Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YgA8lzKbeIMXsVe3Xpztm1DH_ic.roa
File: YgA8lzKbeIMXsVe3Xpztm1DH_ic.roa (raw, json)
Hash identifier: VWZMYGoo9yCmVJB49hXhzKcZ0Z8hSxaXRm9KmfX3hD4=
Subject key identifier: 62:00:3C:97:32:9B:78:83:17:B1:57:B7:5E:9C:ED:9B:50:C7:FE:27
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 103D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YgA8lzKbeIMXsVe3Xpztm1DH_ic.roa
Signing time: Tue 16 May 2023 08:35:56 +0000
ROA not before: Tue 16 May 2023 08:35:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 218.35.0.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4157 (0x103d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:35:56 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=62003C97329B788317B157B75E9CED9B50C7FE27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:42:d6:a1:8d:e3:04:ae:fe:88:68:85:c7:
c8:37:92:2d:57:18:36:d7:20:91:2f:97:4f:39:dc:
99:e3:1c:c8:66:6e:77:d1:85:a4:db:66:11:04:6a:
a3:a1:ed:94:07:b3:9c:13:13:50:f3:e2:75:fb:14:
ea:28:a7:7b:e6:88:98:29:76:18:59:5c:68:4e:7f:
41:17:2b:35:d9:ba:93:f0:03:85:ca:28:9c:dc:90:
d2:18:39:b5:4f:ed:89:96:ee:d3:c7:8c:3b:f0:e2:
e7:e8:e9:3a:1d:9b:d1:ff:fe:9e:a7:03:ed:1f:1b:
80:3a:9a:cd:1c:e9:79:85:77:e3:60:2e:39:00:9c:
c6:38:a5:24:4b:dc:8a:3a:d4:b3:ca:37:c4:d6:19:
47:c4:69:8d:ad:dc:d6:12:c4:b0:bb:30:bb:90:f0:
57:fc:0d:1d:92:d7:1e:1b:5e:f3:f4:03:c8:d1:f1:
4e:b9:07:69:5e:f1:bd:0f:0d:d6:a3:d5:ea:57:47:
79:76:af:46:46:b2:a4:26:6b:24:67:24:5e:0b:89:
7a:17:ef:03:b4:74:a0:67:d1:63:cf:c5:7a:00:d2:
01:6f:d2:46:84:51:63:6e:9c:63:ee:7a:98:e4:72:
30:b3:27:e2:4c:5a:06:24:28:7e:48:82:03:3e:20:
27:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:00:3C:97:32:9B:78:83:17:B1:57:B7:5E:9C:ED:9B:50:C7:FE:27
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YgA8lzKbeIMXsVe3Xpztm1DH_ic.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.0.0/21
Signature Algorithm: sha256WithRSAEncryption
59:36:ad:93:24:0d:46:84:b1:bd:40:6c:f6:0a:43:fc:43:07:
57:f3:b4:95:27:19:59:66:a1:65:1c:ea:25:89:b7:2a:04:f7:
f8:b7:ee:e8:d4:70:f0:64:7c:cd:be:d0:e2:8b:e8:7e:5a:00:
84:78:70:7e:d7:5a:ee:13:cc:53:36:52:2b:af:d3:1d:34:af:
b4:cd:ba:13:34:36:8b:fc:dd:56:05:09:9e:a6:a7:7a:a8:46:
4f:a8:de:dc:8b:d0:e7:8c:24:a7:55:fe:71:1c:13:3e:50:8a:
15:98:fa:f3:35:1a:22:67:ee:2e:f1:ad:23:34:54:cd:a7:a6:
71:a9:1c:43:b6:47:5c:c5:21:1b:cc:ae:e1:01:da:13:1f:1d:
55:93:94:26:da:2f:3c:bc:24:44:a8:32:03:00:bf:b4:39:17:
2c:52:bd:1e:dd:bc:7f:e4:a0:88:ad:d2:7d:37:61:78:5b:aa:
33:92:68:f2:df:36:a9:93:f0:dc:5b:c1:7e:32:2f:aa:f0:35:
67:e1:c6:d3:cb:84:be:19:2f:71:69:7b:8e:a1:79:a7:78:45:
d6:98:02:df:85:0f:7d:10:39:60:bd:a3:73:c7:4b:a8:0d:1b:
59:31:8c:f6:9e:b8:84:b0:52:2e:00:cb:75:66:84:9c:94:64:
c0:a7:b3:ac
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICED0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyMDAzQzk3MzI5Qjc4
ODMxN0IxNTdCNzVFOUNFRDlCNTBDN0ZFMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBUELWoY3jBK7+iGiFx8g3ki1XGDbXIJEvl0853JnjHMhmbnfR
haTbZhEEaqOh7ZQHs5wTE1Dz4nX7FOoop3vmiJgpdhhZXGhOf0EXKzXZupPwA4XK
KJzckNIYObVP7YmW7tPHjDvw4ufo6Todm9H//p6nA+0fG4A6ms0c6XmFd+NgLjkA
nMY4pSRL3Io61LPKN8TWGUfEaY2t3NYSxLC7MLuQ8Ff8DR2S1x4bXvP0A8jR8U65
B2le8b0PDdaj1epXR3l2r0ZGsqQmayRnJF4LiXoX7wO0dKBn0WPPxXoA0gFv0kaE
UWNunGPuepjkcjCzJ+JMWgYkKH5IggM+ICd1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYgA8lzKbeIMXsVe3Xpztm1DH/icwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWWdBOGx6S2JlSU1Yc1ZlM1hwenRt
MURIX2ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9ojADAN
BgkqhkiG9w0BAQsFAAOCAQEAWTatkyQNRoSxvUBs9gpD/EMHV/O0lScZWWahZRzq
JYm3KgT3+Lfu6NRw8GR8zb7Q4ovofloAhHhwftda7hPMUzZSK6/THTSvtM26EzQ2
i/zdVgUJnqaneqhGT6je3IvQ54wkp1X+cRwTPlCKFZj68zUaImfuLvGtIzRUzaem
cakcQ7ZHXMUhG8yu4QHaEx8dVZOUJtovPLwkRKgyAwC/tDkXLFK9Ht28f+SgiK3S
fTdheFuqM5Jo8t82qZPw3FvBfjIvqvA1Z+HG08uEvhkvcWl7jqF5p3hF1pgC34UP
fRA5YL2jc8dLqA0bWTGM9p64hLBSLgDLdWaEnJRkwKezrA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:18 2023 by rpki-client on console-ams.rpki-client.org