Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/1XmqdFdzhxeAfAhefYLvpz2cfrE.roa
File: 1XmqdFdzhxeAfAhefYLvpz2cfrE.roa (raw, json)
Hash identifier: hVUhQuOnCuKOXRQfCPco42SMmPHE8fGC2qedF682Ssg=
Subject key identifier: D5:79:AA:74:57:73:87:17:80:7C:08:5E:7D:82:EF:A7:3D:9C:7E:B1
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0AA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/1XmqdFdzhxeAfAhefYLvpz2cfrE.roa
Signing time: Thu 15 Sep 2022 02:41:00 +0000
ROA not before: Thu 15 Sep 2022 02:41:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18042
IP address blocks: 61.67.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 15 02:41:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D579AA7457738717807C085E7D82EFA73D9C7EB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ae:a7:3c:18:af:e9:b3:da:0f:12:1d:62:2d:
9d:69:28:a6:d8:35:27:64:82:ee:66:8e:78:c5:20:
a9:a0:f1:4c:90:e3:9c:38:35:6a:f6:11:59:d7:a2:
57:c3:a1:99:97:c0:c9:d3:6d:97:12:5f:14:b8:7a:
61:35:31:85:95:58:f1:7b:73:c4:4f:6d:09:91:12:
f9:a6:aa:e0:a8:8e:45:f0:d4:48:27:fc:40:f0:bb:
f7:f5:9e:98:8b:32:6a:41:1a:01:da:47:54:11:1a:
f4:ff:8e:0c:39:ec:61:1a:77:5a:85:d7:ad:fa:60:
59:60:28:72:71:4f:fd:23:ac:62:43:e6:3c:2d:1f:
b2:3f:2c:87:1b:5d:75:96:06:06:15:fc:e3:c2:15:
c0:ab:8b:28:b3:9b:6d:0a:c5:17:20:ab:3a:e5:af:
8b:73:49:24:f1:1f:25:79:3e:a8:64:d1:a8:21:65:
83:14:2d:57:30:89:52:dc:86:28:fa:80:52:ca:32:
3f:43:5c:fb:1e:ac:23:e9:1e:50:bf:b2:4e:d8:b9:
aa:68:9c:71:8d:7c:2a:10:9b:a6:43:e7:23:f3:2a:
bf:46:81:18:60:de:2a:9e:84:21:78:ce:e7:9d:9c:
ce:0d:de:16:32:84:99:4a:54:66:0a:c2:34:0f:c0:
37:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:79:AA:74:57:73:87:17:80:7C:08:5E:7D:82:EF:A7:3D:9C:7E:B1
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/1XmqdFdzhxeAfAhefYLvpz2cfrE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.209.0/24
Signature Algorithm: sha256WithRSAEncryption
24:47:cd:5f:03:0d:3c:70:dc:48:aa:e1:d0:6a:3c:81:1f:9f:
aa:23:2e:19:67:cf:45:00:b7:16:44:00:f9:76:d9:52:82:83:
e5:10:e9:f3:9a:e6:9f:e0:a9:a5:f6:01:5a:2c:e3:29:68:3f:
45:f8:d4:2d:85:28:43:16:03:82:b7:43:9e:bf:60:78:89:27:
1e:56:eb:38:90:fe:63:3b:ca:a1:57:83:3d:fd:c7:6c:13:81:
69:30:63:0c:ca:1e:ec:cd:37:51:67:6a:f4:1c:4c:74:d8:52:
32:bb:e9:4d:62:fe:e2:9b:ba:92:63:de:4a:3e:36:35:14:1e:
7d:d7:67:7d:cc:56:67:ed:db:b3:76:aa:b1:91:c7:cf:10:40:
a3:7d:08:3e:0a:3b:39:e2:47:48:15:d9:db:8b:3f:27:d6:5e:
3b:b4:fc:92:65:8f:d4:1e:e7:f4:ed:ca:fa:14:1e:9c:96:0f:
c1:1f:71:85:af:33:96:d3:10:e7:72:9f:e2:a5:a1:dd:60:f7:
f3:ff:5f:e5:d2:f0:77:1b:e7:63:4f:ea:f0:69:c7:a9:a8:e7:
c8:85:de:ce:c6:43:b8:f5:ff:74:b1:17:ab:ab:27:e1:4f:e1:
68:0e:b6:e8:29:b3:11:24:f5:d3:15:09:03:cb:e4:81:77:e3:
c5:01:db:64
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMjA5MTUw
MjQxMDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ1NzlBQTc0NTc3Mzg3
MTc4MDdDMDg1RTdEODJFRkE3M0Q5QzdFQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlrqc8GK/ps9oPEh1iLZ1pKKbYNSdkgu5mjnjFIKmg8UyQ45w4
NWr2EVnXolfDoZmXwMnTbZcSXxS4emE1MYWVWPF7c8RPbQmREvmmquCojkXw1Egn
/EDwu/f1npiLMmpBGgHaR1QRGvT/jgw57GEad1qF1636YFlgKHJxT/0jrGJD5jwt
H7I/LIcbXXWWBgYV/OPCFcCriyizm20KxRcgqzrlr4tzSSTxHyV5Pqhk0aghZYMU
LVcwiVLchij6gFLKMj9DXPserCPpHlC/sk7YuaponHGNfCoQm6ZD5yPzKr9GgRhg
3iqehCF4zuednM4N3hYyhJlKVGYKwjQPwDdRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU1XmqdFdzhxeAfAhefYLvpz2cfrEwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzFYbXFkRmR6aHhlQWZBaGVmWUx2cHoy
Y2ZyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9Q9EwDQYJ
KoZIhvcNAQELBQADggEBACRHzV8DDTxw3Eiq4dBqPIEfn6ojLhlnz0UAtxZEAPl2
2VKCg+UQ6fOa5p/gqaX2AVos4yloP0X41C2FKEMWA4K3Q56/YHiJJx5W6ziQ/mM7
yqFXgz39x2wTgWkwYwzKHuzNN1FnavQcTHTYUjK76U1i/uKbupJj3ko+NjUUHn3X
Z33MVmft27N2qrGRx88QQKN9CD4KOzniR0gV2duLPyfWXju0/JJlj9Qe5/TtyvoU
HpyWD8EfcYWvM5bTEOdyn+Klod1g9/P/X+XS8Hcb52NP6vBpx6mo58iF3s7GQ7j1
/3SxF6urJ+FP4WgOtugpsxEk9dMVCQPL5IF348UB22Q=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:49 2023 by rpki-client on console-ams.rpki-client.org