Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/kvbvZhs99okc1aG9U4nG1bNywpk.roa
File: kvbvZhs99okc1aG9U4nG1bNywpk.roa (raw, json)
Hash identifier: BqJxumaQ+tFn5cwS+6FoTXYZhufKYiMyCjsNxwlO7M8=
Subject key identifier: 92:F6:EF:66:1B:3D:F6:89:1C:D5:A1:BD:53:89:C6:D5:B3:72:C2:99
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kvbvZhs99okc1aG9U4nG1bNywpk.roa
Signing time: Thu 15 Sep 2022 02:48:03 +0000
ROA not before: Thu 15 Sep 2022 02:48:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 3462
IP address blocks: 202.39.128.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=92F6EF661B3DF6891CD5A1BD5389C6D5B372C299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c0:3f:7e:d1:77:4f:67:1b:cf:cc:7b:32:70:
ad:63:c9:ba:11:b5:63:b8:a7:0d:8d:46:dc:71:b5:
6e:40:6b:0e:40:8d:e4:23:49:79:ee:2b:09:ad:27:
67:16:75:94:9a:0f:45:37:92:fd:dc:cc:87:8d:46:
1e:ae:09:43:32:34:a8:b7:c7:92:24:df:fd:97:01:
02:9f:78:a1:93:0e:70:d8:80:21:dc:d5:bb:9d:3b:
fe:b4:cd:e8:5f:ee:f8:0b:5e:9b:b7:0e:0c:f7:84:
35:43:2b:ac:87:85:bd:59:29:5b:0b:a0:8f:f6:2a:
4a:da:1b:ea:82:d1:30:f7:3d:72:d9:f4:7c:5d:8a:
f8:85:ee:fd:d2:5c:d2:f9:3b:0f:84:f4:7e:9c:43:
ef:01:4d:4a:bd:35:c2:eb:10:95:30:ff:75:71:3c:
0f:d2:15:26:2f:01:2b:dc:be:f7:ca:60:b5:4f:da:
9f:b6:90:7f:d3:18:38:32:48:07:d6:f8:7b:c9:d4:
b2:ba:f0:1d:30:86:5c:21:d1:f6:05:49:a6:fd:19:
10:db:e8:7f:7b:0a:65:20:72:9a:56:ef:4a:1b:3a:
14:04:76:cb:1c:5c:69:c7:20:4b:d4:5c:13:09:ac:
0f:ad:7f:ce:6f:6d:9c:5a:d4:36:af:56:c5:0e:46:
69:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F6:EF:66:1B:3D:F6:89:1C:D5:A1:BD:53:89:C6:D5:B3:72:C2:99
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kvbvZhs99okc1aG9U4nG1bNywpk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.39.128.0/17
Signature Algorithm: sha256WithRSAEncryption
01:90:6e:b4:e8:64:21:62:d7:2f:a4:0c:59:fb:89:47:ee:cf:
98:9e:ae:28:d3:5d:5e:0d:e5:79:23:2f:2f:32:ea:5c:ea:30:
ac:16:52:99:b4:6f:e4:eb:25:33:df:d1:7f:a7:b9:17:ba:c5:
02:f3:16:d9:8f:98:bf:2d:f9:fd:cf:e0:17:78:90:f3:8f:9f:
7f:4b:ec:dc:7f:a4:46:44:b6:d5:80:f1:30:cf:ef:e8:2d:61:
c3:fe:a3:fd:68:4b:04:f3:e4:71:e7:1e:b1:78:18:bc:bc:5d:
6d:1c:8e:de:70:25:d4:3a:91:4e:7f:0a:ee:62:d0:9e:23:76:
2f:76:a5:3d:af:63:5d:7d:82:93:dd:22:da:35:ef:65:ee:c5:
83:67:ce:fe:58:88:6c:c1:39:ad:05:63:a7:13:5c:c1:7e:aa:
72:f8:e6:76:35:8e:82:32:fe:9e:bd:9a:03:f9:0f:0c:9c:b3:
8e:8d:25:75:f3:91:6f:75:32:77:ce:9f:9c:59:b4:28:6a:ff:
a2:a9:da:75:f9:7e:f4:8e:0d:c4:85:5b:ab:5a:09:ea:e1:46:
a0:9f:ed:52:ce:54:5e:f4:f0:49:87:3d:48:69:de:d3:1b:68:
26:21:b6:73:d3:ad:5d:97:32:af:2c:91:dc:56:22:a2:aa:e2:
65:76:6b:c6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDkyRjZFRjY2MUIzREY2
ODkxQ0Q1QTFCRDUzODlDNkQ1QjM3MkMyOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEwD9+0XdPZxvPzHsycK1jyboRtWO4pw2NRtxxtW5Aaw5AjeQj
SXnuKwmtJ2cWdZSaD0U3kv3czIeNRh6uCUMyNKi3x5Ik3/2XAQKfeKGTDnDYgCHc
1budO/60zehf7vgLXpu3Dgz3hDVDK6yHhb1ZKVsLoI/2KkraG+qC0TD3PXLZ9Hxd
iviF7v3SXNL5Ow+E9H6cQ+8BTUq9NcLrEJUw/3VxPA/SFSYvASvcvvfKYLVP2p+2
kH/TGDgySAfW+HvJ1LK68B0whlwh0fYFSab9GRDb6H97CmUgcppW70obOhQEdssc
XGnHIEvUXBMJrA+tf85vbZxa1DavVsUORmkzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkvbvZhs99okc1aG9U4nG1bNywpkwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9rdmJ2WmhzOTlva2MxYUc5VTRu
RzFiTnl3cGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHyieA
MA0GCSqGSIb3DQEBCwUAA4IBAQABkG606GQhYtcvpAxZ+4lH7s+Ynq4o011eDeV5
Iy8vMupc6jCsFlKZtG/k6yUz39F/p7kXusUC8xbZj5i/Lfn9z+AXeJDzj59/S+zc
f6RGRLbVgPEwz+/oLWHD/qP9aEsE8+Rx5x6xeBi8vF1tHI7ecCXUOpFOfwruYtCe
I3YvdqU9r2NdfYKT3SLaNe9l7sWDZ87+WIhswTmtBWOnE1zBfqpy+OZ2NY6CMv6e
vZoD+Q8MnLOOjSV185FvdTJ3zp+cWbQoav+iqdp1+X70jg3EhVurWgnq4Uagn+1S
zlRe9PBJhz1Iad7TG2gmIbZz061dlzKvLJHcViKiquJldmvG
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:15 2023 by rpki-client on console-fra.rpki-client.org