Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/TK1JKfV8hAtbiEM_XGUbsaQMBNA.roa
File: TK1JKfV8hAtbiEM_XGUbsaQMBNA.roa (raw, json)
Hash identifier: tznV0pbqrPw4vNgSp9El0GaXLNW5kZSCLA9EIOxjIX4=
Subject key identifier: 4C:AD:49:29:F5:7C:84:0B:5B:88:43:3F:5C:65:1B:B1:A4:0C:04:D0
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B4B
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/TK1JKfV8hAtbiEM_XGUbsaQMBNA.roa
Signing time: Thu 15 Dec 2022 02:56:56 +0000
ROA not before: Thu 15 Dec 2022 02:56:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.16.0/21 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2891 (0xb4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:56:56 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4CAD4929F57C840B5B88433F5C651BB1A40C04D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:30:9a:f2:eb:61:50:d7:90:d1:43:a2:9d:4d:
1a:c8:92:ae:5f:57:01:d5:cf:99:f4:9e:37:bf:92:
b3:69:2c:81:30:1d:a1:75:33:45:60:4e:e0:3b:b4:
6e:0e:78:59:d7:d8:87:47:e1:0b:81:3b:e6:84:6b:
60:db:36:f3:0a:2b:bf:39:67:a4:d9:f6:f9:bb:85:
ea:b6:b2:a8:37:5b:4a:0f:3e:82:04:dd:9a:3c:70:
55:db:69:7f:d4:96:b1:b0:1e:ed:68:4c:df:90:b5:
26:18:bc:0b:08:6f:56:08:55:91:be:20:0e:5e:e7:
ca:54:2b:00:47:5f:41:1a:a1:a4:9d:06:27:f7:d5:
3f:56:d3:91:d6:88:3f:4c:2c:ff:d6:f4:d2:40:22:
f6:aa:34:c5:5c:71:ad:6b:91:75:64:0c:5c:81:9e:
b2:84:15:a1:a7:23:69:3e:50:bd:aa:dc:01:96:74:
55:0c:fc:05:ca:7f:a2:46:9c:52:d4:de:19:aa:df:
e6:7d:33:66:d8:2f:37:3c:04:57:94:39:55:c6:13:
c5:e3:62:90:b4:a4:e7:c1:f7:99:28:88:46:b0:f7:
76:0a:32:38:87:73:ea:ef:45:87:aa:b7:3c:c7:55:
71:e4:fe:b7:7c:06:20:72:8e:7a:a2:3f:2a:4a:9a:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AD:49:29:F5:7C:84:0B:5B:88:43:3F:5C:65:1B:B1:A4:0C:04:D0
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/TK1JKfV8hAtbiEM_XGUbsaQMBNA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
58:e7:42:94:bc:62:e6:68:7a:28:00:54:f5:4a:5f:3d:b6:0e:
c8:b4:42:68:c3:27:a2:d3:fc:a8:07:71:97:a3:5e:cf:da:9f:
1f:ea:bf:4b:bb:42:bd:71:20:18:ae:a5:1b:76:7e:c4:be:54:
ae:0c:f1:60:30:d4:5f:dc:cd:b5:f2:31:70:13:10:66:2a:80:
a3:c1:21:74:1a:f8:0f:da:a8:40:d7:f6:7c:0b:21:66:3a:69:
33:81:d3:18:ed:89:ba:0e:1f:d0:42:4b:8a:43:f9:34:8a:45:
9c:f7:b3:92:c5:71:c9:e8:fc:a5:82:a8:2d:7a:ef:9d:29:77:
71:f9:8f:c8:2a:eb:39:34:3a:7d:56:a1:16:4e:4c:0b:e5:de:
b9:5c:93:f7:85:2b:0b:bb:07:1d:ef:9a:d2:92:90:d3:d8:5f:
12:58:90:80:44:f3:14:5b:1a:36:49:be:c5:f3:43:6e:e0:78:
1f:e2:f3:d3:4a:e4:3b:73:b5:a6:27:9a:7a:0e:11:fb:5d:28:
93:dd:20:77:d7:88:cf:03:b0:09:e1:05:8f:b2:12:24:65:df:
bb:90:2b:ed:c5:b9:f6:9c:44:6e:bb:4b:e5:08:fb:c0:93:d1:
33:c6:48:58:b7:9d:4d:53:c8:0b:3c:9e:df:66:da:f1:54:70:
62:05:32:cf
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU2NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRDQUQ0OTI5RjU3Qzg0
MEI1Qjg4NDMzRjVDNjUxQkIxQTQwQzA0RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtMJry62FQ15DRQ6KdTRrIkq5fVwHVz5n0nje/krNpLIEwHaF1
M0VgTuA7tG4OeFnX2IdH4QuBO+aEa2DbNvMKK785Z6TZ9vm7heq2sqg3W0oPPoIE
3Zo8cFXbaX/UlrGwHu1oTN+QtSYYvAsIb1YIVZG+IA5e58pUKwBHX0EaoaSdBif3
1T9W05HWiD9MLP/W9NJAIvaqNMVcca1rkXVkDFyBnrKEFaGnI2k+UL2q3AGWdFUM
/AXKf6JGnFLU3hmq3+Z9M2bYLzc8BFeUOVXGE8XjYpC0pOfB95koiEaw93YKMjiH
c+rvRYeqtzzHVXHk/rd8BiByjnqiPypKmrnDAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUTK1JKfV8hAtbiEM/XGUbsaQMBNAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9USzFKS2ZWOGhBdGJpRU1fWEdV
YnNhUU1CTkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBY50KUvGLmaHooAFT1Sl89tg7ItEJowyei0/yo
B3GXo17P2p8f6r9Lu0K9cSAYrqUbdn7EvlSuDPFgMNRf3M218jFwExBmKoCjwSF0
GvgP2qhA1/Z8CyFmOmkzgdMY7Ym6Dh/QQkuKQ/k0ikWc97OSxXHJ6Pylgqgteu+d
KXdx+Y/IKus5NDp9VqEWTkwL5d65XJP3hSsLuwcd75rSkpDT2F8SWJCARPMUWxo2
Sb7F80Nu4Hgf4vPTSuQ7c7WmJ5p6DhH7XSiT3SB314jPA7AJ4QWPshIkZd+7kCvt
xbn2nERuu0vlCPvAk9EzxkhYt51NU8gLPJ7fZtrxVHBiBTLP
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:54:36 2023 by rpki-client on console-ams.rpki-client.org