Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YkD8mZW1xg2kzatnVYcj218deqs.roa
File: YkD8mZW1xg2kzatnVYcj218deqs.roa (raw, json)
Hash identifier: LPqTjr+Rn3gWalW2zEZZSsY8sTy24O82c+SL3GJe6gM=
Subject key identifier: 62:40:FC:99:95:B5:C6:0D:A4:CD:AB:67:55:87:23:DB:5F:1D:7A:AB
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1148
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YkD8mZW1xg2kzatnVYcj218deqs.roa
Signing time: Mon 07 Aug 2023 07:52:42 +0000
ROA not before: Mon 07 Aug 2023 07:52:42 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9311
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4424 (0x1148)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Aug 7 07:52:42 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6240FC9995B5C60DA4CDAB67558723DB5F1D7AAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bf:37:e7:af:45:6c:0e:a1:02:50:d0:42:5a:
c3:96:a8:50:d2:2b:e8:89:2c:65:90:4e:99:eb:19:
d6:ce:bc:0f:3a:9f:ad:95:d9:2b:9f:95:e4:d3:fa:
e8:0e:69:ff:82:26:44:78:8c:97:b3:9b:46:4a:d7:
f6:80:21:a0:0e:12:67:b6:ee:c7:6d:90:2a:14:c6:
26:f6:53:f1:41:98:fe:04:f4:61:c0:03:40:1e:90:
64:a5:03:da:5a:6d:56:58:e4:2b:01:dc:4f:43:52:
d8:0c:b0:9b:1a:61:a6:30:e5:a7:92:cc:94:57:02:
b5:5f:cf:7f:2c:33:08:ea:78:09:42:d7:76:9f:29:
18:b1:d6:6e:75:8b:ff:0e:0b:91:18:73:b5:57:fc:
29:af:d8:5f:b6:c3:7e:9c:ba:ba:f1:a0:95:02:22:
3f:6c:90:51:eb:d8:a5:be:46:c6:24:cb:4b:63:8a:
2e:a6:3c:05:82:b9:84:01:2a:81:5b:1c:11:31:3f:
9b:21:07:d5:37:64:e5:bd:2c:fd:be:95:b9:ca:f7:
4a:60:f3:fb:b6:19:b5:e9:55:7c:7d:18:b1:0f:25:
4d:a9:c8:b4:8c:ed:27:27:f5:18:97:f4:27:30:4f:
31:4c:9c:d4:38:4a:4c:27:24:bd:40:ae:cc:22:69:
1d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:40:FC:99:95:B5:C6:0D:A4:CD:AB:67:55:87:23:DB:5F:1D:7A:AB
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YkD8mZW1xg2kzatnVYcj218deqs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
97:5d:80:c2:59:66:10:a5:0c:1c:3c:8a:55:7a:8c:5b:3f:e8:
39:24:30:05:5a:e2:09:4b:f2:9b:69:af:27:62:16:b6:1b:57:
cd:56:86:69:a2:25:30:bf:d4:b8:f6:83:d5:7f:46:c0:d3:4d:
ac:a8:92:c2:8f:7d:48:65:67:94:95:d8:d7:8c:f4:49:94:02:
9a:04:63:8f:8c:a7:d8:7d:76:fa:c7:8c:ac:e1:7d:cb:19:ce:
47:f8:89:43:0d:00:dd:8f:3c:a2:af:88:76:1b:ad:c5:3e:6d:
f9:f6:cf:00:87:4a:9d:c1:f3:87:84:f6:ef:7a:5c:ce:58:72:
f0:83:a0:eb:b0:37:87:bc:22:5b:13:92:2b:9d:1d:af:1b:1c:
8a:37:3a:ac:ce:88:09:52:88:51:97:95:d5:9a:b9:5f:42:87:
00:d6:04:a9:d1:78:bb:d7:1b:0f:98:c7:69:14:ab:54:e0:2c:
4b:96:8f:03:13:c4:4e:95:80:29:35:53:76:4b:81:ac:89:6e:
b3:ea:1f:10:44:77:10:0e:c2:fe:0a:16:e1:9e:22:0f:30:fc:
e5:2c:1e:fd:8c:0b:83:2a:54:b1:fc:94:a8:8e:d2:65:f3:8f:
75:2d:03:23:47:f4:55:9f:72:d1:b1:b8:58:db:86:dc:45:ff:
be:f0:c9:ca
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDcw
NzUyNDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYyNDBGQzk5OTVCNUM2
MERBNENEQUI2NzU1ODcyM0RCNUYxRDdBQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxvzfnr0VsDqECUNBCWsOWqFDSK+iJLGWQTpnrGdbOvA86n62V
2SufleTT+ugOaf+CJkR4jJezm0ZK1/aAIaAOEme27sdtkCoUxib2U/FBmP4E9GHA
A0AekGSlA9pabVZY5CsB3E9DUtgMsJsaYaYw5aeSzJRXArVfz38sMwjqeAlC13af
KRix1m51i/8OC5EYc7VX/Cmv2F+2w36currxoJUCIj9skFHr2KW+RsYky0tjii6m
PAWCuYQBKoFbHBExP5shB9U3ZOW9LP2+lbnK90pg8/u2GbXpVXx9GLEPJU2pyLSM
7Scn9RiX9CcwTzFMnNQ4SkwnJL1ArswiaR2RAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYkD8mZW1xg2kzatnVYcj218deqswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWWtEOG1aVzF4ZzJremF0blZZY2oy
MThkZXFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAl12AwllmEKUMHDyKVXqMWz/oOSQwBVriCUvym2mv
J2IWthtXzVaGaaIlML/UuPaD1X9GwNNNrKiSwo99SGVnlJXY14z0SZQCmgRjj4yn
2H12+seMrOF9yxnOR/iJQw0A3Y88oq+IdhutxT5t+fbPAIdKncHzh4T273pczlhy
8IOg67A3h7wiWxOSK50drxscijc6rM6ICVKIUZeV1Zq5X0KHANYEqdF4u9cbD5jH
aRSrVOAsS5aPAxPETpWAKTVTdkuBrIlus+ofEER3EA7C/goW4Z4iDzD85Swe/YwL
gypUsfyUqI7SZfOPdS0DI0f0VZ9y0bG4WNuG3EX/vvDJyg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:45 2023 by rpki-client on console-fra.rpki-client.org