Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/sr6u4NsgEmFAPSlOeRecglO8ZrM.roa
File: sr6u4NsgEmFAPSlOeRecglO8ZrM.roa (raw, json)
Hash identifier: 4KV0GjiXUmjWVU+2QXR1K/bWPjZXk2onyy66lPLHXYU=
Subject key identifier: B2:BE:AE:E0:DB:20:12:61:40:3D:29:4E:79:17:9C:82:53:BC:66:B3
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B3C
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/sr6u4NsgEmFAPSlOeRecglO8ZrM.roa
Signing time: Thu 15 Dec 2022 02:56:52 +0000
ROA not before: Thu 15 Dec 2022 02:56:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 124.155.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2876 (0xb3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 15 02:56:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B2BEAEE0DB201261403D294E79179C8253BC66B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b6:ec:20:b1:e6:89:e5:d0:8c:e5:23:55:a2:
09:ff:63:c1:33:13:4a:18:f6:4b:70:ce:bc:85:3e:
a9:76:89:5e:f7:18:d9:86:be:94:b1:d9:ce:74:7d:
6a:38:c2:80:18:fa:c0:d7:6e:57:4d:10:98:1f:62:
69:d1:49:02:80:84:40:ca:47:29:b0:3f:71:54:6d:
94:b0:d4:26:bd:fa:4a:68:ed:29:bb:c4:42:21:61:
91:62:d2:91:d1:e7:5e:d9:28:39:2c:be:f1:ba:b2:
24:f9:6b:5a:08:cd:26:0d:a3:a1:0c:16:26:9d:b6:
ea:b7:78:e3:0d:28:c4:e6:fc:5a:a1:56:e2:20:18:
cd:91:3d:b1:26:af:a3:35:79:df:3f:07:1e:1e:8e:
83:ff:99:d0:b1:28:12:b6:ad:99:cf:e8:83:2e:6c:
f4:1e:63:9b:7d:0f:49:25:1a:d3:75:a8:6a:7c:f2:
68:c3:22:d1:4e:a6:4b:10:66:18:7b:52:4f:d4:80:
30:0b:fb:9b:36:9d:cf:0e:5d:61:8e:cb:45:f3:6a:
bd:df:f8:b9:10:64:4e:cd:f7:f0:c7:85:9d:a6:ef:
22:20:0d:73:8f:13:33:b7:c4:fa:5c:57:db:82:33:
1c:a4:3e:1b:97:33:c9:a7:49:6f:a3:3b:f5:04:11:
9c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BE:AE:E0:DB:20:12:61:40:3D:29:4E:79:17:9C:82:53:BC:66:B3
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/sr6u4NsgEmFAPSlOeRecglO8ZrM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/21
Signature Algorithm: sha256WithRSAEncryption
85:cc:92:3a:0b:89:f9:c3:d2:5f:eb:e2:cc:cf:47:a7:9c:30:
ca:b4:fe:1e:ae:21:7b:d3:e6:31:9a:86:fe:b3:04:a6:7b:a5:
d0:7e:db:3b:0f:16:3d:ef:d3:c0:9a:93:a1:7d:39:66:e0:9a:
b3:4f:31:e4:05:cb:99:2e:a7:bc:4d:bc:92:6e:3e:9a:a0:cb:
93:a5:ac:32:38:1c:86:63:ae:7c:5e:e5:5f:ea:18:74:05:76:
c0:71:04:40:ee:f4:3c:20:09:ac:ed:09:44:c6:dc:52:ae:ae:
74:d8:87:c3:80:4e:4f:a9:f8:e1:72:51:64:1e:85:87:23:0f:
df:55:e0:14:c4:f0:d2:99:44:ec:07:65:61:71:ad:78:6d:33:
02:6d:ef:30:68:27:d0:b8:cc:e9:52:cf:39:79:e1:83:1d:4b:
a4:6e:27:ad:77:af:85:ea:10:f6:9b:fd:3a:38:05:6f:33:1b:
d4:46:d0:37:e9:a0:10:77:27:52:11:e2:83:2e:bc:3e:ae:20:
42:b8:b4:2c:ef:a8:ec:41:3f:be:22:c2:01:3e:3f:f8:bf:f0:
b9:40:54:c9:b2:9b:04:d9:da:e8:55:c5:af:bb:b0:46:c5:ba:
47:0a:ef:da:19:c5:6a:da:29:5b:7a:ec:68:bc:77:6b:a2:37:
2e:56:2d:ab
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTUw
MjU2NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEIyQkVBRUUwREIyMDEy
NjE0MDNEMjk0RTc5MTc5QzgyNTNCQzY2QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDItuwgseaJ5dCM5SNVogn/Y8EzE0oY9ktwzryFPql2iV73GNmG
vpSx2c50fWo4woAY+sDXbldNEJgfYmnRSQKAhEDKRymwP3FUbZSw1Ca9+kpo7Sm7
xEIhYZFi0pHR517ZKDksvvG6siT5a1oIzSYNo6EMFiadtuq3eOMNKMTm/FqhVuIg
GM2RPbEmr6M1ed8/Bx4ejoP/mdCxKBK2rZnP6IMubPQeY5t9D0klGtN1qGp88mjD
ItFOpksQZhh7Uk/UgDAL+5s2nc8OXWGOy0Xzar3f+LkQZE7N9/DHhZ2m7yIgDXOP
EzO3xPpcV9uCMxykPhuXM8mnSW+jO/UEEZxVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUsr6u4NsgEmFAPSlOeRecglO8ZrMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9zcjZ1NE5zZ0VtRkFQU2xPZVJl
Y2dsTzhack0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQCFzJI6C4n5w9Jf6+LMz0ennDDKtP4eriF70+Yx
mob+swSme6XQfts7DxY979PAmpOhfTlm4JqzTzHkBcuZLqe8TbySbj6aoMuTpawy
OByGY658XuVf6hh0BXbAcQRA7vQ8IAms7QlExtxSrq502IfDgE5PqfjhclFkHoWH
Iw/fVeAUxPDSmUTsB2Vhca14bTMCbe8waCfQuMzpUs85eeGDHUukbietd6+F6hD2
m/06OAVvMxvURtA36aAQdydSEeKDLrw+riBCuLQs76jsQT++IsIBPj/4v/C5QFTJ
spsE2droVcWvu7BGxbpHCu/aGcVq2ilbeuxovHdrojcuVi2r
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:54:36 2023 by rpki-client on console-ams.rpki-client.org