Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/r8VSmcZwUgsJ0G-dplIZ5b0D63w.roa
File: r8VSmcZwUgsJ0G-dplIZ5b0D63w.roa (raw, json)
Hash identifier: xLnIPUfbYYAM9VoYd2aIJ/g8zW4l/D+TgKiqf8iezEk=
Subject key identifier: AF:C5:52:99:C6:70:52:0B:09:D0:6F:9D:A6:52:19:E5:BD:03:EB:7C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1090
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/r8VSmcZwUgsJ0G-dplIZ5b0D63w.roa
Signing time: Tue 16 May 2023 08:36:21 +0000
ROA not before: Tue 16 May 2023 08:36:21 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4240 (0x1090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:21 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AFC55299C670520B09D06F9DA65219E5BD03EB7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:a8:28:39:4d:47:7d:ee:6b:34:e2:40:37:
1c:50:4e:07:43:85:6e:d5:68:35:2d:57:e1:a1:dc:
0b:58:34:5c:89:b2:88:af:38:ce:f4:66:b3:a4:30:
1a:f9:c8:e3:6d:81:65:85:c0:ef:ba:6e:48:29:f0:
b6:a5:51:c4:ff:3f:ce:57:12:57:88:da:34:32:10:
73:8e:17:e1:ec:1f:f9:4e:f4:fa:8b:9d:42:f7:5d:
ab:7a:d9:19:fe:7c:e9:11:9e:4b:2b:61:cf:41:82:
46:c9:1d:ed:d0:34:3e:ed:85:93:c1:a8:cc:26:b3:
82:2e:87:8f:04:7f:fe:28:5c:b2:69:99:00:c2:67:
8b:b1:2e:9d:73:29:da:89:59:0c:bc:05:ae:72:43:
9a:6b:57:fa:4b:af:ff:f0:b7:52:81:5f:68:11:5e:
3f:18:60:c2:65:b2:a6:b8:fe:9b:8e:b0:a5:14:4f:
5d:77:d2:1c:7f:f0:36:58:1b:4e:1e:18:1e:db:97:
84:53:55:39:15:25:35:4e:2a:6d:58:7a:19:16:9d:
6e:f7:4e:3b:18:89:42:a0:85:8a:ae:0a:66:d4:de:
b1:f8:62:2b:f9:1d:98:f1:34:9a:6e:f9:d0:e1:4a:
b0:e3:58:e0:1f:0d:46:45:b4:05:39:3a:d1:77:90:
4f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C5:52:99:C6:70:52:0B:09:D0:6F:9D:A6:52:19:E5:BD:03:EB:7C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/r8VSmcZwUgsJ0G-dplIZ5b0D63w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
74:0c:86:4f:e7:7e:7a:4f:6f:64:44:8d:f6:c6:58:a1:cd:bc:
5f:ce:f1:67:fa:20:82:71:c5:4a:76:80:8f:25:2d:2f:a6:10:
5a:62:21:ed:81:0e:02:12:2d:44:9f:08:cf:ba:70:aa:4d:5c:
74:aa:97:09:70:88:01:96:eb:bc:f2:2b:10:d6:1b:3d:8a:b0:
03:64:24:a8:33:61:03:23:05:fc:03:d6:4b:a4:53:76:30:e5:
3f:dd:8b:dd:70:49:bb:5e:18:4d:21:0f:ef:ea:cb:70:97:2e:
b9:f0:53:2a:69:78:4d:6d:fb:11:36:54:11:4e:e4:df:f2:dd:
a9:64:c1:81:8a:28:00:9c:c5:59:3f:00:f5:a2:b4:46:c0:3b:
90:fb:1b:13:a8:e0:ac:bc:48:31:d2:6e:9a:cc:87:5c:21:ec:
b8:43:e9:7c:ae:23:13:75:35:4b:21:48:5c:31:8c:e7:d5:a6:
c7:c4:e4:23:3a:a5:d8:1e:0e:95:9e:1e:f9:0f:78:cd:e9:8c:
d0:54:e8:69:f7:bf:b7:51:fb:ec:a2:71:07:69:f7:cd:8f:13:
f3:7e:7b:3e:95:cb:11:f0:18:7b:7c:3e:6c:f6:e3:bd:28:a0:
56:da:e3:e4:0e:e9:c9:c6:9d:84:06:3d:70:50:02:f6:d4:ee:
25:c9:58:2c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFGQzU1Mjk5QzY3MDUy
MEIwOUQwNkY5REE2NTIxOUU1QkQwM0VCN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJR6goOU1Hfe5rNOJANxxQTgdDhW7VaDUtV+Gh3AtYNFyJsoiv
OM70ZrOkMBr5yONtgWWFwO+6bkgp8LalUcT/P85XEleI2jQyEHOOF+HsH/lO9PqL
nUL3Xat62Rn+fOkRnksrYc9BgkbJHe3QND7thZPBqMwms4Iuh48Ef/4oXLJpmQDC
Z4uxLp1zKdqJWQy8Ba5yQ5prV/pLr//wt1KBX2gRXj8YYMJlsqa4/puOsKUUT113
0hx/8DZYG04eGB7bl4RTVTkVJTVOKm1YehkWnW73TjsYiUKghYquCmbU3rH4Yiv5
HZjxNJpu+dDhSrDjWOAfDUZFtAU5OtF3kE8/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUr8VSmcZwUgsJ0G+dplIZ5b0D63wwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcjhWU21jWndVZ3NKMEctZHBsSVo1
YjBENjN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAdAyGT+d+ek9vZESN9sZYoc28X87xZ/oggnHFSnaA
jyUtL6YQWmIh7YEOAhItRJ8Iz7pwqk1cdKqXCXCIAZbrvPIrENYbPYqwA2QkqDNh
AyMF/APWS6RTdjDlP92L3XBJu14YTSEP7+rLcJcuufBTKml4TW37ETZUEU7k3/Ld
qWTBgYooAJzFWT8A9aK0RsA7kPsbE6jgrLxIMdJumsyHXCHsuEPpfK4jE3U1SyFI
XDGM59Wmx8TkIzql2B4OlZ4e+Q94zemM0FToafe/t1H77KJxB2n3zY8T8357PpXL
EfAYe3w+bPbjvSigVtrj5A7pycadhAY9cFAC9tTuJclYLA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:19 2023 by rpki-client on console-ams.rpki-client.org