Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/VIwk6b2Cwh2nQsC_B9unzdaVdIY.roa
File: VIwk6b2Cwh2nQsC_B9unzdaVdIY.roa (raw, json)
Hash identifier: Tyoz6kgxjocR9ecN5Q4c4exr+PgjlnGj5N2dhtnoTM0=
Subject key identifier: 54:8C:24:E9:BD:82:C2:1D:A7:42:C0:BF:07:DB:A7:CD:D6:95:74:86
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0B72
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/VIwk6b2Cwh2nQsC_B9unzdaVdIY.roa
Signing time: Fri 07 Apr 2023 00:54:54 +0000
ROA not before: Fri 07 Apr 2023 00:54:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131602
IP address blocks: 211.78.8.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2930 (0xb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Apr 7 00:54:54 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=548C24E9BD82C21DA742C0BF07DBA7CDD6957486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:d4:fa:8c:28:bf:61:ed:34:90:c8:3e:77:
9a:f4:ab:dd:d0:5e:e8:5d:a1:41:26:d9:b4:9e:c0:
4f:43:8a:a8:8c:78:65:0a:92:d1:2d:ff:1b:94:bd:
6c:96:f3:54:25:ce:c3:9d:33:72:4f:a5:0c:b9:fa:
5b:5c:48:65:88:07:e7:98:b1:bc:5f:9d:e0:61:6c:
17:89:5f:63:db:85:f9:ee:b8:c0:7d:d6:e1:e9:3d:
0b:83:3f:6c:d0:1a:ad:6b:a3:a0:e9:8a:be:ad:3e:
2a:4d:94:c0:ca:0d:fc:a2:9f:c4:2b:41:31:79:8e:
f8:82:db:16:89:95:56:67:8a:fd:40:0c:ac:52:96:
78:bc:04:33:cf:dd:c6:c6:25:50:c5:a4:3b:f3:2c:
0e:45:2c:56:29:7b:39:22:a7:e1:62:d8:2e:37:19:
9b:8d:c1:e4:0d:73:82:3d:44:38:eb:c1:82:6a:a3:
6a:46:75:57:b7:ec:89:71:28:92:bb:2c:5f:45:65:
5c:7f:36:a8:b9:5a:b0:4e:2f:9e:03:a7:d3:bb:46:
7a:13:d7:f2:8d:6a:d5:07:94:2d:e1:dc:5d:a5:c4:
f3:e7:44:85:12:41:4e:d5:75:9f:6d:dd:94:bf:d1:
c0:0b:2b:41:06:3f:8b:3a:de:56:bd:c7:6d:ec:20:
a5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8C:24:E9:BD:82:C2:1D:A7:42:C0:BF:07:DB:A7:CD:D6:95:74:86
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/VIwk6b2Cwh2nQsC_B9unzdaVdIY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:97:c0:49:65:a1:83:78:0c:1a:eb:d5:1d:1d:3c:d7:31:5e:
6f:e9:13:e7:00:31:c6:0a:a0:4d:3f:6b:db:b2:94:d9:0e:d5:
97:09:45:e1:c9:d4:5f:13:6f:63:24:40:32:23:d6:53:70:10:
ae:65:96:22:03:ef:f5:25:ce:55:85:2a:e4:dc:5d:e2:68:7c:
5a:b4:5c:f8:54:cc:13:18:e0:b7:37:e0:b1:78:6b:61:12:65:
5b:c2:40:22:87:e7:eb:6d:e6:e6:d7:c2:27:53:5b:be:4c:04:
72:58:52:ad:18:1f:09:29:ec:79:d4:c7:da:10:e3:91:9b:7e:
45:03:8d:02:7e:11:5f:68:4e:09:4b:69:d3:a8:f1:35:28:c0:
e8:1b:b9:43:56:fd:eb:d1:ac:ff:a9:d3:93:b3:99:66:e5:80:
87:e2:10:17:85:01:af:cb:d7:cb:07:c1:37:27:36:11:f3:3e:
85:e1:2c:17:24:35:99:1a:af:e6:62:41:e8:0d:c3:7a:89:03:
28:9b:77:a9:df:5d:d8:8a:fe:4a:cc:98:05:52:3d:e7:ec:a8:
02:93:e9:33:e6:00:42:ab:23:7b:16:7b:7a:64:48:02:75:f9:
d7:a3:f2:d2:49:b2:f1:73:06:4e:fb:af:e7:36:e2:4c:1d:bd:
4a:01:ff:e0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA0MDcw
MDU0NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU0OEMyNEU5QkQ4MkMy
MURBNzQyQzBCRjA3REJBN0NERDY5NTc0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG8tT6jCi/Ye00kMg+d5r0q93QXuhdoUEm2bSewE9DiqiMeGUK
ktEt/xuUvWyW81QlzsOdM3JPpQy5+ltcSGWIB+eYsbxfneBhbBeJX2PbhfnuuMB9
1uHpPQuDP2zQGq1ro6Dpir6tPipNlMDKDfyin8QrQTF5jviC2xaJlVZniv1ADKxS
lni8BDPP3cbGJVDFpDvzLA5FLFYpezkip+Fi2C43GZuNweQNc4I9RDjrwYJqo2pG
dVe37IlxKJK7LF9FZVx/Nqi5WrBOL54Dp9O7RnoT1/KNatUHlC3h3F2lxPPnRIUS
QU7VdZ9t3ZS/0cALK0EGP4s63la9x23sIKXrAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUVIwk6b2Cwh2nQsC/B9unzdaVdIYwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1ZJd2s2YjJDd2gyblFzQ19COXVuemRh
VmRJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ
KoZIhvcNAQELBQADggEBAKaXwElloYN4DBrr1R0dPNcxXm/pE+cAMcYKoE0/a9uy
lNkO1ZcJReHJ1F8Tb2MkQDIj1lNwEK5lliID7/UlzlWFKuTcXeJofFq0XPhUzBMY
4Lc34LF4a2ESZVvCQCKH5+tt5ubXwidTW75MBHJYUq0YHwkp7HnUx9oQ45GbfkUD
jQJ+EV9oTglLadOo8TUowOgbuUNW/evRrP+p05OzmWblgIfiEBeFAa/L18sHwTcn
NhHzPoXhLBckNZkar+ZiQegNw3qJAyibd6nfXdiK/krMmAVSPefsqAKT6TPmAEKr
I3sWe3pkSAJ1+dej8tJJsvFzBk77r+c24kwdvUoB/+A=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:49 2023 by rpki-client on console-ams.rpki-client.org