Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ONsf2MYcsnI4BhIiF1AheW-zWYE.roa
File: ONsf2MYcsnI4BhIiF1AheW-zWYE.roa (raw, json)
Hash identifier: QlLNQre/ME3u7l0ViQA8npyO1Kux3TyI9witWi/IjDw=
Subject key identifier: 38:DB:1F:D8:C6:1C:B2:72:38:06:12:22:17:50:21:79:6F:B3:59:81
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ONsf2MYcsnI4BhIiF1AheW-zWYE.roa
Signing time: Thu 15 Sep 2022 02:39:49 +0000
ROA not before: Thu 15 Sep 2022 02:39:49 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.58.120.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:39:49 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=38DB1FD8C61CB27238061222175021796FB35981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d9:36:66:43:97:5d:ce:f6:20:72:6d:19:8a:
8f:51:60:34:49:4d:15:45:8d:1d:50:08:c6:43:9f:
3c:7a:4a:06:5c:38:2b:e4:97:93:e8:ae:3d:20:7b:
44:a8:80:ce:29:ad:4d:9a:6d:ea:13:39:11:bb:8c:
6e:fe:e0:d4:ec:30:7b:e5:8e:a2:c3:8b:19:a4:d8:
a8:5b:c8:59:5d:c6:1f:9c:6a:5e:47:83:1b:8c:57:
b6:ef:16:80:29:ce:9c:11:88:4a:20:0a:40:5b:c2:
86:6f:78:50:6f:84:21:64:91:96:de:61:05:46:4a:
5c:5a:bb:37:83:c8:be:87:30:ef:59:e4:02:e5:a1:
b6:c4:03:4d:42:29:3a:d7:2a:7e:4a:37:f5:e2:0e:
24:75:65:10:b9:05:65:ac:fb:ad:5d:29:3b:9e:f0:
94:c3:76:57:73:6e:37:c5:0d:f4:12:0c:2a:ca:35:
7a:35:de:4c:7c:25:98:04:2e:77:3f:11:4d:e9:78:
e7:b0:bc:00:1a:3c:a1:18:e9:be:4c:7d:9b:70:40:
71:ae:89:47:a6:1a:b1:a0:2a:72:d5:5c:e7:db:d1:
95:e5:fd:ff:f5:56:b8:38:47:24:65:18:09:df:04:
c9:15:80:fb:15:6e:31:2e:de:0f:7a:f4:f0:6d:85:
7a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DB:1F:D8:C6:1C:B2:72:38:06:12:22:17:50:21:79:6F:B3:59:81
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ONsf2MYcsnI4BhIiF1AheW-zWYE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.120.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:d5:8d:0c:a3:ef:85:11:3a:d7:7a:af:e2:4e:cc:ab:cb:7f:
65:b9:87:f0:52:cb:7f:1a:0d:f5:a6:56:e6:c9:d5:29:95:5f:
6b:1c:34:4e:1e:52:8e:6f:0d:67:2f:52:a6:aa:a0:6f:19:6f:
df:0b:b9:10:3c:a5:34:2f:75:17:7f:9c:d0:59:17:b8:81:6d:
50:94:f4:3f:2b:61:a3:a0:9d:ee:89:3a:a9:97:0d:be:04:5d:
8d:a3:87:0c:9a:43:e8:71:11:a6:82:19:cc:bd:c2:da:c6:6f:
6b:43:c2:bb:cc:51:55:59:ec:f5:4b:d9:dd:8d:bc:b3:5b:e7:
03:5c:e7:51:ee:a0:82:2b:47:5a:bb:ed:5b:a2:40:98:e4:00:
e3:50:9f:44:50:bb:5b:34:b2:a8:a7:e6:af:2d:16:18:31:1a:
c7:ec:bb:a6:23:1e:dc:d1:09:56:e6:d7:0a:48:79:ed:91:64:
ec:f4:39:90:16:17:d3:f1:ef:1f:0b:11:0e:d6:f7:ee:f3:a8:
d3:34:8c:18:c8:7b:77:55:cd:6a:ba:3f:3d:51:a9:51:75:b2:
b2:56:f2:ef:97:17:11:d7:19:dc:be:cc:73:16:a8:30:c3:e3:
c6:11:83:60:3c:09:e4:6b:64:1e:8c:f6:75:74:d0:a5:0a:1b:
ed:d1:fb:74
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4REIxRkQ4QzYxQ0Iy
NzIzODA2MTIyMjE3NTAyMTc5NkZCMzU5ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP2TZmQ5ddzvYgcm0Zio9RYDRJTRVFjR1QCMZDnzx6SgZcOCvk
l5Porj0ge0SogM4prU2abeoTORG7jG7+4NTsMHvljqLDixmk2KhbyFldxh+cal5H
gxuMV7bvFoApzpwRiEogCkBbwoZveFBvhCFkkZbeYQVGSlxauzeDyL6HMO9Z5ALl
obbEA01CKTrXKn5KN/XiDiR1ZRC5BWWs+61dKTue8JTDdldzbjfFDfQSDCrKNXo1
3kx8JZgELnc/EU3peOewvAAaPKEY6b5MfZtwQHGuiUemGrGgKnLVXOfb0ZXl/f/1
Vrg4RyRlGAnfBMkVgPsVbjEu3g969PBthXrfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUONsf2MYcsnI4BhIiF1AheW+zWYEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvT05zZjJNWWNzbkk0QmhJaUYxQWhl
Vy16V1lFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6eDAN
BgkqhkiG9w0BAQsFAAOCAQEAwNWNDKPvhRE613qv4k7Mq8t/ZbmH8FLLfxoN9aZW
5snVKZVfaxw0Th5Sjm8NZy9Spqqgbxlv3wu5EDylNC91F3+c0FkXuIFtUJT0Pyth
o6Cd7ok6qZcNvgRdjaOHDJpD6HERpoIZzL3C2sZva0PCu8xRVVns9UvZ3Y28s1vn
A1znUe6ggitHWrvtW6JAmOQA41CfRFC7WzSyqKfmry0WGDEax+y7piMe3NEJVubX
Ckh57ZFk7PQ5kBYX0/HvHwsRDtb37vOo0zSMGMh7d1XNaro/PVGpUXWyslby75cX
EdcZ3L7McxaoMMPjxhGDYDwJ5GtkHoz2dXTQpQob7dH7dA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:44 2023 by rpki-client on console-ams.rpki-client.org