Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/3b67B4Xw-u5Dd9oaGaOY0Y8oUlg.roa
File: 3b67B4Xw-u5Dd9oaGaOY0Y8oUlg.roa (raw, json)
Hash identifier: I7kdBdpj4CMcmuKogkgdiNKVqL2QY9zOpll6tyTsOkg=
Subject key identifier: DD:BE:BB:07:85:F0:FA:EE:43:77:DA:1A:19:A3:98:D1:8F:28:52:58
Certificate issuer: /CN=324A7E6EBF678F98B87228EC8466C3690A43DDB6
Certificate serial: 0A21
Authority key identifier: 32:4A:7E:6E:BF:67:8F:98:B8:72:28:EC:84:66:C3:69:0A:43:DD:B6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Mkp-br9nj5i4cijshGbDaQpD3bY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/3b67B4Xw-u5Dd9oaGaOY0Y8oUlg.roa
Signing time: Thu 15 Sep 2022 02:37:34 +0000
ROA not before: Thu 15 Sep 2022 02:37:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18046
IP address blocks: 103.197.172.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2593 (0xa21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=324A7E6EBF678F98B87228EC8466C3690A43DDB6
Validity
Not Before: Sep 15 02:37:34 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DDBEBB0785F0FAEE4377DA1A19A398D18F285258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:96:ef:c3:26:1a:1d:e4:63:1b:bd:65:18:d9:
20:d3:71:1c:5b:ff:e7:14:1f:5a:fb:25:fb:50:e9:
c4:16:45:35:ac:af:8f:ef:3b:79:5a:55:b2:4e:08:
ed:86:75:49:e1:1b:ca:24:54:d4:b5:d6:aa:16:35:
23:6e:2a:db:ea:6c:f9:73:42:96:91:1d:1b:b2:6b:
d3:7b:8a:ca:fc:5c:ed:51:81:b1:19:a8:a1:fd:34:
f6:67:58:b0:d4:1c:59:82:e6:79:85:17:48:92:02:
c6:cc:c3:6a:98:f2:0a:ec:23:74:32:51:80:4f:61:
bd:5a:db:17:64:0d:b7:8a:5a:4b:75:96:90:21:27:
15:93:11:09:29:5b:2b:b8:da:a2:be:3d:3b:08:4b:
bd:7c:27:25:ad:c0:83:66:d1:8a:ec:a1:11:3f:64:
df:32:04:ea:cb:a9:36:79:e5:31:be:e4:ac:25:4a:
21:b5:b9:b7:9d:20:6b:51:85:f8:a4:59:c8:33:70:
8b:c4:9a:fc:29:6e:b2:ac:3b:fc:46:b3:7f:5c:18:
4b:ea:5e:a4:be:f9:ce:d8:a7:79:a7:00:b7:a9:94:
c1:46:b4:c9:ba:56:eb:4f:9d:f0:65:96:e2:73:25:
74:70:77:32:57:eb:44:c1:2e:a2:e9:98:13:1d:fc:
91:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BE:BB:07:85:F0:FA:EE:43:77:DA:1A:19:A3:98:D1:8F:28:52:58
X509v3 Authority Key Identifier:
keyid:32:4A:7E:6E:BF:67:8F:98:B8:72:28:EC:84:66:C3:69:0A:43:DD:B6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/Mkp-br9nj5i4cijshGbDaQpD3bY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Mkp-br9nj5i4cijshGbDaQpD3bY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGJAY/3b67B4Xw-u5Dd9oaGaOY0Y8oUlg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.197.172.0/23
