Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/wTYRzjh71mDO8l83XtIUxrSQZfg.roa
File: wTYRzjh71mDO8l83XtIUxrSQZfg.roa (raw, json)
Hash identifier: hhC5VFJ6NxOd0Gftd4s1RO8ELjr0/WH68602MMgVtZQ=
Subject key identifier: C1:36:11:CE:38:7B:D6:60:CE:F2:5F:37:5E:D2:14:C6:B4:90:65:F8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10C7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wTYRzjh71mDO8l83XtIUxrSQZfg.roa
Signing time: Tue 16 May 2023 08:36:37 +0000
ROA not before: Tue 16 May 2023 08:36:37 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 7482
IP address blocks: 218.35.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4295 (0x10c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:37 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C13611CE387BD660CEF25F375ED214C6B49065F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e5:3d:9e:35:4e:e9:14:1f:7b:4a:f4:1e:97:
a1:3a:7f:86:25:9e:37:c3:e3:a9:aa:3b:87:72:2b:
7e:a6:37:82:99:87:f3:ff:0a:3f:ab:6c:ff:7a:5e:
63:2b:19:ae:b0:ef:e3:45:7e:9a:6e:7a:92:36:1f:
ba:80:d4:8f:aa:52:ba:52:31:e3:a5:bf:43:56:6c:
99:87:6f:f9:df:0a:94:85:a0:0d:e9:66:1a:75:de:
2e:85:8a:b5:3c:32:b3:81:ae:6d:82:7f:0c:6b:63:
68:8a:de:59:e0:1c:df:6c:14:6e:5b:6a:e8:4f:3f:
17:a4:db:93:f1:05:82:51:64:6e:c5:77:36:ca:cc:
0e:f1:2f:6b:8f:cc:d0:a6:32:a0:9c:17:f1:09:b9:
3e:48:56:9a:7c:b8:01:c9:cb:f2:79:2a:30:ba:9c:
a2:7b:ad:87:98:1e:05:7d:51:0e:70:4f:3a:dd:c5:
90:7f:dc:45:42:a1:f0:bc:1d:25:19:b7:20:ad:e3:
6c:b5:f4:e9:54:38:09:d8:cb:45:27:73:b7:e5:90:
c8:20:1c:f1:ff:5c:c4:61:b7:33:82:ff:3b:e0:b8:
30:da:1a:a3:d6:bb:cc:a9:40:91:6c:9f:e5:73:50:
ce:fa:49:02:44:bc:aa:b7:9d:bc:72:60:fe:a9:79:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:36:11:CE:38:7B:D6:60:CE:F2:5F:37:5E:D2:14:C6:B4:90:65:F8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wTYRzjh71mDO8l83XtIUxrSQZfg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:d8:6e:7d:07:84:a0:43:a4:4e:a2:09:12:2a:43:88:97:5d:
9e:fd:ed:5d:6c:b8:50:da:d5:12:76:42:46:21:a9:3a:79:31:
b1:ea:73:8a:e3:0d:01:eb:8c:ae:ea:0d:fc:79:fb:23:83:1b:
8f:1f:81:53:08:ff:41:90:e4:5f:1a:1f:a4:fe:bd:81:88:6d:
34:c3:8d:60:82:f9:46:ad:6f:9f:95:2f:52:2c:8d:27:c7:8a:
56:c5:64:3b:33:2e:83:cb:3a:1b:de:50:10:ad:86:c1:24:dd:
98:81:56:13:03:11:32:9d:f8:9c:30:09:b1:37:20:c1:e3:8b:
84:83:ff:63:2a:15:91:b4:a4:f7:e2:18:67:85:44:be:2c:73:
3a:5d:06:d8:22:ed:80:b0:2f:b1:fd:15:33:06:17:0c:4d:10:
39:d2:d6:39:21:62:f9:dc:6b:7a:74:5f:36:9b:60:69:f2:79:
9d:1a:b2:6f:60:cc:44:a7:c4:7e:e3:70:f0:1a:1a:16:53:4d:
88:82:9a:bd:16:d8:82:96:cd:f6:9e:cf:ba:aa:ce:08:27:a1:
47:64:bd:7e:b8:76:cd:df:1d:3f:43:25:13:53:42:88:0a:33:
7a:b8:52:86:fa:43:65:14:16:15:f0:e3:64:a4:4b:5f:9e:10:
e7:7b:5e:c2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEMxMzYxMUNFMzg3QkQ2
NjBDRUYyNUYzNzVFRDIxNEM2QjQ5MDY1RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC95T2eNU7pFB97SvQel6E6f4YlnjfD46mqO4dyK36mN4KZh/P/
Cj+rbP96XmMrGa6w7+NFfppuepI2H7qA1I+qUrpSMeOlv0NWbJmHb/nfCpSFoA3p
Zhp13i6FirU8MrOBrm2CfwxrY2iK3lngHN9sFG5bauhPPxek25PxBYJRZG7FdzbK
zA7xL2uPzNCmMqCcF/EJuT5IVpp8uAHJy/J5KjC6nKJ7rYeYHgV9UQ5wTzrdxZB/
3EVCofC8HSUZtyCt42y19OlUOAnYy0Unc7flkMggHPH/XMRhtzOC/zvguDDaGqPW
u8ypQJFsn+VzUM76SQJEvKq3nbxyYP6peaM/AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUwTYRzjh71mDO8l83XtIUxrSQZfgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvd1RZUnpqaDcxbURPOGw4M1h0SVV4
clNRWmZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANojMA0G
CSqGSIb3DQEBCwUAA4IBAQBl2G59B4SgQ6ROogkSKkOIl12e/e1dbLhQ2tUSdkJG
Iak6eTGx6nOK4w0B64yu6g38efsjgxuPH4FTCP9BkORfGh+k/r2BiG00w41ggvlG
rW+flS9SLI0nx4pWxWQ7My6Dyzob3lAQrYbBJN2YgVYTAxEynficMAmxNyDB44uE
g/9jKhWRtKT34hhnhUS+LHM6XQbYIu2AsC+x/RUzBhcMTRA50tY5IWL53Gt6dF82
m2Bp8nmdGrJvYMxEp8R+43DwGhoWU02Igpq9FtiCls32ns+6qs4IJ6FHZL1+uHbN
3x0/QyUTU0KICjN6uFKG+kNlFBYV8ONkpEtfnhDne17C
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:37:46 2023 by rpki-client on console-fra.rpki-client.org