Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/98l_KZXDB4z6EmNATGI8SZhY_kQ.roa
File: 98l_KZXDB4z6EmNATGI8SZhY_kQ.roa (raw, json)
Hash identifier: ufUhkbwAoK1i4PGnCvuClyXf0wBVi8FXgAYMlXo+ues=
Subject key identifier: F7:C9:7F:29:95:C3:07:8C:FA:12:63:40:4C:62:3C:49:98:58:FE:44
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/98l_KZXDB4z6EmNATGI8SZhY_kQ.roa
Signing time: Thu 15 Sep 2022 02:49:50 +0000
ROA not before: Thu 15 Sep 2022 02:49:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 211.78.24.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2789 (0xae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 15 02:49:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F7C97F2995C3078CFA1263404C623C499858FE44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:cc:5c:b4:39:7c:97:fc:42:b7:37:97:77:
82:1b:be:04:43:cb:21:d2:d5:6b:b5:39:df:fc:aa:
f8:8d:a9:b9:5f:a5:f8:d1:dc:37:bd:fd:bc:93:a9:
da:3c:23:93:fc:3e:83:a3:de:50:2f:89:1b:8b:bd:
98:ef:72:14:9f:6c:5b:3b:17:bc:9c:5b:57:8e:cb:
6a:4c:88:c0:be:8e:36:61:83:28:a3:a5:56:73:fe:
60:ed:94:ad:83:45:41:97:3b:0c:6a:ae:bf:28:c3:
96:fc:5b:a7:4e:e8:f6:a0:dc:ac:fb:cb:50:af:2f:
64:b6:bc:b0:40:ff:58:5b:06:16:55:6d:2a:0e:b3:
c7:ee:a1:3f:10:5c:ba:75:d2:6a:11:6b:28:9d:30:
1b:98:06:ca:ae:eb:7f:af:2c:a6:d8:32:ef:75:e6:
84:c7:92:1f:84:5d:14:7f:c1:d0:28:44:ba:9c:18:
70:67:90:86:17:7f:44:bd:23:b9:6e:e1:3e:42:0a:
2f:93:82:d2:7b:9b:3c:79:5b:00:1b:1a:43:91:ea:
7c:b8:6a:f9:91:bc:3f:15:f7:d1:64:fb:3c:a1:00:
b0:bd:27:16:18:2e:e9:20:ac:3c:84:fd:43:60:d6:
07:41:f0:b3:50:23:a3:f6:62:57:bf:2a:85:67:1b:
73:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C9:7F:29:95:C3:07:8C:FA:12:63:40:4C:62:3C:49:98:58:FE:44
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/98l_KZXDB4z6EmNATGI8SZhY_kQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.24.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:13:0a:0d:ab:32:fe:dd:32:7b:95:6f:c7:ed:78:75:e1:cd:
5c:bd:82:b7:37:b6:80:fc:b9:22:9d:8d:16:b3:96:a3:99:d5:
3f:16:84:2f:7f:ad:88:5a:01:bc:b6:9f:38:f3:4f:dc:e5:96:
11:f2:7a:f1:f1:62:cb:c8:6d:37:52:1c:20:85:88:4f:10:2e:
67:b1:fc:dd:0e:48:76:f4:97:d7:6f:71:90:e7:4b:51:7d:3e:
73:b5:c3:95:b1:37:d8:d5:d8:09:8d:b0:08:90:35:70:3b:28:
98:38:7e:41:52:c7:ad:bb:cf:fb:56:64:29:99:7d:30:33:5d:
ae:32:01:68:ba:d4:5d:0a:2d:dc:4e:69:41:f1:7e:c1:48:d0:
b3:78:d2:7e:24:b6:87:a1:cd:c1:bd:c5:6c:cd:bf:75:fc:1f:
3d:ff:31:63:b0:d9:a6:35:9b:02:01:58:ec:94:59:48:49:ef:
79:74:fc:97:2e:d1:a5:37:42:aa:84:0d:b0:7d:fc:84:75:95:
f1:7d:3d:f4:57:82:b2:04:f6:f3:d1:bf:88:a8:5f:e5:3e:10:
4c:47:74:af:e5:4e:62:20:1c:01:3d:21:3c:f3:f0:9c:aa:73:
9c:a6:d6:32:ec:50:6f:65:24:fa:13:ca:7b:58:7e:a9:c3:cd:
98:de:dc:6d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY3Qzk3RjI5OTVDMzA3
OENGQTEyNjM0MDRDNjIzQzQ5OTg1OEZFNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRYMxctDl8l/xCtzeXd4IbvgRDyyHS1Wu1Od/8qviNqblfpfjR
3De9/byTqdo8I5P8PoOj3lAviRuLvZjvchSfbFs7F7ycW1eOy2pMiMC+jjZhgyij
pVZz/mDtlK2DRUGXOwxqrr8ow5b8W6dO6Pag3Kz7y1CvL2S2vLBA/1hbBhZVbSoO
s8fuoT8QXLp10moRayidMBuYBsqu63+vLKbYMu915oTHkh+EXRR/wdAoRLqcGHBn
kIYXf0S9I7lu4T5CCi+TgtJ7mzx5WwAbGkOR6ny4avmRvD8V99Fk+zyhALC9JxYY
LukgrDyE/UNg1gdB8LNQI6P2Yle/KoVnG3OxAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU98l/KZXDB4z6EmNATGI8SZhY/kQwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzk4bF9LWlhEQjR6NkVtTkFUR0k4U1po
WV9rUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPTThgwDQYJ
KoZIhvcNAQELBQADggEBAB0TCg2rMv7dMnuVb8fteHXhzVy9grc3toD8uSKdjRaz
lqOZ1T8WhC9/rYhaAby2nzjzT9zllhHyevHxYsvIbTdSHCCFiE8QLmex/N0OSHb0
l9dvcZDnS1F9PnO1w5WxN9jV2AmNsAiQNXA7KJg4fkFSx627z/tWZCmZfTAzXa4y
AWi61F0KLdxOaUHxfsFI0LN40n4ktoehzcG9xWzNv3X8Hz3/MWOw2aY1mwIBWOyU
WUhJ73l0/Jcu0aU3QqqEDbB9/IR1lfF9PfRXgrIE9vPRv4ioX+U+EExHdK/lTmIg
HAE9ITzz8Jyqc5ym1jLsUG9lJPoTyntYfqnDzZje3G0=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org