Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ysMyXH1n3ftPTsRzkrbfQCzgrjA.roa
File: ysMyXH1n3ftPTsRzkrbfQCzgrjA.roa (raw, json)
Hash identifier: HPLn4HMYlWIALQw209mPFf93/l10/U9h5HS7H26BULM=
Subject key identifier: CA:C3:32:5C:7D:67:DD:FB:4F:4E:C4:73:92:B6:DF:40:2C:E0:AE:30
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 106C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ysMyXH1n3ftPTsRzkrbfQCzgrjA.roa
Signing time: Tue 16 May 2023 08:36:11 +0000
ROA not before: Tue 16 May 2023 08:36:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24154
IP address blocks: 203.79.196.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4204 (0x106c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:11 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CAC3325C7D67DDFB4F4EC47392B6DF402CE0AE30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:84:8f:52:d5:32:fb:5c:e8:8a:b1:c9:95:
28:5d:dc:56:d9:7a:f0:86:7f:4e:15:36:c2:e7:52:
6b:9e:3e:7e:49:55:f6:91:b3:ea:62:af:71:0a:14:
cf:17:f6:cd:cf:80:52:39:a7:17:79:2e:27:f7:15:
c5:50:9d:09:eb:7e:f7:9f:7f:58:d9:05:56:e9:7d:
32:91:59:b5:93:d5:17:62:9c:b1:ca:34:a1:93:1c:
b6:70:df:2b:b5:9e:0d:6a:07:7e:f1:e6:59:7f:5a:
c0:48:cc:df:39:a2:13:24:0d:54:b0:7e:98:00:71:
f7:da:77:44:c1:40:9b:a1:3e:65:13:74:c7:77:d8:
8a:7b:94:24:9f:e1:fa:30:21:3c:24:70:8e:b5:0c:
3d:af:0e:8a:6c:b4:22:e8:9d:8a:5c:55:b9:11:6c:
24:d9:52:2b:80:17:77:00:3c:44:5d:34:cf:71:3a:
51:62:f3:ae:8e:e0:dc:d9:5a:99:1e:c4:58:c6:0d:
f8:8b:75:37:d6:90:67:b6:ea:7b:4d:85:d1:a9:20:
a3:2e:33:a8:4b:d2:ed:20:a5:37:f5:61:e9:ec:59:
da:94:01:f1:5e:c7:03:79:5d:54:2f:fc:c7:f4:61:
08:e4:c2:bb:ed:88:84:59:60:2c:ca:b3:0a:ce:67:
6d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C3:32:5C:7D:67:DD:FB:4F:4E:C4:73:92:B6:DF:40:2C:E0:AE:30
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ysMyXH1n3ftPTsRzkrbfQCzgrjA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.196.0/22
Signature Algorithm: sha256WithRSAEncryption
32:86:b8:fb:84:5b:b9:d0:01:c7:9d:3e:ec:21:4d:87:06:6e:
08:d6:81:a0:37:a1:e6:3c:a2:f1:46:6f:76:d6:e5:1d:f3:ad:
ee:7a:1a:bc:3a:d7:19:5c:2b:ce:cc:c9:d2:6c:50:1f:2f:81:
87:61:1c:85:70:36:9d:20:f4:df:07:b3:12:5d:07:5e:d2:c1:
d3:1b:14:eb:d5:c1:6b:8b:64:6f:3e:53:7a:48:a8:d9:15:3a:
58:86:66:95:69:e4:38:ea:16:ea:38:65:95:48:93:23:6b:9f:
ac:42:52:a2:f5:7e:d0:b5:2d:bd:3c:6b:ce:5d:4a:bf:ea:94:
1c:ef:47:ca:bc:7a:c1:d0:6f:e8:b8:54:bb:57:c3:2c:94:c6:
ac:12:e2:d8:02:a7:92:43:03:fd:0c:88:bc:dc:fd:df:5e:15:
7f:d0:bc:cf:40:51:0b:43:5c:92:9d:0d:1e:03:ae:82:26:7d:
20:2d:1c:9f:79:34:e3:f7:2f:48:94:80:b4:f6:41:89:8b:bd:
d5:92:1c:e5:8c:5a:96:e9:18:1c:66:cc:d8:6f:e2:03:ef:5f:
4d:7c:74:a6:7e:62:a8:23:ed:01:8b:38:2f:34:d5:e5:b4:6b:
71:e7:b0:02:0c:16:ea:4c:26:6f:64:3b:3c:fd:bb:6b:11:68:
5c:1c:8e:d1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENBQzMzMjVDN0Q2N0RE
RkI0RjRFQzQ3MzkyQjZERjQwMkNFMEFFMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhyYSPUtUy+1zoirHJlShd3FbZevCGf04VNsLnUmuePn5JVfaR
s+pir3EKFM8X9s3PgFI5pxd5Lif3FcVQnQnrfveff1jZBVbpfTKRWbWT1RdinLHK
NKGTHLZw3yu1ng1qB37x5ll/WsBIzN85ohMkDVSwfpgAcffad0TBQJuhPmUTdMd3
2Ip7lCSf4fowITwkcI61DD2vDopstCLonYpcVbkRbCTZUiuAF3cAPERdNM9xOlFi
866O4NzZWpkexFjGDfiLdTfWkGe26ntNhdGpIKMuM6hL0u0gpTf1YensWdqUAfFe
xwN5XVQv/Mf0YQjkwrvtiIRZYCzKswrOZ20hAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUysMyXH1n3ftPTsRzkrbfQCzgrjAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveXNNeVhIMW4zZnRQVHNSemtyYmZR
Q3pncmpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstPxDAN
BgkqhkiG9w0BAQsFAAOCAQEAMoa4+4RbudABx50+7CFNhwZuCNaBoDeh5jyi8UZv
dtblHfOt7noavDrXGVwrzszJ0mxQHy+Bh2EchXA2nSD03wezEl0HXtLB0xsU69XB
a4tkbz5Tekio2RU6WIZmlWnkOOoW6jhllUiTI2ufrEJSovV+0LUtvTxrzl1Kv+qU
HO9Hyrx6wdBv6LhUu1fDLJTGrBLi2AKnkkMD/QyIvNz9314Vf9C8z0BRC0Nckp0N
HgOugiZ9IC0cn3k04/cvSJSAtPZBiYu91ZIc5YxalukYHGbM2G/iA+9fTXx0pn5i
qCPtAYs4LzTV5bRrceewAgwW6kwmb2Q7PP27axFoXByO0Q==
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:25:19 2023 by rpki-client on console-ams.rpki-client.org