Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/rolYA1a8acIYZRZQI6SP3ep9RPs.roa
File: rolYA1a8acIYZRZQI6SP3ep9RPs.roa (raw, json)
Hash identifier: hVgtNzjqjRpnvSGWnTnqh0gRUhLfxpf5lm5zi+NOAhA=
Subject key identifier: AE:89:58:03:56:BC:69:C2:18:65:16:50:23:A4:8F:DD:EA:7D:44:FB
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0AE5
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rolYA1a8acIYZRZQI6SP3ep9RPs.roa
Signing time: Thu 15 Sep 2022 02:49:52 +0000
ROA not before: Thu 15 Sep 2022 02:49:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 61.61.70.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2789 (0xae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 15 02:49:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AE89580356BC69C21865165023A48FDDEA7D44FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:67:a7:64:f5:08:80:c2:6f:44:ab:8b:45:76:
67:e1:d1:b1:b6:d8:2e:c6:0c:d1:5b:8b:d6:82:f3:
f4:61:1e:c1:03:57:8b:a5:64:f6:a9:41:46:09:4c:
f5:47:96:6a:76:8b:d7:96:a2:8f:65:7d:5e:a3:36:
34:61:cb:36:f7:fa:21:6b:6c:2f:a5:c2:ce:bd:bc:
c5:30:f5:fb:c5:bf:a6:d5:6f:6a:8c:67:8b:b5:8b:
7c:87:19:1f:35:a0:6f:f0:db:c8:d8:ef:5d:60:cc:
ef:b0:39:3c:28:05:65:5e:89:40:50:e3:10:46:38:
c2:d9:63:97:77:08:68:36:5f:20:31:32:54:ea:73:
b9:47:8d:bc:90:33:17:74:fe:af:a3:25:b5:22:a2:
5c:aa:8d:f5:a5:c8:64:a9:5b:f5:98:40:da:1e:d0:
a9:0f:93:f6:9c:40:3b:93:a9:2d:2e:ec:f7:45:ff:
b9:16:b0:b9:e4:57:02:73:1f:f1:06:46:c2:51:40:
e2:52:a0:a8:93:97:7e:d7:a0:a5:20:61:6e:04:e7:
00:2b:40:32:3d:42:53:6d:78:1a:71:b0:3f:ad:49:
ec:04:70:f6:95:33:62:cd:90:3a:92:10:03:15:e5:
76:c6:6f:c8:9c:57:46:1a:bc:a9:43:02:0d:90:89:
d8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:89:58:03:56:BC:69:C2:18:65:16:50:23:A4:8F:DD:EA:7D:44:FB
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rolYA1a8acIYZRZQI6SP3ep9RPs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.70.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:f8:ed:1c:55:78:d2:85:86:3f:ad:49:9b:3d:48:cb:c9:38:
bd:b0:25:97:bf:e1:10:1c:fe:b9:ab:bb:57:21:a0:91:66:40:
ec:45:b4:47:ef:4d:ac:c6:a6:8e:eb:46:77:d9:f9:98:b9:84:
97:cf:33:f1:a6:ab:5b:6c:39:52:82:c8:ca:96:83:24:66:d5:
a5:e7:01:f4:b5:29:79:a7:47:f9:a1:8e:10:e1:62:28:05:94:
1b:9d:ed:55:f0:a9:0c:a4:8f:8d:01:a7:34:d6:b5:81:1f:bb:
c8:3c:2d:be:0a:a7:ad:37:83:3c:f5:d0:34:1e:4e:b9:d8:d9:
7e:39:b4:af:54:45:99:ab:d9:bb:19:62:11:26:68:b2:c6:08:
88:9b:5f:cc:28:92:84:f1:e9:9e:8a:a9:6e:f3:19:5b:62:b9:
09:f6:1e:39:62:cc:00:6b:13:e2:0b:6e:24:71:a6:8e:a8:7b:
1e:f0:72:d7:97:3d:5d:43:66:57:74:14:cd:99:e3:fc:ca:ad:
5b:ce:70:ea:22:c0:8c:ad:11:3d:2c:90:bc:31:e2:77:e0:fd:
e1:71:4c:59:fb:49:32:db:6b:e6:cd:06:d7:a5:c6:d8:91:21:
d3:29:61:a1:af:3b:26:84:87:9a:61:45:35:f7:e6:f2:85:de:
77:ee:02:ca
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMjA5MTUw
MjQ5NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFFODk1ODAzNTZCQzY5
QzIxODY1MTY1MDIzQTQ4RkRERUE3RDQ0RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjZ6dk9QiAwm9Eq4tFdmfh0bG22C7GDNFbi9aC8/RhHsEDV4ul
ZPapQUYJTPVHlmp2i9eWoo9lfV6jNjRhyzb3+iFrbC+lws69vMUw9fvFv6bVb2qM
Z4u1i3yHGR81oG/w28jY711gzO+wOTwoBWVeiUBQ4xBGOMLZY5d3CGg2XyAxMlTq
c7lHjbyQMxd0/q+jJbUiolyqjfWlyGSpW/WYQNoe0KkPk/acQDuTqS0u7PdF/7kW
sLnkVwJzH/EGRsJRQOJSoKiTl37XoKUgYW4E5wArQDI9QlNteBpxsD+tSewEcPaV
M2LNkDqSEAMV5XbGb8icV0YavKlDAg2QidiZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUrolYA1a8acIYZRZQI6SP3ep9RPswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3JvbFlBMWE4YWNJWVpSWlFJNlNQM2Vw
OVJQcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAE9PUYwDQYJ
KoZIhvcNAQELBQADggEBAI/47RxVeNKFhj+tSZs9SMvJOL2wJZe/4RAc/rmru1ch
oJFmQOxFtEfvTazGpo7rRnfZ+Zi5hJfPM/Gmq1tsOVKCyMqWgyRm1aXnAfS1KXmn
R/mhjhDhYigFlBud7VXwqQykj40BpzTWtYEfu8g8Lb4Kp603gzz10DQeTrnY2X45
tK9URZmr2bsZYhEmaLLGCIibX8wokoTx6Z6KqW7zGVtiuQn2HjlizABrE+ILbiRx
po6oex7wcteXPV1DZld0FM2Z4/zKrVvOcOoiwIytET0skLwx4nfg/eFxTFn7STLb
a+bNBtelxtiRIdMpYaGvOyaEh5phRTX35vKF3nfuAso=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org