Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YFcdsDdXq55PmrZDMXVQj2RfKzY.roa
File: YFcdsDdXq55PmrZDMXVQj2RfKzY.roa (raw, json)
Hash identifier: VurO3WY8KD8YSec0I397iQkUU+U3iAHupB1uWyjH01k=
Subject key identifier: 60:57:1D:B0:37:57:AB:9E:4F:9A:B6:43:31:75:50:8F:64:5F:2B:36
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10BE
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YFcdsDdXq55PmrZDMXVQj2RfKzY.roa
Signing time: Tue 16 May 2023 08:36:34 +0000
ROA not before: Tue 16 May 2023 08:36:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 222.251.0.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4286 (0x10be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:34 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=60571DB03757AB9E4F9AB6433175508F645F2B36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fd:e0:d7:3c:67:cc:a4:3c:7d:1b:65:62:a9:
bb:f8:50:fa:30:9c:2a:08:58:1a:a8:b2:a4:63:44:
88:09:b4:5c:79:ae:2d:92:d5:e1:c4:0a:89:bd:5e:
45:d2:6b:9f:92:14:bc:4c:f1:c0:52:ab:d4:f2:cc:
82:30:24:36:6b:90:0c:c8:5e:b4:39:a0:20:66:61:
df:33:33:8f:e4:3b:a8:ee:2a:b6:6d:76:73:68:1b:
cc:e2:98:94:87:15:97:f6:69:6f:37:69:19:49:02:
25:e5:26:8e:c6:d7:89:02:15:8c:5f:c2:d5:fd:05:
ce:f7:9b:be:2e:e4:c6:be:05:5f:32:85:f0:10:77:
74:e8:ed:29:57:ff:5a:f2:f7:90:f3:62:f5:3f:99:
94:4e:07:ca:6f:70:65:e0:27:01:67:d2:0f:be:6d:
2f:cf:40:ca:f7:da:4b:77:50:0e:26:41:c0:1a:51:
a7:60:de:7d:d4:6e:ab:82:ba:1f:b7:cd:c5:97:74:
ee:41:e0:9f:7f:37:bc:d5:af:07:b4:40:95:e9:8b:
3f:f1:c4:08:7c:5c:85:68:43:12:43:0a:bc:3e:6a:
39:0e:86:85:75:59:e8:dd:fd:e3:52:71:eb:9e:bc:
5c:e3:74:08:87:1f:63:7c:56:87:df:3d:33:31:af:
7e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:57:1D:B0:37:57:AB:9E:4F:9A:B6:43:31:75:50:8F:64:5F:2B:36
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YFcdsDdXq55PmrZDMXVQj2RfKzY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/17
Signature Algorithm: sha256WithRSAEncryption
84:4e:60:fe:99:63:da:09:79:7c:f9:b0:a7:73:a2:b8:82:cb:
aa:e7:01:1e:c7:16:89:be:b6:07:cf:ad:82:03:4e:5b:25:c7:
85:a4:de:d7:26:94:ca:1a:07:3e:3c:8e:7f:7e:e6:75:53:c8:
ae:17:6e:a4:81:59:3e:9e:0b:7c:c1:65:77:d7:c0:af:88:57:
98:f2:39:05:c9:fe:84:37:76:01:29:e4:bc:85:d9:38:6d:ee:
f7:49:17:de:46:60:d1:b4:3f:62:64:b2:13:72:c4:48:93:7d:
bf:6b:48:50:e2:11:1b:0b:58:e9:52:2f:d5:18:04:a4:2f:3d:
e9:a7:c3:69:c1:a6:b2:1d:2b:04:56:bc:95:a3:00:ae:32:43:
68:5c:b0:05:23:a6:8e:48:24:5d:5a:a9:36:8d:70:cb:12:ed:
68:8f:f9:e3:18:4a:32:10:bd:34:c6:b7:e6:b3:d2:6e:1b:ea:
83:0d:82:3c:c3:d6:b3:12:6f:16:94:85:13:f1:9d:20:a1:17:
f7:a4:0d:e1:ed:47:db:5b:df:20:ce:47:e2:1d:7c:f1:e5:d8:
68:90:95:f9:30:3c:b0:7f:b1:f4:38:29:3f:41:3e:36:b4:78:
4a:87:9b:c0:9f:61:f7:57:4b:53:a7:95:21:b0:4c:b0:ec:4e:
f0:53:16:2e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYwNTcxREIwMzc1N0FC
OUU0RjlBQjY0MzMxNzU1MDhGNjQ1RjJCMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCb/eDXPGfMpDx9G2Viqbv4UPownCoIWBqosqRjRIgJtFx5ri2S
1eHECom9XkXSa5+SFLxM8cBSq9TyzIIwJDZrkAzIXrQ5oCBmYd8zM4/kO6juKrZt
dnNoG8zimJSHFZf2aW83aRlJAiXlJo7G14kCFYxfwtX9Bc73m74u5Ma+BV8yhfAQ
d3To7SlX/1ry95DzYvU/mZROB8pvcGXgJwFn0g++bS/PQMr32kt3UA4mQcAaUadg
3n3UbquCuh+3zcWXdO5B4J9/N7zVrwe0QJXpiz/xxAh8XIVoQxJDCrw+ajkOhoV1
Wejd/eNSceuevFzjdAiHH2N8VoffPTMxr36dAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYFcdsDdXq55PmrZDMXVQj2RfKzYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWUZjZHNEZFhxNTVQbXJaRE1YVlFq
MlJmS3pZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB977ADAN
BgkqhkiG9w0BAQsFAAOCAQEAhE5g/plj2gl5fPmwp3OiuILLqucBHscWib62B8+t
ggNOWyXHhaTe1yaUyhoHPjyOf37mdVPIrhdupIFZPp4LfMFld9fAr4hXmPI5Bcn+
hDd2ASnkvIXZOG3u90kX3kZg0bQ/YmSyE3LESJN9v2tIUOIRGwtY6VIv1RgEpC89
6afDacGmsh0rBFa8laMArjJDaFywBSOmjkgkXVqpNo1wyxLtaI/54xhKMhC9NMa3
5rPSbhvqgw2CPMPWsxJvFpSFE/GdIKEX96QN4e1H21vfIM5H4h188eXYaJCV+TA8
sH+x9DgpP0E+NrR4SoebwJ9h91dLU6eVIbBMsOxO8FMWLg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:45 2023 by rpki-client on console-fra.rpki-client.org