Signature Algorithm: sha256WithRSAEncryption
67:b0:db:02:e4:b3:73:c1:1e:e2:fd:fd:19:87:a1:f3:6e:4d:
c3:e0:74:18:51:ce:33:31:d5:b7:c9:2e:87:a0:ea:57:ce:67:
36:4c:da:7b:82:4a:0c:17:ee:34:0c:de:c6:cd:81:73:df:63:
b1:7b:c7:9c:f9:1e:1e:a6:11:ac:8d:c9:4b:cf:c1:d6:a3:fe:
6d:6b:e2:ba:d0:34:ae:bf:ca:be:88:79:8d:4e:c8:6f:38:68:
3f:6e:98:0b:89:4d:fd:a5:50:5c:09:f9:7b:7f:6a:13:a5:28:
58:21:29:20:af:aa:8c:1c:e7:6a:27:ed:d3:59:9a:b2:34:45:
46:2d:66:7b:16:58:ec:7e:47:c2:65:3b:74:5e:42:86:ef:7f:
ac:19:00:8c:9b:78:84:36:1e:45:a5:ab:66:78:53:5e:d9:99:
61:43:23:2d:cf:77:5c:72:89:d1:a8:92:8b:1f:60:9d:33:cc:
34:4e:3d:a8:ea:49:1c:12:39:3d:9c:ca:0e:9c:fe:32:aa:6b:
78:4e:bb:90:77:c3:27:21:8b:9f:fa:00:f4:f7:49:6d:b5:ec:
68:ea:56:07:a6:cf:a1:4f:c2:e5:e3:36:e8:30:c4:13:70:b6:
49:0e:aa:bf:d1:ba:c4:d4:f1:30:a6:0f:51:24:17:6b:d7:e9:
e9:f9:40:79
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI0
QTdFNkVCRjY3OEY5OEI4NzIyOEVDODQ2NkMzNjkwQTQzRERCNjAeFw0yMjA5MTUw
MjM3MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREQkVCQjA3ODVGMEZB
RUU0Mzc3REExQTE5QTM5OEQxOEYyODUyNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIlu/DJhod5GMbvWUY2SDTcRxb/+cUH1r7JftQ6cQWRTWsr4/v
O3laVbJOCO2GdUnhG8okVNS11qoWNSNuKtvqbPlzQpaRHRuya9N7isr8XO1RgbEZ
qKH9NPZnWLDUHFmC5nmFF0iSAsbMw2qY8grsI3QyUYBPYb1a2xdkDbeKWkt1lpAh
JxWTEQkpWyu42qK+PTsIS718JyWtwINm0YrsoRE/ZN8yBOrLqTZ55TG+5KwlSiG1
ubedIGtRhfikWcgzcIvEmvwpbrKsO/xGs39cGEvqXqS++c7Yp3mnALeplMFGtMm6
VutPnfBlluJzJXRwdzJX60TBLqLpmBMd/JG7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3b67B4Xw+u5Dd9oaGaOY0Y8oUlgwHwYDVR0jBBgwFoAUMkp+br9nj5i4cijs
hGbDaQpD3bYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0pB
WS9Na3AtYnI5bmo1aTRjaWpzaEdiRGFRcEQzYlkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL01rcC1icjluajVpNGNpanNoR2JEYVFwRDNiWS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0hPTkdKQVkvM2I2N0I0WHctdTVEZDlv
YUdhT1kwWThvVWxnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWfFrDANBgkqhkiG9w0BAQsFAAOCAQEAZ7DbAuSzc8Ee4v39GYeh825Nw+B0GFHO
MzHVt8kuh6DqV85nNkzae4JKDBfuNAzexs2Bc99jsXvHnPkeHqYRrI3JS8/B1qP+
bWviutA0rr/Kvoh5jU7IbzhoP26YC4lN/aVQXAn5e39qE6UoWCEpIK+qjBznaift
01masjRFRi1mexZY7H5HwmU7dF5Chu9/rBkAjJt4hDYeRaWrZnhTXtmZYUMjLc93
XHKJ0aiSix9gnTPMNE49qOpJHBI5PZzKDpz+MqpreE67kHfDJyGLn/oA9PdJbbXs
aOpWB6bPoU/C5eM26DDEE3C2SQ6qv9G6xNTxMKYPUSQXa9fp6flAeQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:41 2023 by rpki-client on console-ams.rpki-client.org