Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/KvqRq0_90IvB7_dhbZHIYqEs0BI.roa
File: KvqRq0_90IvB7_dhbZHIYqEs0BI.roa (raw, json)
Hash identifier: Vy6t6INN6KYdE3xdHDoxC2z0RuE/XyVdBJZDdfCH6tA=
Subject key identifier: 2A:FA:91:AB:4F:FD:D0:8B:C1:EF:F7:61:6D:91:C8:62:A1:2C:D0:12
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1134
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/KvqRq0_90IvB7_dhbZHIYqEs0BI.roa
Signing time: Mon 07 Aug 2023 07:34:46 +0000
ROA not before: Mon 07 Aug 2023 07:34:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4404 (0x1134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Aug 7 07:34:46 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2AFA91AB4FFDD08BC1EFF7616D91C862A12CD012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:46:68:07:7a:bc:b6:4e:14:b2:09:2b:f8:bc:
68:de:ec:ca:a1:41:cb:f1:60:c2:95:69:c7:e9:40:
4d:dd:32:52:b1:a4:fa:79:0c:c2:4b:c0:6c:32:9d:
3a:84:bb:ea:26:53:25:90:5f:0d:ec:11:87:e2:c3:
ff:ed:19:80:c6:b2:36:92:47:6a:03:a3:9b:42:a7:
0b:2a:44:c7:dd:05:e0:ee:cb:f1:09:f2:2a:fe:26:
a6:83:68:bd:2a:e0:fe:3e:81:4b:2b:f9:81:f2:47:
56:48:3a:ec:49:75:da:b5:34:ec:cc:f1:37:31:6c:
64:95:49:ef:6b:e6:5e:ea:fc:86:ee:49:93:e9:5b:
d7:f3:e1:03:80:2c:35:c3:cd:0d:31:93:ef:8f:80:
ff:45:77:c3:87:42:2f:86:d9:7a:5e:62:00:c8:4f:
5a:38:1e:d3:e8:ed:98:e8:9e:a3:e2:f5:48:c8:fe:
f8:b5:d9:57:7b:e9:a1:5a:e8:21:2a:5d:2d:e3:01:
2a:6b:09:bd:62:55:f4:54:2e:d8:7d:5a:e9:e6:98:
ee:b0:4c:86:96:e1:39:b0:a0:63:96:ab:ff:90:e4:
02:63:38:3e:40:55:26:0a:4f:ed:b1:2d:f1:45:53:
ce:7e:d7:e9:e3:1c:c8:1f:2d:eb:f3:10:23:2f:ed:
85:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FA:91:AB:4F:FD:D0:8B:C1:EF:F7:61:6D:91:C8:62:A1:2C:D0:12
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/KvqRq0_90IvB7_dhbZHIYqEs0BI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ff:76:43:61:d2:d0:4a:cb:8c:9b:7d:91:5b:d8:01:33:6e:
04:b5:a6:8c:f8:46:5d:d5:0d:d4:0c:93:c0:3e:50:55:6a:bc:
ee:bb:68:96:b8:73:19:00:aa:aa:8d:7c:06:78:a3:87:4f:1a:
6a:79:98:4a:72:8a:6e:f2:e3:5c:33:b0:87:83:73:e6:d9:20:
6c:40:2d:89:25:b2:5d:64:76:a2:10:b2:99:6e:0a:ca:9e:c4:
fc:4c:36:fd:9c:1d:02:90:54:31:e2:ee:c1:d4:f5:1d:e2:54:
e1:1f:98:77:f0:cd:d5:ef:02:bb:2f:d4:7a:a4:c6:4b:29:4b:
1c:ae:e7:7b:47:38:39:03:f5:f4:a7:fd:d6:24:5d:4e:c1:a2:
5b:81:f9:75:22:04:8f:16:25:93:43:cc:0b:1d:a3:6c:25:78:
dc:d8:ce:54:28:74:08:f0:16:fa:9b:fe:e5:a5:c3:01:ad:ef:
15:a1:1c:25:5c:cd:01:b9:c8:2d:19:54:55:ed:fc:9e:7b:1b:
a5:c7:21:a5:aa:83:40:d9:4f:34:10:d1:b0:9a:20:f1:41:85:
e8:df:f2:92:de:ff:4a:56:7f:fb:1f:2b:dc:e6:e1:3f:cf:bb:
66:b4:12:b3:74:7b:de:aa:33:35:b4:9b:1c:78:e5:62:21:73:
36:19:d7:bf
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICETQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDcw
NzM0NDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBRkE5MUFCNEZGREQw
OEJDMUVGRjc2MTZEOTFDODYyQTEyQ0QwMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnRmgHery2ThSyCSv4vGje7MqhQcvxYMKVacfpQE3dMlKxpPp5
DMJLwGwynTqEu+omUyWQXw3sEYfiw//tGYDGsjaSR2oDo5tCpwsqRMfdBeDuy/EJ
8ir+JqaDaL0q4P4+gUsr+YHyR1ZIOuxJddq1NOzM8TcxbGSVSe9r5l7q/IbuSZPp
W9fz4QOALDXDzQ0xk++PgP9Fd8OHQi+G2XpeYgDIT1o4HtPo7ZjonqPi9UjI/vi1
2Vd76aFa6CEqXS3jASprCb1iVfRULth9WunmmO6wTIaW4TmwoGOWq/+Q5AJjOD5A
VSYKT+2xLfFFU85+1+njHMgfLevzECMv7YXDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKvqRq0/90IvB7/dhbZHIYqEs0BIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvS3ZxUnEwXzkwSXZCN19kaGJaSElZ
cUVzMEJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivwaDAN
BgkqhkiG9w0BAQsFAAOCAQEAiP92Q2HS0ErLjJt9kVvYATNuBLWmjPhGXdUN1AyT
wD5QVWq87rtolrhzGQCqqo18Bnijh08aanmYSnKKbvLjXDOwh4Nz5tkgbEAtiSWy
XWR2ohCymW4Kyp7E/Ew2/ZwdApBUMeLuwdT1HeJU4R+Yd/DN1e8Cuy/UeqTGSylL
HK7ne0c4OQP19Kf91iRdTsGiW4H5dSIEjxYlk0PMCx2jbCV43NjOVCh0CPAW+pv+
5aXDAa3vFaEcJVzNAbnILRlUVe38nnsbpcchpaqDQNlPNBDRsJog8UGF6N/ykt7/
SlZ/+x8r3ObhP8+7ZrQSs3R73qozNbSbHHjlYiFzNhnXvw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:45 2023 by rpki-client on console-fra.rpki-client.org