Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/NDhfyF9_w1fIR4CjdqfcW1tKwNc.roa
File: NDhfyF9_w1fIR4CjdqfcW1tKwNc.roa (raw, json)
Hash identifier: L8dEGlcTGTm49fhuL1JNqa2/ZysYy0mohK6iyq9367w=
Subject key identifier: 34:38:5F:C8:5F:7F:C3:57:C8:47:80:A3:76:A7:DC:5B:5B:4A:C0:D7
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 112E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NDhfyF9_w1fIR4CjdqfcW1tKwNc.roa
Signing time: Tue 01 Aug 2023 05:21:58 +0000
ROA not before: Tue 01 Aug 2023 05:21:58 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24154
IP address blocks: 60.244.0.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4398 (0x112e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Aug 1 05:21:58 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=34385FC85F7FC357C84780A376A7DC5B5B4AC0D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:56:af:15:a9:ef:64:34:89:a4:72:5c:1a:
bb:07:c4:a9:73:0c:68:b6:f9:1a:70:0b:54:9f:c9:
e3:94:35:dd:66:95:f4:d6:83:dc:13:ca:70:c6:6a:
5a:5b:77:99:42:c3:fc:39:fa:f2:cf:d3:ab:07:f1:
eb:07:2a:c2:15:39:4e:04:1a:30:81:80:45:5d:3f:
20:3c:22:eb:e8:f0:a3:32:a8:db:6a:55:7d:ef:b9:
ca:23:03:43:69:5a:ab:d7:3b:af:a9:b4:44:ba:5c:
f1:f0:76:4e:f5:01:d0:2c:37:cd:13:3f:bd:93:6f:
14:47:90:7b:ce:c7:01:19:3f:db:45:b0:55:9d:b8:
e8:1c:fc:3f:ee:aa:ca:fe:42:21:62:9b:6e:3a:9c:
a3:bd:dc:30:c6:f1:b8:1a:c6:45:84:8c:d3:18:c5:
84:29:b5:c7:70:e5:aa:52:96:cb:51:cb:cd:54:16:
dc:74:c0:20:0f:28:e2:9b:d3:e0:99:00:d6:d8:a3:
ee:82:64:aa:d9:c2:f0:08:90:c2:ce:13:6a:75:c3:
3d:a4:76:e5:1c:b1:73:f6:92:9a:f2:41:a0:46:c3:
2c:24:4d:8e:ac:68:60:0c:32:d2:fa:62:7b:13:d8:
c7:f8:7e:78:73:a3:33:5f:a9:4a:53:48:95:dc:cc:
f6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:38:5F:C8:5F:7F:C3:57:C8:47:80:A3:76:A7:DC:5B:5B:4A:C0:D7
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/NDhfyF9_w1fIR4CjdqfcW1tKwNc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/24
Signature Algorithm: sha256WithRSAEncryption
29:63:34:64:15:51:24:be:13:05:8a:39:19:ac:60:09:d7:d4:
a9:39:64:20:aa:25:fb:57:cb:41:10:99:4e:0b:cd:0f:8f:3c:
9d:ab:30:08:bc:ed:18:a6:65:9e:c4:3c:5c:8f:da:1e:3a:b5:
be:61:67:81:3e:9d:87:8d:a0:f8:70:21:66:ab:96:7c:9e:3a:
22:2e:5f:c8:e8:74:33:ba:ee:4c:ee:aa:45:6e:20:9f:c3:66:
69:82:b5:1f:68:78:b4:14:08:5c:c5:64:13:8d:c3:77:ee:5c:
8c:3e:b9:db:4a:e0:75:d7:ef:d6:f0:09:23:98:2e:02:a2:ca:
03:74:be:0f:00:35:6b:b0:8f:aa:5f:96:19:8e:8b:84:4a:e3:
db:bb:61:93:0d:9d:57:2c:a5:80:a8:5b:b7:22:45:7b:45:9b:
23:e5:35:cc:2c:e9:75:a6:15:4f:e9:6b:6f:de:5a:6b:ec:d6:
9b:16:aa:20:ce:e6:85:a3:e3:be:9a:cc:4d:c0:fc:78:73:e9:
34:9f:e7:b9:07:b2:cb:f9:90:91:bf:49:8d:b2:e0:73:d2:9a:
6b:22:2c:b2:2a:84:2c:85:cd:c7:63:26:15:80:04:bf:a6:cd:
67:8e:a1:8b:96:92:be:8b:80:72:86:51:6e:e0:90:a8:6c:58:
9c:72:6f:95
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICES4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDEw
NTIxNThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM0Mzg1RkM4NUY3RkMz
NTdDODQ3ODBBMzc2QTdEQzVCNUI0QUMwRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3N1avFanvZDSJpHJcGrsHxKlzDGi2+RpwC1SfyeOUNd1mlfTW
g9wTynDGalpbd5lCw/w5+vLP06sH8esHKsIVOU4EGjCBgEVdPyA8Iuvo8KMyqNtq
VX3vucojA0NpWqvXO6+ptES6XPHwdk71AdAsN80TP72TbxRHkHvOxwEZP9tFsFWd
uOgc/D/uqsr+QiFim246nKO93DDG8bgaxkWEjNMYxYQptcdw5apSlstRy81UFtx0
wCAPKOKb0+CZANbYo+6CZKrZwvAIkMLOE2p1wz2kduUcsXP2kpryQaBGwywkTY6s
aGAMMtL6YnsT2Mf4fnhzozNfqUpTSJXczPa9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNDhfyF9/w1fIR4CjdqfcW1tKwNcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTkRoZnlGOV93MWZJUjRDamRxZmNX
MXRLd05jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADz0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAKWM0ZBVRJL4TBYo5GaxgCdfUqTlkIKol+1fLQRCZ
TgvND488naswCLztGKZlnsQ8XI/aHjq1vmFngT6dh42g+HAhZquWfJ46Ii5fyOh0
M7ruTO6qRW4gn8NmaYK1H2h4tBQIXMVkE43Dd+5cjD6520rgddfv1vAJI5guAqLK
A3S+DwA1a7CPql+WGY6LhErj27thkw2dVyylgKhbtyJFe0WbI+U1zCzpdaYVT+lr
b95aa+zWmxaqIM7mhaPjvprMTcD8eHPpNJ/nuQeyy/mQkb9JjbLgc9KaayIssiqE
LIXNx2MmFYAEv6bNZ46hi5aSvouAcoZRbuCQqGxYnHJvlQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:18 2023 by rpki-client on console-ams.rpki-client.org