Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MfDC__tl8k8hM0X4YvfHaFSPBrg.roa
File: MfDC__tl8k8hM0X4YvfHaFSPBrg.roa (raw, json)
Hash identifier: Y/+NP1I0L+X50ixlk8h6TTvRscE+HlKfRw5XDEAtnUU=
Subject key identifier: 31:F0:C2:FF:FB:65:F2:4F:21:33:45:F8:62:F7:C7:68:54:8F:06:B8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MfDC__tl8k8hM0X4YvfHaFSPBrg.roa
Signing time: Thu 15 Sep 2022 02:40:11 +0000
ROA not before: Thu 15 Sep 2022 02:40:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131591
IP address blocks: 203.79.206.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:11 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=31F0C2FFFB65F24F213345F862F7C768548F06B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:52:f9:45:0a:5b:ea:9d:15:13:64:d9:56:e5:
9c:33:49:e0:de:d1:0d:27:a1:b9:5c:d6:0d:57:e3:
17:45:6b:9a:a3:bc:15:94:82:26:c3:36:10:e7:5c:
ca:0f:ce:12:05:de:8c:b0:de:bb:40:54:b2:7a:22:
41:61:e3:87:73:e5:26:a1:9f:e3:c4:03:43:13:08:
34:ef:0e:08:2f:25:44:d8:63:21:ee:2e:7b:82:e0:
f5:38:d4:be:71:23:47:d3:ae:52:26:66:ab:87:53:
6f:cc:ef:b1:05:d3:51:71:2c:7b:65:cc:ad:39:30:
3e:4e:ad:9f:a0:19:9a:2f:e5:40:45:67:a1:db:b8:
8d:0b:2a:db:d5:fc:7e:6d:2a:a4:8a:36:ba:c0:f1:
84:5d:e7:1e:c7:2c:13:f7:2e:b3:73:eb:94:f1:65:
dc:5b:5d:aa:aa:ae:36:4a:4a:51:02:f5:23:e3:7a:
1f:c5:88:ae:11:df:d4:c4:5d:6d:99:b4:c3:1b:5a:
ef:2f:e7:8e:6f:0d:5b:88:18:1e:09:11:58:44:ed:
6a:d4:f6:f5:b0:c1:28:c3:54:4a:15:e0:ad:0b:bd:
71:fa:8a:99:a6:03:a0:6f:72:88:48:dc:9b:17:e7:
6e:53:da:f9:5e:e4:a0:1b:1c:a9:56:7f:64:6a:0f:
2f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F0:C2:FF:FB:65:F2:4F:21:33:45:F8:62:F7:C7:68:54:8F:06:B8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MfDC__tl8k8hM0X4YvfHaFSPBrg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.206.0/23
Signature Algorithm: sha256WithRSAEncryption
be:d9:10:ff:db:f2:12:52:29:b4:49:16:d0:50:6e:7b:f7:ad:
fe:de:42:63:26:4b:cf:32:4a:89:33:c9:bb:5c:10:f4:7f:b2:
7d:24:33:1d:ae:87:8f:45:e6:d8:e2:98:3f:ca:02:a5:a1:57:
49:ae:d6:b6:4b:d5:40:57:cd:64:6b:de:29:61:c9:62:92:d9:
aa:60:f7:0b:a6:fc:64:0f:0f:ca:6d:af:7f:cf:60:e9:78:fb:
2d:cc:66:29:a2:7d:85:b6:d4:79:1e:4d:db:30:4d:03:f2:9a:
0e:89:ac:5a:da:5c:5b:76:eb:78:d6:da:5b:c7:b5:07:73:41:
0f:21:aa:d4:20:b9:9f:b9:1f:79:09:c5:ac:a0:e8:05:79:af:
1a:17:e5:0b:c1:17:59:e7:46:dd:91:52:74:04:f4:c7:a0:d6:
4d:0a:12:07:32:6f:8b:66:8e:40:9d:26:45:8b:ec:44:fe:05:
51:76:44:fa:13:dd:c0:2a:d3:6c:da:2c:76:b3:78:2e:08:bc:
7f:58:73:9b:36:a7:3e:6e:20:a2:30:82:e8:98:9d:d4:2e:eb:
75:67:0a:d0:c0:2a:28:fb:0a:b0:b0:ef:6d:de:31:6e:3e:7b:
b1:71:e6:47:0a:83:e8:1a:a1:1e:26:38:31:94:a1:03:9b:7c:
69:ae:f3:54
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMxRjBDMkZGRkI2NUYy
NEYyMTMzNDVGODYyRjdDNzY4NTQ4RjA2QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrUvlFClvqnRUTZNlW5ZwzSeDe0Q0noblc1g1X4xdFa5qjvBWU
gibDNhDnXMoPzhIF3oyw3rtAVLJ6IkFh44dz5Sahn+PEA0MTCDTvDggvJUTYYyHu
LnuC4PU41L5xI0fTrlImZquHU2/M77EF01FxLHtlzK05MD5OrZ+gGZov5UBFZ6Hb
uI0LKtvV/H5tKqSKNrrA8YRd5x7HLBP3LrNz65TxZdxbXaqqrjZKSlEC9SPjeh/F
iK4R39TEXW2ZtMMbWu8v545vDVuIGB4JEVhE7WrU9vWwwSjDVEoV4K0LvXH6ipmm
A6BvcohI3JsX525T2vle5KAbHKlWf2RqDy/PAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMfDC//tl8k8hM0X4YvfHaFSPBrgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTWZEQ19fdGw4azhoTTBYNFl2Zkhh
RlNQQnJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEActPzjAN
BgkqhkiG9w0BAQsFAAOCAQEAvtkQ/9vyElIptEkW0FBue/et/t5CYyZLzzJKiTPJ
u1wQ9H+yfSQzHa6Hj0Xm2OKYP8oCpaFXSa7WtkvVQFfNZGveKWHJYpLZqmD3C6b8
ZA8Pym2vf89g6Xj7LcxmKaJ9hbbUeR5N2zBNA/KaDomsWtpcW3breNbaW8e1B3NB
DyGq1CC5n7kfeQnFrKDoBXmvGhflC8EXWedG3ZFSdAT0x6DWTQoSBzJvi2aOQJ0m
RYvsRP4FUXZE+hPdwCrTbNosdrN4Lgi8f1hzmzanPm4gojCC6Jid1C7rdWcK0MAq
KPsKsLDvbd4xbj57sXHmRwqD6BqhHiY4MZShA5t8aa7zVA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-fra.rpki-client.org