Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/4j9BNZf97gbdVlW2Oz4VkxB3SIs.roa
File: 4j9BNZf97gbdVlW2Oz4VkxB3SIs.roa (raw, json)
Hash identifier: biNhY6dgNciUhftYWfFEsx5bsVeZoDGRmRJCU+wIuWs=
Subject key identifier: E2:3F:41:35:97:FD:EE:06:DD:56:55:B6:3B:3E:15:93:10:77:48:8B
Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Certificate serial: 0A48
Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/4j9BNZf97gbdVlW2Oz4VkxB3SIs.roa
Signing time: Thu 15 Sep 2022 02:38:19 +0000
ROA not before: Thu 15 Sep 2022 02:38:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 7539
IP address blocks: 211.73.64.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2632 (0xa48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Validity
Not Before: Sep 15 02:38:19 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E23F413597FDEE06DD5655B63B3E15931077488B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bb:ca:79:73:4b:5f:52:50:68:bd:ee:be:71:
c7:3c:db:e7:bd:58:cf:15:38:a8:d7:5f:4a:52:44:
48:92:d0:f5:82:88:cb:45:dc:b8:bf:ca:d8:36:e5:
8b:69:f5:d7:c0:17:a8:bf:86:03:57:7a:28:75:f5:
09:48:b1:02:d1:98:05:50:59:e7:a9:a6:24:34:7f:
be:13:0d:6f:9b:5f:7a:6e:2d:fe:e5:af:6a:07:74:
86:55:b7:86:b4:fc:38:af:23:5d:36:38:07:9f:67:
d6:7a:d9:fc:17:1f:62:d5:a8:d6:43:1d:f4:01:0d:
57:fa:31:33:57:d7:b9:31:43:3d:ac:7d:e8:f8:dc:
99:da:3b:0d:3a:57:0b:a7:cd:60:48:75:90:d8:24:
b5:59:db:38:75:97:08:d0:84:66:c2:68:a4:1d:43:
0d:b5:02:56:15:56:1b:e1:42:95:3e:41:ef:5a:ba:
ca:52:9a:d9:44:76:05:d5:99:14:7a:77:96:7f:82:
fa:67:66:18:9f:43:17:ce:ad:9b:3f:b5:1e:30:4f:
51:9f:da:45:ce:8d:62:f2:2e:39:90:45:89:90:79:
5c:1f:9c:d5:e9:ff:b2:54:50:56:bf:c8:06:98:18:
f4:1c:1b:c0:56:18:0c:61:40:ef:55:f9:1d:72:76:
93:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3F:41:35:97:FD:EE:06:DD:56:55:B6:3B:3E:15:93:10:77:48:8B
X509v3 Authority Key Identifier:
keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/4j9BNZf97gbdVlW2Oz4VkxB3SIs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.73.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:ee:ed:e0:1a:72:e5:cc:0e:1b:aa:41:09:7f:71:37:78:45:
d4:b8:2e:9e:10:a2:df:da:10:02:6e:f0:0c:f1:67:d9:62:13:
ce:2f:c8:e9:a3:b8:b8:c7:06:8e:62:fa:e2:89:fd:59:07:7f:
ea:4d:2c:d5:ec:d9:18:23:f2:bc:49:e6:65:f9:aa:51:75:6a:
f8:16:37:6e:e0:f1:e7:74:4a:5b:75:d4:70:d4:9b:03:d9:1d:
21:3a:16:35:c9:1a:7e:46:15:cc:1b:86:64:e4:6e:bd:ff:d2:
22:b5:3f:16:53:26:07:0f:d9:0e:f5:42:d1:5d:f2:c6:c1:a3:
af:a5:d0:45:d6:c1:94:fe:f9:12:94:73:1c:89:7e:70:02:62:
1c:d5:78:f6:3d:5b:04:0b:1f:ec:cb:37:22:a8:b9:ae:3d:4c:
cd:02:62:e8:56:54:2d:3a:af:ff:4b:d8:3c:23:a2:4e:30:84:
0a:b2:cb:17:bd:17:61:c0:b8:58:45:da:1e:fe:f6:44:6f:c1:
e7:0d:9e:75:8c:e7:f7:a4:48:9d:64:1f:b6:ee:69:82:3a:75:
3d:b8:3a:f1:e1:ce:61:0e:75:d7:9b:39:81:15:52:01:b4:da:
e7:da:69:dc:19:99:b4:0c:bf:93:06:54:59:10:fa:55:57:09:
ae:80:66:95
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz
ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yMjA5MTUw
MjM4MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEUyM0Y0MTM1OTdGREVF
MDZERDU2NTVCNjNCM0UxNTkzMTA3NzQ4OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbu8p5c0tfUlBove6+ccc82+e9WM8VOKjXX0pSREiS0PWCiMtF
3Li/ytg25Ytp9dfAF6i/hgNXeih19QlIsQLRmAVQWeeppiQ0f74TDW+bX3puLf7l
r2oHdIZVt4a0/DivI102OAefZ9Z62fwXH2LVqNZDHfQBDVf6MTNX17kxQz2sfej4
3JnaOw06VwunzWBIdZDYJLVZ2zh1lwjQhGbCaKQdQw21AlYVVhvhQpU+Qe9auspS
mtlEdgXVmRR6d5Z/gvpnZhifQxfOrZs/tR4wT1Gf2kXOjWLyLjmQRYmQeVwfnNXp
/7JUUFa/yAaYGPQcG8BWGAxhQO9V+R1ydpOJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU4j9BNZf97gbdVlW2Oz4VkxB3SIswHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1
fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83
VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvNGo5Qk5aZjk3Z2JkVmxXMk96NFZr
eEIzU0lzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdNJQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHe7t4Bpy5cwOG6pBCX9xN3hF1LgunhCi39oQAm7w
DPFn2WITzi/I6aO4uMcGjmL64on9WQd/6k0s1ezZGCPyvEnmZfmqUXVq+BY3buDx
53RKW3XUcNSbA9kdIToWNckafkYVzBuGZORuvf/SIrU/FlMmBw/ZDvVC0V3yxsGj
r6XQRdbBlP75EpRzHIl+cAJiHNV49j1bBAsf7Ms3Iqi5rj1MzQJi6FZULTqv/0vY
PCOiTjCECrLLF70XYcC4WEXaHv72RG/B5w2edYzn96RInWQftu5pgjp1Pbg68eHO
YQ5115s5gRVSAbTa59pp3BmZtAy/kwZUWRD6VVcJroBmlQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:49 2023 by rpki-client on console-ams.rpki-client.org