Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/EXGNbXEOSAziR9GImtEMcUv9S3k.roa
File: EXGNbXEOSAziR9GImtEMcUv9S3k.roa (raw, json)
Hash identifier: A1mzMuO5iQyek+gkpVZtrKbH1wvhWojcsP4gYMOnDps=
Subject key identifier: 11:71:8D:6D:71:0E:48:0C:E2:47:D1:88:9A:D1:0C:71:4B:FD:4B:79
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DC9
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/EXGNbXEOSAziR9GImtEMcUv9S3k.roa
Signing time: Thu 29 Dec 2022 09:31:51 +0000
ROA not before: Thu 29 Dec 2022 09:31:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 10085
IP address blocks: 223.26.96.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3529 (0xdc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:31:51 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=11718D6D710E480CE247D1889AD10C714BFD4B79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:18:91:09:b2:27:86:2d:02:95:75:bf:21:
6c:2f:2f:8a:28:90:8f:74:ef:06:c4:cd:f2:69:d6:
2b:bf:0c:1c:92:f8:6b:18:74:53:fe:e8:19:60:83:
7d:1e:bf:8e:95:ee:b1:87:34:92:4e:6b:43:15:de:
a3:1d:eb:12:23:28:84:74:7a:93:1f:1e:07:a4:31:
81:88:86:ea:7c:a8:95:43:f5:db:ee:d5:31:10:6e:
c1:5e:87:8d:28:9a:92:dd:06:ba:a9:ee:5d:80:ef:
26:de:26:a3:9f:14:a7:3f:2e:4b:f5:e3:47:d0:4f:
d2:41:c7:07:62:16:0a:f9:ea:b7:50:84:af:d1:e5:
22:05:5f:5b:23:2a:e7:f8:ba:c8:5f:2f:e0:9d:79:
a5:b1:4f:d2:4d:e0:0c:3f:f1:71:23:59:01:53:84:
2d:ba:3a:5d:f3:8c:76:7b:91:e7:04:56:a2:89:be:
a6:61:86:55:b2:67:37:22:7a:1a:ed:56:7f:a0:5e:
3c:24:28:51:00:15:fb:c1:9b:9c:8a:5c:f6:ff:0b:
0d:f4:a8:1c:f4:b9:e5:51:3c:fc:e8:88:e3:85:d4:
b5:5f:3c:9d:7c:e3:9e:ab:8f:45:c3:c8:f4:da:ab:
47:d4:ce:09:8a:d6:e3:80:20:1f:51:5a:27:dc:f2:
36:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:71:8D:6D:71:0E:48:0C:E2:47:D1:88:9A:D1:0C:71:4B:FD:4B:79
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/EXGNbXEOSAziR9GImtEMcUv9S3k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.26.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:14:d0:1f:f5:8e:b4:aa:da:4b:a7:c0:1e:22:64:a3:e2:38:
ce:8a:b7:12:c1:42:55:42:ea:9f:4e:4d:b0:72:33:fc:97:b2:
6a:49:20:4f:53:9a:fb:6f:f9:51:b9:dd:27:ad:6a:12:61:da:
3e:61:8c:7c:8c:a9:2c:a2:08:ac:dc:f3:ac:d7:27:b1:df:4d:
3b:bb:05:de:db:fa:e4:f0:3a:de:c3:7e:04:e7:bf:dc:09:6b:
42:58:c0:54:cf:6a:28:b6:fe:d8:db:31:02:50:9d:8a:b7:ed:
d6:a7:00:76:f8:4e:5c:02:da:42:c4:ca:0e:ec:2a:58:ec:41:
cc:98:a1:32:01:84:44:b9:63:3c:a6:54:79:00:4e:b2:20:31:
1c:74:7a:e2:67:c0:d4:84:83:6c:42:a3:8d:5e:5a:90:e0:92:
fc:74:e6:4c:68:54:d8:bc:a9:bc:62:90:42:b5:90:80:23:3a:
a1:e5:44:89:bd:3a:6e:7b:44:27:1f:2d:ab:72:49:a3:b1:a6:
56:26:35:e2:79:fd:84:0d:e0:8e:53:b1:2a:3f:e2:2c:ba:66:
20:0d:1d:31:e8:ff:1a:d5:1a:58:5e:32:79:23:73:05:ae:54:
50:1e:3e:b7:56:8c:6a:b9:04:7a:e9:b9:32:5d:9c:14:8a:df:
6e:77:13:a5
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDExNzE4RDZENzEwRTQ4
MENFMjQ3RDE4ODlBRDEwQzcxNEJGRDRCNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqWhiRCbInhi0ClXW/IWwvL4ookI907wbEzfJp1iu/DByS+GsY
dFP+6Blgg30ev46V7rGHNJJOa0MV3qMd6xIjKIR0epMfHgekMYGIhup8qJVD9dvu
1TEQbsFeh40ompLdBrqp7l2A7ybeJqOfFKc/Lkv140fQT9JBxwdiFgr56rdQhK/R
5SIFX1sjKuf4ushfL+CdeaWxT9JN4Aw/8XEjWQFThC26Ol3zjHZ7kecEVqKJvqZh
hlWyZzciehrtVn+gXjwkKFEAFfvBm5yKXPb/Cw30qBz0ueVRPPzoiOOF1LVfPJ18
456rj0XDyPTaq0fUzgmK1uOAIB9RWifc8jZ7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUEXGNbXEOSAziR9GImtEMcUv9S3kwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9FWEdOYlhFT1NBemlS
OUdJbXRFTWNVdjlTM2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQD3xpgMA0GCSqGSIb3DQEBCwUAA4IBAQA8FNAf9Y60qtpLp8AeImSj4jjOircS
wUJVQuqfTk2wcjP8l7JqSSBPU5r7b/lRud0nrWoSYdo+YYx8jKksogis3POs1yex
3007uwXe2/rk8Drew34E57/cCWtCWMBUz2ootv7Y2zECUJ2Kt+3WpwB2+E5cAtpC
xMoO7CpY7EHMmKEyAYREuWM8plR5AE6yIDEcdHriZ8DUhINsQqONXlqQ4JL8dOZM
aFTYvKm8YpBCtZCAIzqh5USJvTpue0QnHy2rckmjsaZWJjXief2EDeCOU7EqP+Is
umYgDR0x6P8a1RpYXjJ5I3MFrlRQHj63VoxquQR66bkyXZwUit9udxOl
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:54:37 2023 by rpki-client on console-ams.rpki-client.org