Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oY1QJjFXjftRr2pjFnQMZFdQrNQ.roa
File: oY1QJjFXjftRr2pjFnQMZFdQrNQ.roa (raw, json)
Hash identifier: PGpB/l9k8fvHkT8ZUUSFgJX3SiS/H8X+6tgm1Svr0pw=
Subject key identifier: A1:8D:50:26:31:57:8D:FB:51:AF:6A:63:16:74:0C:64:57:50:AC:D4
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10A7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oY1QJjFXjftRr2pjFnQMZFdQrNQ.roa
Signing time: Tue 16 May 2023 08:36:27 +0000
ROA not before: Tue 16 May 2023 08:36:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131591
IP address blocks: 2404:0:8000::/36 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4263 (0x10a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:27 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=A18D502631578DFB51AF6A6316740C645750ACD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:22:13:83:42:4b:20:8e:5e:33:a0:55:9e:bd:
85:e5:27:a7:cd:2b:cf:f2:69:63:a2:c6:9d:8f:ba:
41:be:8b:84:04:e9:dc:4b:85:4a:cb:42:db:27:66:
25:b6:e5:a7:79:29:a1:39:5b:5a:4d:3b:80:a9:00:
50:69:55:b0:e6:7b:b7:7b:b0:d2:68:3d:a4:ba:ab:
1c:6a:94:6b:99:de:8c:0a:2e:67:23:2d:9d:d3:ef:
44:b2:8f:7e:d8:2a:f0:50:1d:59:c7:ee:04:24:83:
59:76:ed:4a:5d:f8:c9:57:0c:89:27:93:a6:5f:be:
38:0c:f0:5b:24:e7:78:be:3b:89:df:8a:f1:c7:5a:
b2:cf:40:d2:9d:93:45:97:13:14:6b:97:d1:67:30:
dd:c6:66:7d:c5:19:61:95:da:00:c4:5c:12:7c:7a:
04:4d:fa:d0:7c:7e:8c:86:a8:a8:f3:68:58:91:fa:
19:05:2f:bb:bf:06:62:a3:3f:7d:20:a1:8c:95:f4:
6e:49:f3:a8:91:dd:19:dd:ea:e5:e7:65:8c:b6:39:
8d:76:c8:53:9f:54:2a:a8:c5:07:64:c4:b8:c4:d0:
ca:a8:18:a4:8b:fc:53:9c:09:dd:68:fd:60:7f:6e:
42:ac:76:fa:33:0b:4f:ce:63:27:67:ac:cf:9a:b7:
6e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8D:50:26:31:57:8D:FB:51:AF:6A:63:16:74:0C:64:57:50:AC:D4
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oY1QJjFXjftRr2pjFnQMZFdQrNQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:0:8000::/36
Signature Algorithm: sha256WithRSAEncryption
ae:10:ff:c1:a6:e7:c0:1b:5e:55:b0:5c:89:56:56:0f:52:8c:
dd:f5:e4:50:11:e1:b3:2b:7e:9d:f8:13:96:2e:38:60:23:09:
c5:eb:97:71:79:25:b7:ad:d8:fa:65:da:54:83:91:ee:ed:f9:
9f:fe:98:fc:7a:e1:62:f5:68:c0:ce:4f:7b:81:5f:66:b3:67:
98:ad:0d:17:d3:84:c5:ad:2b:5a:46:3c:da:62:a8:aa:d4:b0:
43:ea:21:40:e9:66:0c:42:1c:3c:24:01:72:12:2b:dd:09:6e:
ed:78:0a:23:20:1b:03:5f:89:dd:b9:06:fb:e4:c1:32:26:53:
21:3a:fa:3c:6b:f1:11:e6:53:4a:21:36:80:e7:dd:14:53:65:
4e:c2:8d:f5:60:d4:a4:0a:ea:86:92:c5:65:a9:29:7d:2b:f1:
54:1d:ef:88:92:7e:e7:42:c6:f9:7d:fe:17:69:79:09:06:20:
7d:7a:63:5e:b1:d9:d8:41:96:d2:7b:64:59:6e:bb:9e:90:4d:
8b:5c:14:19:fd:06:7c:25:b5:65:96:70:7f:ca:a1:c7:b1:42:
dd:12:71:50:77:b3:82:b3:40:28:53:f2:7f:40:ef:d1:02:f7:
46:8d:44:ae:ce:2a:cf:25:25:61:d3:a8:35:f3:aa:7e:43:0c:
68:71:59:ab
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEExOEQ1MDI2MzE1NzhE
RkI1MUFGNkE2MzE2NzQwQzY0NTc1MEFDRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBIhODQksgjl4zoFWevYXlJ6fNK8/yaWOixp2PukG+i4QE6dxL
hUrLQtsnZiW25ad5KaE5W1pNO4CpAFBpVbDme7d7sNJoPaS6qxxqlGuZ3owKLmcj
LZ3T70Syj37YKvBQHVnH7gQkg1l27Upd+MlXDIknk6ZfvjgM8Fsk53i+O4nfivHH
WrLPQNKdk0WXExRrl9FnMN3GZn3FGWGV2gDEXBJ8egRN+tB8foyGqKjzaFiR+hkF
L7u/BmKjP30goYyV9G5J86iR3Rnd6uXnZYy2OY12yFOfVCqoxQdkxLjE0MqoGKSL
/FOcCd1o/WB/bkKsdvozC0/OYydnrM+at25XAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUoY1QJjFXjftRr2pjFnQMZFdQrNQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb1kxUUpqRlhqZnRScjJwakZuUU1a
RmRRck5RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCQEAACA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuEP/BpufAG15VsFyJVlYPUozd9eRQEeGzK36d
+BOWLjhgIwnF65dxeSW3rdj6ZdpUg5Hu7fmf/pj8euFi9WjAzk97gV9ms2eYrQ0X
04TFrStaRjzaYqiq1LBD6iFA6WYMQhw8JAFyEivdCW7teAojIBsDX4nduQb75MEy
JlMhOvo8a/ER5lNKITaA590UU2VOwo31YNSkCuqGksVlqSl9K/FUHe+Ikn7nQsb5
ff4XaXkJBiB9emNesdnYQZbSe2RZbruekE2LXBQZ/QZ8JbVllnB/yqHHsULdEnFQ
d7OCs0AoU/J/QO/RAvdGjUSuzirPJSVh06g186p+QwxocVmr
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:45 2023 by rpki-client on console-fra.rpki-client.org