Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/UPfyG_Qd9MdZcbz0DcZSXZcqFgo.roa
File: UPfyG_Qd9MdZcbz0DcZSXZcqFgo.roa (raw, json)
Hash identifier: AxPVhIr8sVaUtwX7rGXc14ZNsQgXcxokUZYCnC2sCNw=
Subject key identifier: 50:F7:F2:1B:F4:1D:F4:C7:59:71:BC:F4:0D:C6:52:5D:97:2A:16:0A
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0D05
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/UPfyG_Qd9MdZcbz0DcZSXZcqFgo.roa
Signing time: Thu 15 Sep 2022 02:37:08 +0000
ROA not before: Thu 15 Sep 2022 02:37:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18424
IP address blocks: 103.136.60.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3333 (0xd05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 15 02:37:08 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=50F7F21BF41DF4C75971BCF40DC6525D972A160A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:46:1c:dd:30:f1:2c:1d:ee:28:89:50:15:
57:e6:06:aa:7b:ab:d4:a6:00:2c:27:fc:bd:31:b8:
c7:d4:f7:3a:e5:0f:ac:15:bb:74:59:82:7d:98:e5:
b9:84:f6:bc:84:94:4b:2b:65:33:30:b7:05:a9:ca:
8d:8c:e6:93:82:7f:2d:51:55:28:1a:ee:fe:8d:92:
ba:2b:f3:26:03:9d:55:e5:d7:e2:9b:92:76:5f:d8:
86:ed:cb:5a:1d:1e:1c:4b:05:7e:44:0e:8d:38:8e:
a6:aa:6c:d8:be:bb:f2:57:62:48:be:0a:a2:7e:32:
7c:70:cc:8b:2e:3c:fa:9c:18:b1:f0:11:0e:7c:17:
4d:2a:8d:8d:c8:59:c9:bd:bd:35:f1:d2:d5:52:f6:
43:2c:f3:02:c0:cc:11:09:37:cf:ed:b9:c1:07:b4:
15:54:be:27:90:08:a4:ef:69:a4:61:8d:85:5b:34:
cf:34:83:8d:eb:27:38:aa:67:e4:e1:5f:c3:ce:5a:
76:99:e9:00:13:df:de:8a:f5:45:b3:16:c1:e6:bb:
94:75:c0:d7:5d:c8:24:5e:4e:24:76:4e:db:36:d1:
3d:01:dc:af:b2:f5:97:70:df:2c:43:49:35:22:2f:
74:38:d7:8e:1e:c9:94:95:c3:39:68:0d:4a:9d:5c:
7f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F7:F2:1B:F4:1D:F4:C7:59:71:BC:F4:0D:C6:52:5D:97:2A:16:0A
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/UPfyG_Qd9MdZcbz0DcZSXZcqFgo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:52:73:7c:22:ec:87:97:6b:c4:e0:23:c9:1b:9d:ae:28:61:
cb:00:0d:9d:4d:2c:0e:a7:36:07:90:c7:e0:06:e3:30:30:e5:
96:2c:53:6b:b7:62:66:a2:b1:e2:f1:af:3b:3c:2e:1e:9f:69:
6a:3b:0f:9c:de:ae:d9:a0:5e:3f:c5:83:26:cd:83:69:d5:99:
f8:27:65:7c:8f:34:7d:7c:6a:11:dc:3b:bd:1f:52:a8:00:3e:
c8:7c:42:4a:6f:bc:b4:09:c4:c9:8e:7d:0e:a7:15:06:96:61:
20:ae:86:10:79:c9:a7:b8:ac:d8:ee:91:5a:63:63:07:44:d2:
09:0b:06:5c:15:b7:66:c6:e8:0e:dc:ae:72:95:b3:84:66:a9:
0e:70:83:c4:0e:dd:c4:fe:34:84:6e:d1:03:dc:19:33:1b:5e:
0c:a9:1b:20:a4:5a:30:70:95:e1:83:57:72:8d:f1:81:b0:6b:
a1:37:53:98:7d:1b:33:5c:23:23:8b:b7:4f:ac:90:ef:0f:eb:
88:8e:9e:62:76:7f:32:cb:d0:02:a4:58:59:59:2f:f0:3a:90:
c4:3b:5f:8e:78:11:06:a2:c9:aa:04:67:14:7b:ac:d0:a9:40:
fd:42:0b:26:45:d9:97:b6:41:0d:d5:cf:05:2f:3f:35:07:ea:
16:7e:7a:ce
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMjA5MTUw
MjM3MDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUwRjdGMjFCRjQxREY0
Qzc1OTcxQkNGNDBEQzY1MjVEOTcyQTE2MEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkrkYc3TDxLB3uKIlQFVfmBqp7q9SmACwn/L0xuMfU9zrlD6wV
u3RZgn2Y5bmE9ryElEsrZTMwtwWpyo2M5pOCfy1RVSga7v6Nkror8yYDnVXl1+Kb
knZf2Ibty1odHhxLBX5EDo04jqaqbNi+u/JXYki+CqJ+MnxwzIsuPPqcGLHwEQ58
F00qjY3IWcm9vTXx0tVS9kMs8wLAzBEJN8/tucEHtBVUvieQCKTvaaRhjYVbNM80
g43rJziqZ+ThX8POWnaZ6QAT396K9UWzFsHmu5R1wNddyCReTiR2Tts20T0B3K+y
9Zdw3yxDSTUiL3Q4144eyZSVwzloDUqdXH81AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUUPfyG/Qd9MdZcbz0DcZSXZcqFgowHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL1VQZnlHX1FkOU1kWmNiejBEY1pTWFpj
cUZnby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBAL1Sc3wi7IeXa8TgI8kbna4oYcsADZ1NLA6nNgeQx+AG
4zAw5ZYsU2u3YmaiseLxrzs8Lh6faWo7D5zertmgXj/FgybNg2nVmfgnZXyPNH18
ahHcO70fUqgAPsh8QkpvvLQJxMmOfQ6nFQaWYSCuhhB5yae4rNjukVpjYwdE0gkL
BlwVt2bG6A7crnKVs4RmqQ5wg8QO3cT+NIRu0QPcGTMbXgypGyCkWjBwleGDV3KN
8YGwa6E3U5h9GzNcIyOLt0+skO8P64iOnmJ2fzLL0AKkWFlZL/A6kMQ7X454EQai
yaoEZxR7rNCpQP1CCyZF2Ze2QQ3VzwUvPzUH6hZ+es4=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:39 2023 by rpki-client on console-ams.rpki-client.org