A4:86:50:F9:C7
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/JMDsUuFsbF48rvtLpqSzpIZQ-cc.roa
Signing time: Thu 15 Sep 2022 02:39:52 +0000
ROA not before: Thu 15 Sep 2022 02:39:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131591
IP address blocks: 223.22.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:39:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=24C0EC52E16C6C5E3CAEFB4BA6A4B3A48650F9C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a7:c0:4b:66:4c:ff:e5:bc:ec:e9:4a:f3:79:
92:45:2b:05:db:4e:41:a4:64:ec:4b:83:f7:1f:71:
64:bf:64:a9:a4:f8:65:c2:23:94:b5:8d:a3:93:5d:
a8:b6:e1:b6:a2:83:81:a3:8f:dc:c6:cb:59:d2:37:
a3:fc:6a:7c:8e:28:65:59:08:81:1a:f8:78:1d:f9:
fd:cd:df:1f:d5:4c:ab:c9:99:da:e7:32:5e:6c:24:
a2:20:2a:29:8b:75:7e:9f:9c:2a:03:ef:e6:40:0a:
89:bb:55:57:20:a8:96:dc:bf:3d:f4:cc:12:4e:2d:
60:32:f2:92:89:b0:64:76:be:76:10:51:f7:cc:27:
c8:ad:ea:7a:82:1e:f1:e6:be:e5:ed:4a:dd:d7:8d:
e0:71:2f:0a:b3:8e:6b:dc:70:fb:a1:b5:7d:e9:b4:
ce:c7:86:d8:35:76:b2:9f:3c:8c:50:55:28:7c:fe:
d6:59:04:b0:46:7e:75:a9:1f:a2:aa:a1:5e:a9:31:
20:dd:a2:4d:a9:88:7e:84:bb:02:ff:72:60:2f:af:
5b:6c:20:ad:2a:c6:64:37:6c:23:f4:ec:24:3f:8f:
8f:20:43:26:58:60:41:16:2b:c0:bd:06:e6:bf:c2:
d9:56:32:70:56:63:fd:ef:cc:2c:af:c4:71:f5:3d:
3f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:C0:EC:52:E1:6C:6C:5E:3C:AE:FB:4B:A6:A4:B3:A4:86:50:F9:C7
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/JMDsUuFsbF48rvtLpqSzpIZQ-cc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:94:d7:88:f6:55:c1:59:57:53:8b:95:7d:a8:32:b4:47:56:
e4:07:89:b8:29:65:da:cc:f6:30:b2:31:c7:5d:92:45:52:4e:
6b:a0:3f:53:9d:91:21:b6:ef:5b:2a:90:eb:9a:a5:eb:ac:cc:
49:13:ca:4a:05:47:85:cd:f0:54:18:ed:66:bf:42:1d:e7:2f:
e1:9d:e0:82:20:fc:4b:ec:bf:69:bc:d4:77:d5:de:c3:3d:d7:
77:9c:08:d1:0c:a2:1f:c4:5d:e0:36:b6:92:1c:00:27:99:61:
57:8c:24:d5:92:d6:ef:7c:1b:64:1b:e4:7a:a8:a9:ad:16:0a:
ce:11:3c:4e:10:57:a1:7b:fa:47:e1:f6:a5:ce:f4:99:99:fe:
47:db:d3:61:d8:eb:f5:16:6b:f0:6f:aa:26:a1:de:ce:24:80:
52:ed:e5:4d:43:8b:02:6b:c3:9a:9d:d5:1d:7d:f9:7c:1d:2a:
a3:12:a4:0e:50:79:93:dc:d8:a7:d1:a1:3c:ca:ac:f0:83:e8:
99:ba:ea:da:1b:de:4b:70:53:23:66:55:ae:70:ec:2b:52:80:
fa:80:b5:4e:a0:92:e2:14:2a:25:9a:46:61:33:bf:de:45:d2:
a8:3b:a3:6d:31:ff:69:c2:b4:1b:c1:6f:f5:e4:60:d9:96:e8:
79:40:e8:77
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI0QzBFQzUyRTE2QzZD
NUUzQ0FFRkI0QkE2QTRCM0E0ODY1MEY5QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbp8BLZkz/5bzs6UrzeZJFKwXbTkGkZOxLg/cfcWS/ZKmk+GXC
I5S1jaOTXai24baig4Gjj9zGy1nSN6P8anyOKGVZCIEa+Hgd+f3N3x/VTKvJmdrn
Ml5sJKIgKimLdX6fnCoD7+ZACom7VVcgqJbcvz30zBJOLWAy8pKJsGR2vnYQUffM
J8it6nqCHvHmvuXtSt3XjeBxLwqzjmvccPuhtX3ptM7Hhtg1drKfPIxQVSh8/tZZ
BLBGfnWpH6KqoV6pMSDdok2piH6EuwL/cmAvr1tsIK0qxmQ3bCP07CQ/j48gQyZY
YEEWK8C9Bua/wtlWMnBWY/3vzCyvxHH1PT89AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUJMDsUuFsbF48rvtLpqSzpIZQ+ccwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSk1Ec1V1RnNiRjQ4cnZ0THBxU3pw
SVpRLWNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN8WMA0G
CSqGSIb3DQEBCwUAA4IBAQBOlNeI9lXBWVdTi5V9qDK0R1bkB4m4KWXazPYwsjHH
XZJFUk5roD9TnZEhtu9bKpDrmqXrrMxJE8pKBUeFzfBUGO1mv0Id5y/hneCCIPxL
7L9pvNR31d7DPdd3nAjRDKIfxF3gNraSHAAnmWFXjCTVktbvfBtkG+R6qKmtFgrO
ETxOEFehe/pH4falzvSZmf5H29Nh2Ov1Fmvwb6omod7OJIBS7eVNQ4sCa8OandUd
ffl8HSqjEqQOUHmT3Nin0aE8yqzwg+iZuuraG95LcFMjZlWucOwrUoD6gLVOoJLi
FColmkZhM7/eRdKoO6NtMf9pwrQbwW/15GDZluh5QOh3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org