Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZtqyQGMhz27aOEwL11dP1TLTRNs.roa
File: ZtqyQGMhz27aOEwL11dP1TLTRNs.roa (raw, json)
Hash identifier: Js/JB4uUznjDIVHYNdzNbVTNU2Xo6vwztfZAgdSA3Rg=
Subject key identifier: 66:DA:B2:40:63:21:CF:6E:DA:38:4C:0B:D7:57:4F:D5:32:D3:44:DB
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B3E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZtqyQGMhz27aOEwL11dP1TLTRNs.roa
Signing time: Thu 15 Dec 2022 02:56:53 +0000
ROA not before: Thu 15 Dec 2022 02:56:53 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 27.147.32.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2878 (0xb3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:56:53 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=66DAB2406321CF6EDA384C0BD7574FD532D344DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:5a:23:01:b4:9e:a4:8b:4a:ee:e5:ef:77:
a4:04:11:87:3f:60:12:8b:4e:ee:6f:0b:b5:3f:e8:
16:45:dd:98:e1:be:98:fa:a0:47:8a:de:50:4e:c1:
83:98:1a:46:ac:a1:b1:e8:98:8d:2c:7f:be:3d:83:
a5:d8:b1:30:ab:77:6a:9a:cb:9b:c6:db:4c:e0:a7:
79:3b:20:a5:9a:a2:1c:03:84:56:fa:44:2e:0a:ce:
13:a5:87:9c:b4:92:84:01:10:98:81:16:06:71:9b:
41:83:b0:24:31:e4:d8:e9:84:cf:39:32:67:fa:82:
5c:6d:28:20:4f:5e:7c:4f:6a:b2:ca:c6:1e:d9:91:
2f:b2:f2:06:0c:1b:ce:d9:d3:a0:85:45:15:f8:2a:
dd:cc:8a:bc:dc:1f:b8:7c:b3:34:c9:95:0c:1a:97:
bf:2d:de:7d:eb:8c:7b:4e:89:07:ef:d0:f9:5a:76:
53:2e:b8:87:9c:20:25:6e:e8:b4:5e:a6:88:04:21:
9e:e8:15:5a:37:56:0e:2e:7b:78:fd:30:62:52:4e:
ca:b5:6c:5e:c5:90:2c:d6:5b:73:e1:a0:5f:ca:29:
3b:ba:1d:84:e6:8f:1d:e9:9f:4a:ac:29:64:29:3c:
e3:c2:f0:d6:08:1e:d9:6e:15:2f:85:4d:60:19:38:
c7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:DA:B2:40:63:21:CF:6E:DA:38:4C:0B:D7:57:4F:D5:32:D3:44:DB
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZtqyQGMhz27aOEwL11dP1TLTRNs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.32.0/21
Signature Algorithm: sha256WithRSAEncryption
75:e4:19:12:d8:2b:11:9c:e6:ea:f0:16:de:31:ee:19:27:5e:
a2:6f:94:68:f2:a3:88:96:c6:58:8a:c2:0a:ca:7a:69:64:ed:
b2:c9:4b:f3:35:5e:22:b3:09:c8:42:fd:59:0f:ea:21:03:e7:
d9:8b:af:5e:ef:53:bc:14:de:f4:dc:e1:51:45:01:c5:b1:41:
f6:2b:13:ae:dd:62:53:72:ee:62:01:8f:80:04:0b:00:27:48:
50:50:20:82:dd:1e:c2:cd:aa:b8:13:20:d7:71:9b:57:f9:f7:
80:e0:cc:64:db:ab:13:0c:54:dd:d7:68:5f:fa:84:51:31:84:
0e:27:f5:b1:96:16:97:5a:61:d6:01:7f:f4:56:1e:f2:c5:e6:
a4:55:6b:67:40:44:a0:29:5e:65:e7:83:23:d0:db:f2:c8:e3:
bc:2d:34:d8:06:bf:c4:b7:11:8e:64:b8:6e:c0:0b:a8:90:14:
8a:eb:66:56:cb:64:59:64:98:44:75:6f:93:5a:cf:38:c5:c6:
47:a4:31:51:0b:30:fe:ce:31:c3:11:02:d7:6e:06:18:7c:c2:
88:0c:29:97:9f:d8:4c:f4:58:23:7a:cd:df:74:54:e0:fd:6c:
10:00:9b:3f:76:69:75:e4:a1:d3:cd:ac:33:d7:5e:9b:63:5b:
2c:e3:cc:f1
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCz4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU2NTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY2REFCMjQwNjMyMUNG
NkVEQTM4NEMwQkQ3NTc0RkQ1MzJEMzQ0REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2UlojAbSepItK7uXvd6QEEYc/YBKLTu5vC7U/6BZF3Zjhvpj6
oEeK3lBOwYOYGkasobHomI0sf749g6XYsTCrd2qay5vG20zgp3k7IKWaohwDhFb6
RC4KzhOlh5y0koQBEJiBFgZxm0GDsCQx5NjphM85Mmf6glxtKCBPXnxParLKxh7Z
kS+y8gYMG87Z06CFRRX4Kt3MirzcH7h8szTJlQwal78t3n3rjHtOiQfv0PladlMu
uIecICVu6LRepogEIZ7oFVo3Vg4ue3j9MGJSTsq1bF7FkCzWW3PhoF/KKTu6HYTm
jx3pn0qsKWQpPOPC8NYIHtluFS+FTWAZOMfvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZtqyQGMhz27aOEwL11dP1TLTRNswHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9adHF5UUdNaHoyN2FPRXdMMTFk
UDFUTFRSTnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mg
MA0GCSqGSIb3DQEBCwUAA4IBAQB15BkS2CsRnObq8BbeMe4ZJ16ib5Ro8qOIlsZY
isIKynppZO2yyUvzNV4iswnIQv1ZD+ohA+fZi69e71O8FN703OFRRQHFsUH2KxOu
3WJTcu5iAY+ABAsAJ0hQUCCC3R7Czaq4EyDXcZtX+feA4Mxk26sTDFTd12hf+oRR
MYQOJ/WxlhaXWmHWAX/0Vh7yxeakVWtnQESgKV5l54Mj0NvyyOO8LTTYBr/EtxGO
ZLhuwAuokBSK62ZWy2RZZJhEdW+TWs84xcZHpDFRCzD+zjHDEQLXbgYYfMKIDCmX
n9hM9Fgjes3fdFTg/WwQAJs/dml15KHTzawz116bY1ss48zx
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:54:36 2023 by rpki-client on console-ams.rpki-client.org