Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/SoN_rfGP81l9s9k91q2PFNrBTE8.roa
File: SoN_rfGP81l9s9k91q2PFNrBTE8.roa (raw, json)
Hash identifier: uCTDBB5qGXPOkXtvg47/SD2LI9eHeUTs9XQ+DbLsygM=
Subject key identifier: 4A:83:7F:AD:F1:8F:F3:59:7D:B3:D9:3D:D6:AD:8F:14:DA:C1:4C:4F
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/SoN_rfGP81l9s9k91q2PFNrBTE8.roa
Signing time: Thu 15 Sep 2022 02:49:54 +0000
ROA not before: Thu 15 Sep 2022 02:49:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 61.61.60.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2789 (0xae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 15 02:49:54 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4A837FADF18FF3597DB3D93DD6AD8F14DAC14C4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:be:89:89:31:c9:19:3d:50:be:ed:6b:c2:42:
71:01:46:94:64:68:86:df:78:92:48:6d:a6:f5:01:
85:fe:02:e8:c9:85:d1:64:87:13:e9:8a:ab:4b:db:
26:38:7e:e4:8b:d9:e6:9f:b7:dc:25:67:c0:30:6e:
b2:ef:a3:6b:26:59:f8:24:6c:19:bb:85:1c:16:12:
67:f0:00:1d:72:ba:d7:6f:ce:fa:d3:db:d5:29:68:
be:67:71:f7:8a:3e:4e:ac:73:50:60:d4:09:c5:74:
51:7f:c6:ef:ff:9d:4c:19:14:f6:3f:0e:e9:ec:fd:
f6:ad:b4:c1:28:5f:91:df:08:f3:f7:e4:3a:9b:10:
9c:16:8f:8e:af:d3:76:e6:59:e4:82:07:75:b6:eb:
07:7a:57:f9:29:13:04:59:35:b9:89:78:c7:3c:e2:
b3:37:f9:cf:0d:1b:d2:1c:4f:56:5e:fb:09:72:9f:
79:33:d8:1e:b1:5c:6d:16:64:e3:a8:fa:ae:d7:66:
33:70:95:d7:f9:f7:66:d3:f9:4b:39:02:30:11:f7:
c4:29:7f:29:31:78:92:ef:30:0f:2c:5b:1b:04:40:
00:14:72:64:d1:1f:6c:33:86:f0:9c:36:29:71:0e:
cb:2e:2a:73:f6:f8:7a:44:c1:bf:48:be:5a:8b:d8:
ff:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:83:7F:AD:F1:8F:F3:59:7D:B3:D9:3D:D6:AD:8F:14:DA:C1:4C:4F
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/SoN_rfGP81l9s9k91q2PFNrBTE8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:1d:d0:cf:37:4e:b9:af:99:a7:28:f4:d6:f0:1d:43:7b:d6:
28:64:48:c0:29:db:29:e7:a0:b2:33:d2:1f:62:5e:18:17:b4:
57:79:31:29:09:af:bf:92:58:24:f3:04:6b:8c:2f:e9:25:85:
ef:87:a5:74:4b:75:12:6f:27:6a:ec:ca:39:13:03:58:7c:84:
8a:f2:60:c2:01:51:2c:dc:1a:0b:0e:b6:67:c8:6d:d8:ed:1b:
d0:bc:98:1e:68:84:de:da:24:ec:3d:35:81:ea:53:54:a8:55:
14:13:e9:2b:de:83:39:d8:39:7f:f1:f5:cb:ce:2f:18:6b:8e:
74:e0:2e:35:82:52:0e:ea:97:ac:07:1c:37:dd:d7:7e:1d:74:
24:da:ae:e2:e1:8a:ea:b7:2c:08:cb:e1:65:89:0d:7b:90:cb:
f4:85:9b:0a:46:9c:d0:92:eb:30:87:05:33:f9:0f:60:78:29:
05:31:98:6a:d6:37:e8:97:63:25:63:cf:1c:71:3c:cd:75:32:
0e:9e:67:6e:f8:07:9e:2c:a9:97:86:e8:e7:22:ce:a6:31:21:
11:07:90:ba:ed:29:35:f4:51:f0:3a:67:f5:45:fa:a7:d1:b1:
b7:75:ad:93:cf:b7:32:fc:54:6d:42:98:4a:53:20:56:a3:c1:
74:c5:e9:6b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRBODM3RkFERjE4RkYz
NTk3REIzRDkzREQ2QUQ4RjE0REFDMTRDNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCvomJMckZPVC+7WvCQnEBRpRkaIbfeJJIbab1AYX+AujJhdFk
hxPpiqtL2yY4fuSL2eaft9wlZ8AwbrLvo2smWfgkbBm7hRwWEmfwAB1yutdvzvrT
29UpaL5ncfeKPk6sc1Bg1AnFdFF/xu//nUwZFPY/Duns/fattMEoX5HfCPP35Dqb
EJwWj46v03bmWeSCB3W26wd6V/kpEwRZNbmJeMc84rM3+c8NG9IcT1Ze+wlyn3kz
2B6xXG0WZOOo+q7XZjNwldf592bT+Us5AjAR98QpfykxeJLvMA8sWxsEQAAUcmTR
H2wzhvCcNilxDssuKnP2+HpEwb9IvlqL2P+9AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUSoN/rfGP81l9s9k91q2PFNrBTE8wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1NvTl9yZkdQODFsOXM5azkxcTJQRk5y
QlRFOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTwwDQYJ
KoZIhvcNAQELBQADggEBAKMd0M83Trmvmaco9NbwHUN71ihkSMAp2ynnoLIz0h9i
XhgXtFd5MSkJr7+SWCTzBGuML+klhe+HpXRLdRJvJ2rsyjkTA1h8hIryYMIBUSzc
GgsOtmfIbdjtG9C8mB5ohN7aJOw9NYHqU1SoVRQT6SvegznYOX/x9cvOLxhrjnTg
LjWCUg7ql6wHHDfd134ddCTaruLhiuq3LAjL4WWJDXuQy/SFmwpGnNCS6zCHBTP5
D2B4KQUxmGrWN+iXYyVjzxxxPM11Mg6eZ274B54sqZeG6OcizqYxIREHkLrtKTX0
UfA6Z/VF+qfRsbd1rZPPtzL8VG1CmEpTIFajwXTF6Ws=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org