Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/3TUvMkB_oe9hDizRTVrqnQO8fgo.roa
File: 3TUvMkB_oe9hDizRTVrqnQO8fgo.roa (raw, json)
Hash identifier: znx7gVfg8aVWkb6HW3EcYNNzThAvU4siw/fYc6jDsSM=
Subject key identifier: DD:35:2F:32:40:7F:A1:EF:61:0E:2C:D1:4D:5A:EA:9D:03:BC:7E:0A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1065
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3TUvMkB_oe9hDizRTVrqnQO8fgo.roa
Signing time: Wed 01 Feb 2023 10:28:31 +0000
ROA not before: Wed 01 Feb 2023 10:28:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38851
IP address blocks: 113.196.144.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4197 (0x1065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:31 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DD352F32407FA1EF610E2CD14D5AEA9D03BC7E0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ce:76:b9:27:89:a6:ca:f7:ac:06:70:59:85:
4e:8f:da:54:b2:a4:08:32:f3:bb:0d:15:c0:41:0d:
f7:91:4f:5b:8c:56:cd:e0:a7:66:bf:28:d0:bd:a1:
a8:d6:31:a7:73:c2:a4:62:0c:5a:4f:29:fb:bb:37:
1c:f8:37:0d:f9:e5:c3:cf:7f:e2:43:85:7d:45:af:
ce:db:75:9d:13:cf:a6:bb:11:f0:69:b0:5f:eb:2a:
ab:b9:49:31:88:f7:a0:18:6b:64:da:6f:c5:e4:72:
46:06:02:37:be:1c:ac:54:bf:f6:f6:42:b2:7b:0d:
58:21:c6:f6:c6:78:d2:e6:0f:b8:48:d5:38:ba:47:
63:b5:ad:59:ec:ed:ab:51:68:57:b1:6f:45:d9:ca:
de:12:67:e8:1f:f8:5c:5d:8b:4a:12:26:05:38:db:
01:c2:6d:21:ba:b5:46:61:67:88:eb:c9:66:bc:c0:
83:53:b5:39:70:d4:e3:09:f6:f7:36:3f:5d:5b:e6:
8a:70:ff:54:55:2a:5d:3d:49:0e:a0:07:ea:02:45:
35:f0:59:07:5c:32:fa:13:ad:41:c7:c0:fd:39:3d:
07:de:b7:9c:54:d4:49:06:53:5d:1c:e5:56:ac:a4:
ba:10:c5:15:54:ef:42:af:e6:41:ba:68:2b:9b:a6:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:35:2F:32:40:7F:A1:EF:61:0E:2C:D1:4D:5A:EA:9D:03:BC:7E:0A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/3TUvMkB_oe9hDizRTVrqnQO8fgo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.196.144.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:09:97:73:8b:b2:34:60:22:70:e3:1f:c8:03:b1:6a:c5:ad:
f0:48:68:1a:0e:26:be:f9:73:56:d7:42:50:3c:04:2c:31:3f:
8f:c5:cc:89:1c:2a:6c:9f:56:43:7c:91:01:bb:ef:a0:bc:0e:
0c:bc:31:12:d5:2a:97:f7:7b:57:bc:d5:ad:0f:c8:cd:32:d8:
9a:01:ac:75:87:ce:c2:1c:d7:11:3e:0b:6f:3d:f0:17:28:5f:
0c:7a:28:72:66:24:c1:2a:57:a8:f9:48:08:2e:bb:00:95:56:
ad:1a:1e:87:34:46:a2:6b:bf:20:d1:d2:02:89:07:79:c4:90:
64:25:58:35:57:74:6d:31:6d:07:fb:0c:57:2e:af:07:8f:27:
94:9e:51:16:b8:80:d6:a7:38:91:32:d8:78:0e:72:cc:03:c6:
50:61:77:65:17:f4:ad:34:e7:fe:40:6d:6c:45:1f:d3:a9:f0:
0d:32:d5:5e:ae:25:d3:e4:0f:27:ab:01:e1:01:b7:1e:1f:41:
0a:25:93:df:05:96:ca:1b:d3:47:59:7e:4b:e0:31:ef:7d:c2:
5a:42:b9:16:d4:14:6a:12:dd:16:49:0e:c3:d6:15:7a:80:5c:
94:10:d4:13:bf:81:d8:c2:0b:23:1d:9a:68:bb:4c:f0:a5:6d:
b9:49:7c:b3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREMzUyRjMyNDA3RkEx
RUY2MTBFMkNEMTRENUFFQTlEMDNCQzdFMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAzna5J4mmyvesBnBZhU6P2lSypAgy87sNFcBBDfeRT1uMVs3g
p2a/KNC9oajWMadzwqRiDFpPKfu7Nxz4Nw355cPPf+JDhX1Fr87bdZ0Tz6a7EfBp
sF/rKqu5STGI96AYa2Tab8XkckYGAje+HKxUv/b2QrJ7DVghxvbGeNLmD7hI1Ti6
R2O1rVns7atRaFexb0XZyt4SZ+gf+Fxdi0oSJgU42wHCbSG6tUZhZ4jryWa8wINT
tTlw1OMJ9vc2P11b5opw/1RVKl09SQ6gB+oCRTXwWQdcMvoTrUHHwP05PQfet5xU
1EkGU10c5VaspLoQxRVU70Kv5kG6aCubpv9DAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3TUvMkB/oe9hDizRTVrqnQO8fgowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvM1RVdk1rQl9vZTloRGl6UlRWcnFu
UU84ZmdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3HEkDAN
BgkqhkiG9w0BAQsFAAOCAQEAsQmXc4uyNGAicOMfyAOxasWt8EhoGg4mvvlzVtdC
UDwELDE/j8XMiRwqbJ9WQ3yRAbvvoLwODLwxEtUql/d7V7zVrQ/IzTLYmgGsdYfO
whzXET4Lbz3wFyhfDHoocmYkwSpXqPlICC67AJVWrRoehzRGomu/INHSAokHecSQ
ZCVYNVd0bTFtB/sMVy6vB48nlJ5RFriA1qc4kTLYeA5yzAPGUGF3ZRf0rTTn/kBt
bEUf06nwDTLVXq4l0+QPJ6sB4QG3Hh9BCiWT3wWWyhvTR1l+S+Ax733CWkK5FtQU
ahLdFkkOw9YVeoBclBDUE7+B2MILIx2aaLtM8KVtuUl8sw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org