Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/BDQ689M3f2aNnVZUszfHLAH9YTo.roa
File: BDQ689M3f2aNnVZUszfHLAH9YTo.roa (raw, json)
Hash identifier: TziXwHmQuVsKOeYH5aRI9Q1wDcQBg83r5SflvIn29Po=
Subject key identifier: 04:34:3A:F3:D3:37:7F:66:8D:9D:56:54:B3:37:C7:2C:01:FD:61:3A
Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F
Certificate serial: 0A39
Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/BDQ689M3f2aNnVZUszfHLAH9YTo.roa
Signing time: Thu 15 Sep 2022 02:50:22 +0000
ROA not before: Thu 15 Sep 2022 02:50:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131601
IP address blocks: 103.252.196.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2617 (0xa39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F
Validity
Not Before: Sep 15 02:50:22 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=04343AF3D3377F668D9D5654B337C72C01FD613A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:06:a2:eb:db:b7:e3:8c:c5:b6:28:0e:0c:57:
d6:3e:cb:06:8e:da:ea:42:85:ad:f7:a2:c9:46:a2:
21:86:9e:9a:4d:d8:0d:0e:dd:fd:74:04:d3:96:0f:
55:be:d8:2e:ad:03:0e:af:31:89:f7:f7:a1:f5:25:
60:67:a6:e1:63:cb:66:ae:9b:61:1f:44:d8:b7:cf:
f1:f8:ab:d9:d0:55:8d:89:18:d4:ef:2b:68:1a:b9:
3d:70:80:68:8c:75:47:1f:3d:b4:0e:2d:d3:f5:72:
7d:56:4a:e8:0e:e6:ff:4d:35:31:3b:1c:f7:29:e7:
31:f8:bf:be:c1:c1:34:72:69:40:85:ff:56:5c:9b:
59:2d:20:e0:95:6d:67:49:c5:70:0c:6e:02:ff:d0:
5a:b8:4c:b0:56:8b:bb:89:cb:c8:1f:58:bc:75:72:
08:a4:be:7d:0a:c1:6a:82:ce:d0:ec:59:f6:20:bc:
31:87:01:ab:f4:a5:ee:cd:62:1b:3f:ca:0b:bc:65:
84:9e:42:3c:46:b2:8c:b1:0b:bc:83:4d:b9:4b:7d:
34:7e:d0:c6:ef:9c:8b:58:67:cd:6a:55:63:e0:5f:
f0:04:e2:93:51:2c:97:98:9c:a9:7d:a3:d5:0c:ef:
8e:5d:2c:be:d1:d6:1a:99:ed:41:eb:06:32:78:52:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:34:3A:F3:D3:37:7F:66:8D:9D:56:54:B3:37:C7:2C:01:FD:61:3A
X509v3 Authority Key Identifier:
keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/BDQ689M3f2aNnVZUszfHLAH9YTo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.196.0/22
Signature Algorithm: sha256WithRSAEncryption
14:c2:6a:c6:6c:a0:da:dc:da:f7:61:de:be:3e:8c:f4:9c:9c:
e8:92:b9:d9:2c:a3:5e:f0:2b:65:77:c6:15:59:39:ec:c2:bf:
c6:c7:0b:ee:78:c6:73:57:01:9e:fa:c5:1b:96:5c:37:03:c9:
86:8e:44:c8:ea:2e:4f:00:94:90:b4:66:78:0d:08:28:75:16:
98:4a:6b:6c:0f:94:42:25:5c:fc:9d:df:a0:d3:ed:e0:1e:0e:
ae:5b:8c:22:15:2a:4e:c1:06:37:d1:49:32:44:3b:20:a3:6c:
e2:3f:a3:90:8c:17:cc:81:fa:75:88:c8:13:a1:8a:4b:39:43:
2d:de:e2:5b:f6:7a:4b:27:70:5e:62:ec:fb:83:c3:74:4f:b7:
1b:d3:e6:ad:48:ce:e3:ca:d2:3b:d6:2b:e8:b7:f4:01:77:ab:
33:8f:fe:d9:c2:13:7c:cd:fa:5e:06:4b:2a:10:55:26:d4:42:
f1:ca:ab:b7:57:d6:3d:38:4d:a3:b6:fd:06:df:4e:ba:f0:80:
6b:eb:1b:31:4c:b2:20:70:fc:1b:1f:d2:76:75:99:4f:0b:cf:
7f:d3:fc:1e:0e:d1:8d:f1:e2:68:cb:ac:2c:6d:38:ef:f3:45:
f2:17:cf:5e:4a:e2:c7:81:6e:ab:13:fa:28:df:f5:68:f1:45:
29:07:61:19
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw
NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yMjA5MTUw
MjUwMjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA0MzQzQUYzRDMzNzdG
NjY4RDlENTY1NEIzMzdDNzJDMDFGRDYxM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDBqLr27fjjMW2KA4MV9Y+ywaO2upCha33oslGoiGGnppN2A0O
3f10BNOWD1W+2C6tAw6vMYn396H1JWBnpuFjy2aum2EfRNi3z/H4q9nQVY2JGNTv
K2gauT1wgGiMdUcfPbQOLdP1cn1WSugO5v9NNTE7HPcp5zH4v77BwTRyaUCF/1Zc
m1ktIOCVbWdJxXAMbgL/0Fq4TLBWi7uJy8gfWLx1cgikvn0KwWqCztDsWfYgvDGH
Aav0pe7NYhs/ygu8ZYSeQjxGsoyxC7yDTblLfTR+0MbvnItYZ81qVWPgX/AE4pNR
LJeYnKl9o9UM745dLL7R1hqZ7UHrBjJ4UoIlAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUBDQ689M3f2aNnVZUszfHLAH9YTowHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV
xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213
WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL0JEUTY4OU0zZjJhTm5WWlVzemZITEFI
OVlUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/MQwDQYJ
KoZIhvcNAQELBQADggEBABTCasZsoNrc2vdh3r4+jPScnOiSudkso17wK2V3xhVZ
OezCv8bHC+54xnNXAZ76xRuWXDcDyYaORMjqLk8AlJC0ZngNCCh1FphKa2wPlEIl
XPyd36DT7eAeDq5bjCIVKk7BBjfRSTJEOyCjbOI/o5CMF8yB+nWIyBOhiks5Qy3e
4lv2eksncF5i7PuDw3RPtxvT5q1IzuPK0jvWK+i39AF3qzOP/tnCE3zN+l4GSyoQ
VSbUQvHKq7dX1j04TaO2/QbfTrrwgGvrGzFMsiBw/Bsf0nZ1mU8Lz3/T/B4O0Y3x
4mjLrCxtOO/zRfIXz15K4seBbqsT+ijf9WjxRSkHYRk=
-----END CERTIFICATE-----
Generated at Fri Sep 1 08:54:37 2023 by rpki-client on console-ams.rpki-client.org