Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kf4fM_Vd-w4QpHEzl-KjDTvivhU.roa
File: kf4fM_Vd-w4QpHEzl-KjDTvivhU.roa (raw, json)
Hash identifier: 9yAo99N0kdNRe1ajWw7qjgBNaFwsM6+YqVnEjXCskNI=
Subject key identifier: 91:FE:1F:33:F5:5D:FB:0E:10:A4:71:33:97:E2:A3:0D:3B:E2:BE:15
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 103A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kf4fM_Vd-w4QpHEzl-KjDTvivhU.roa
Signing time: Tue 16 May 2023 08:35:54 +0000
ROA not before: Tue 16 May 2023 08:35:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 218.187.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4154 (0x103a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:35:54 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=91FE1F33F55DFB0E10A4713397E2A30D3BE2BE15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:38:c7:df:4f:41:c7:39:66:93:54:60:a8:
66:21:d3:0b:61:e8:50:77:e0:6d:60:72:e2:c2:20:
46:38:6f:4d:3f:ba:c3:65:d8:36:44:e0:3a:f9:fc:
13:4b:c6:ac:89:a5:e2:f0:f8:03:59:ab:12:9e:d7:
51:f6:6b:e1:f1:f9:45:f1:3a:ac:5c:b5:2e:4e:46:
28:24:66:28:7a:c8:87:21:54:a1:2c:d6:b9:f5:db:
a7:c1:fb:08:e7:37:d9:c6:b6:9c:94:b6:cc:f6:23:
ef:df:57:ad:11:7d:4e:b2:50:50:ce:d1:bf:86:06:
11:e5:69:61:a3:35:0f:63:df:50:06:c7:13:62:07:
2c:8d:84:78:05:38:25:0b:07:fb:ad:64:2f:0f:ae:
77:65:d7:93:2e:2c:52:14:87:74:c7:03:e5:29:4b:
0d:d8:f9:d6:07:3f:b8:71:1b:77:14:e2:30:a2:41:
96:a1:69:ff:8a:11:01:7b:2b:86:73:82:42:a5:c2:
32:8a:8d:9b:a6:78:3f:c2:a1:15:4e:6b:35:f0:e7:
57:71:74:1b:9e:35:cf:c7:ac:a9:af:8d:29:22:f6:
2a:63:43:b0:3a:7a:c3:4c:a2:75:ac:25:74:91:a2:
d6:1d:69:9f:3a:00:bb:2d:ff:84:71:bf:06:2b:5e:
be:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FE:1F:33:F5:5D:FB:0E:10:A4:71:33:97:E2:A3:0D:3B:E2:BE:15
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kf4fM_Vd-w4QpHEzl-KjDTvivhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.187.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8f:66:15:e3:84:eb:69:9c:f9:b3:ad:f1:b7:63:7c:89:80:39:
75:ad:03:d1:4a:d7:28:1e:8e:68:aa:08:0c:a6:92:df:68:e4:
39:ae:f9:44:4d:53:12:0d:6d:72:de:c4:ac:bc:a3:ce:0d:5c:
e1:97:56:88:9f:55:5e:42:85:c0:67:97:13:30:9d:a0:4a:de:
98:a0:e3:02:cb:57:aa:ae:57:c8:2a:90:19:ac:ba:3e:9a:6f:
7b:a8:26:04:af:9c:59:85:44:4a:2a:bf:70:8c:3f:28:cf:cf:
35:e7:f4:f7:41:c2:0b:37:a8:aa:49:e2:19:21:7c:50:75:b8:
e9:c7:3f:8c:95:39:1a:4e:e9:8f:8b:3b:17:5e:a7:fe:49:8d:
18:13:6e:8d:7e:5a:19:e7:5f:be:f2:55:b5:30:68:ad:7c:42:
99:c8:da:b9:56:16:e0:fb:a2:95:82:ee:72:20:8c:01:54:87:
9c:39:3b:ab:98:01:3b:13:93:8f:67:82:fd:a1:82:ef:f3:7f:
db:47:a4:a2:b2:3f:47:c3:68:f6:aa:6c:46:96:0b:82:f9:7e:
ab:e7:0b:06:ab:69:0d:02:68:b7:e3:15:f5:31:1c:b7:60:a3:
4e:fd:e6:03:54:d1:2b:35:e5:b9:f0:4b:0e:57:f9:a7:f9:66:
12:f9:cf:22
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkxRkUxRjMzRjU1REZC
MEUxMEE0NzEzMzk3RTJBMzBEM0JFMkJFMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF8TjH309Bxzlmk1RgqGYh0wth6FB34G1gcuLCIEY4b00/usNl
2DZE4Dr5/BNLxqyJpeLw+ANZqxKe11H2a+Hx+UXxOqxctS5ORigkZih6yIchVKEs
1rn126fB+wjnN9nGtpyUtsz2I+/fV60RfU6yUFDO0b+GBhHlaWGjNQ9j31AGxxNi
ByyNhHgFOCULB/utZC8Prndl15MuLFIUh3THA+UpSw3Y+dYHP7hxG3cU4jCiQZah
af+KEQF7K4ZzgkKlwjKKjZumeD/CoRVOazXw51dxdBueNc/HrKmvjSki9ipjQ7A6
esNMonWsJXSRotYdaZ86ALst/4RxvwYrXr69AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUkf4fM/Vd+w4QpHEzl+KjDTvivhUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva2Y0Zk1fVmQtdzRRcEhFemwtS2pE
VHZpdmhVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANq7MA0G
CSqGSIb3DQEBCwUAA4IBAQCPZhXjhOtpnPmzrfG3Y3yJgDl1rQPRStcoHo5oqggM
ppLfaOQ5rvlETVMSDW1y3sSsvKPODVzhl1aIn1VeQoXAZ5cTMJ2gSt6YoOMCy1eq
rlfIKpAZrLo+mm97qCYEr5xZhURKKr9wjD8oz8815/T3QcILN6iqSeIZIXxQdbjp
xz+MlTkaTumPizsXXqf+SY0YE26NfloZ51++8lW1MGitfEKZyNq5Vhbg+6KVgu5y
IIwBVIecOTurmAE7E5OPZ4L9oYLv83/bR6Sisj9Hw2j2qmxGlguC+X6r5wsGq2kN
Ami34xX1MRy3YKNO/eYDVNErNeW58EsOV/mn+WYS+c8i
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:18 2023 by rpki-client on console-ams.rpki-client.org