Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/1wcH6JNlBhxvC7YqMbmjTRTUNu0.roa
File: 1wcH6JNlBhxvC7YqMbmjTRTUNu0.roa (raw, json)
Hash identifier: xHGOmfhkEqI8hURKcc9gR56apEEjFJ14TJNNy8eH9hE=
Subject key identifier: D7:07:07:E8:93:65:06:1C:6F:0B:B6:2A:31:B9:A3:4D:14:D4:36:ED
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD2
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1wcH6JNlBhxvC7YqMbmjTRTUNu0.roa
Signing time: Wed 01 Feb 2023 10:28:22 +0000
ROA not before: Wed 01 Feb 2023 10:28:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 192.72.192.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3282 (0xcd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D70707E89365061C6F0BB62A31B9A34D14D436ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f7:fe:5f:5d:94:76:bc:4c:45:0c:ae:2c:5c:
36:79:24:b0:26:5f:c4:14:50:52:2b:d0:ec:b3:2f:
fa:be:d5:f4:76:51:88:c4:d0:2d:1f:1c:e3:d8:fb:
c2:8e:00:e7:db:68:b7:fa:8f:76:6b:aa:59:63:6e:
53:56:15:2b:2e:38:87:2b:77:2f:e3:ab:3c:55:44:
9c:82:e1:fc:93:3f:27:ca:67:aa:4f:93:14:eb:a8:
dd:87:f2:b8:33:2c:ba:57:c4:1c:e5:a4:2c:2c:3d:
78:86:2c:dc:18:67:89:7b:35:1e:1f:1a:a3:f4:96:
45:0f:d7:48:2a:fa:dd:42:b8:f8:de:52:a2:1e:fe:
ff:84:b8:e8:cc:09:e9:87:c0:35:d3:4a:a2:d8:80:
b3:d3:aa:fd:6e:6b:6b:ef:f1:8e:40:0f:85:f0:5e:
8f:3a:ce:4a:8c:52:fb:04:f5:9d:a7:e3:57:3b:2b:
61:ee:96:03:96:ce:6a:fb:fb:e9:17:3b:80:65:2b:
2f:34:62:30:73:ff:c8:14:66:68:5d:5a:70:b3:bf:
bf:80:2d:bb:fa:8e:bc:eb:34:88:cf:06:23:7d:5a:
7d:91:50:c0:aa:f7:f9:f2:5d:c5:87:76:36:03:5f:
8c:f4:5d:33:d6:e1:53:20:a2:d1:51:dd:38:93:c3:
86:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:07:07:E8:93:65:06:1C:6F:0B:B6:2A:31:B9:A3:4D:14:D4:36:ED
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/1wcH6JNlBhxvC7YqMbmjTRTUNu0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.192.0/19
Signature Algorithm: sha256WithRSAEncryption
06:0d:9a:a4:29:e8:41:94:2d:e5:6a:19:8d:81:43:68:87:48:
f0:bd:e5:81:e0:f6:37:bf:c7:d8:20:e9:55:58:7a:26:6f:ae:
7f:25:d7:6b:84:76:f2:8d:39:2c:c1:65:8e:af:da:0e:4f:f5:
4b:11:af:3e:40:34:ac:71:00:89:1c:8b:80:8e:44:d0:f3:83:
7c:e0:8d:7d:7d:37:8c:95:e7:42:fc:68:09:22:6f:40:9f:62:
5b:f9:67:10:33:5f:89:a7:02:ef:98:63:13:26:33:87:b5:df:
68:4c:9e:7c:ef:75:83:c8:58:d6:d7:32:9d:9b:53:54:77:9d:
13:86:c7:61:4f:8d:42:23:b1:8b:c0:3f:ed:3f:e0:f4:05:81:
09:a9:fb:4b:54:ee:f8:b7:f8:08:f5:ec:23:39:6b:96:e8:02:
cf:2b:a1:1b:b9:7a:64:c6:ca:87:cb:23:39:2a:bc:38:0a:76:
51:47:fc:eb:d1:24:e5:70:bd:21:db:d2:20:0c:45:0c:24:75:
4e:43:2c:49:8c:f9:33:d2:8e:fa:04:4f:ce:6c:b8:4f:97:d4:
ca:f7:28:c4:96:da:be:51:c8:e8:de:69:82:cc:d4:be:37:34:
5b:51:f7:de:cf:ab:d8:e0:d0:24:f0:09:6a:66:5f:4b:ee:16:
31:a2:8f:21
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ3MDcwN0U4OTM2NTA2
MUM2RjBCQjYyQTMxQjlBMzREMTRENDM2RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCc9/5fXZR2vExFDK4sXDZ5JLAmX8QUUFIr0OyzL/q+1fR2UYjE
0C0fHOPY+8KOAOfbaLf6j3ZrqlljblNWFSsuOIcrdy/jqzxVRJyC4fyTPyfKZ6pP
kxTrqN2H8rgzLLpXxBzlpCwsPXiGLNwYZ4l7NR4fGqP0lkUP10gq+t1CuPjeUqIe
/v+EuOjMCemHwDXTSqLYgLPTqv1ua2vv8Y5AD4XwXo86zkqMUvsE9Z2n41c7K2Hu
lgOWzmr7++kXO4BlKy80YjBz/8gUZmhdWnCzv7+ALbv6jrzrNIjPBiN9Wn2RUMCq
9/nyXcWHdjYDX4z0XTPW4VMgotFR3TiTw4a5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU1wcH6JNlBhxvC7YqMbmjTRTUNu0wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMXdjSDZKTmxCaHh2QzdZcU1ibWpU
UlRVTnUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcBIwDAN
BgkqhkiG9w0BAQsFAAOCAQEABg2apCnoQZQt5WoZjYFDaIdI8L3lgeD2N7/H2CDp
VVh6Jm+ufyXXa4R28o05LMFljq/aDk/1SxGvPkA0rHEAiRyLgI5E0PODfOCNfX03
jJXnQvxoCSJvQJ9iW/lnEDNfiacC75hjEyYzh7XfaEyefO91g8hY1tcynZtTVHed
E4bHYU+NQiOxi8A/7T/g9AWBCan7S1Tu+Lf4CPXsIzlrlugCzyuhG7l6ZMbKh8sj
OSq8OAp2UUf869Ek5XC9IdvSIAxFDCR1TkMsSYz5M9KO+gRPzmy4T5fUyvcoxJba
vlHI6N5pgszUvjc0W1H33s+r2ODQJPAJamZfS+4WMaKPIQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:14 2023 by rpki-client on console-fra.rpki-client.org