Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/74wcNg-Vlu8EJAu0lrc3ecidpxk.roa
File: 74wcNg-Vlu8EJAu0lrc3ecidpxk.roa (raw, json)
Hash identifier: 7ufxHshzY70tZd5G+h7GvnOJlMhXxVpa54Snj7gmRoM=
Subject key identifier: EF:8C:1C:36:0F:95:96:EF:04:24:0B:B4:96:B7:37:79:C8:9D:A7:19
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10FD
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/74wcNg-Vlu8EJAu0lrc3ecidpxk.roa
Signing time: Wed 01 Feb 2023 10:29:19 +0000
ROA not before: Wed 01 Feb 2023 10:29:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131586
IP address blocks: 106.106.0.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4349 (0x10fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=EF8C1C360F9596EF04240BB496B73779C89DA719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:c3:65:1f:99:17:86:da:b9:01:91:68:7c:
d8:62:40:74:be:9f:73:e9:ac:17:93:75:68:36:31:
4d:d5:c3:e1:a1:fd:d2:da:5d:e9:54:f7:6e:23:20:
0f:7f:c8:9f:bd:c0:25:63:3e:9f:9e:68:56:0f:bd:
99:4d:3f:bb:87:79:ba:af:b9:63:b9:e3:0a:8f:a9:
cf:34:b1:c4:8a:0a:cf:5c:98:45:37:e5:9f:86:70:
3f:6c:39:91:2b:c5:1a:14:ea:ec:45:6e:82:6b:a2:
18:7c:d1:01:64:fe:13:0a:25:ea:c9:af:de:fd:c0:
77:c3:c2:8f:c4:4e:24:e2:8f:58:c7:31:81:bc:77:
b4:db:16:8d:ed:75:b4:cc:85:0e:27:4e:ac:ff:ba:
83:7d:17:a5:73:8e:c9:dc:32:b3:2a:ce:73:f4:d1:
c4:ae:88:76:01:d2:68:fc:15:3a:2d:20:17:a0:f0:
95:0e:67:13:e8:20:bc:96:6f:7e:56:8b:3e:c0:67:
5a:4d:ae:98:d2:bd:0e:6c:62:54:6f:5e:57:ad:04:
f9:2d:91:da:93:10:cb:d5:be:d6:3e:eb:a0:ef:b9:
7f:a0:b1:72:28:5d:f0:c6:d1:67:38:81:05:00:b3:
d0:55:a4:21:a3:fa:34:1f:55:29:e1:cc:9b:68:bb:
92:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8C:1C:36:0F:95:96:EF:04:24:0B:B4:96:B7:37:79:C8:9D:A7:19
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/74wcNg-Vlu8EJAu0lrc3ecidpxk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.106.0.0/17
Signature Algorithm: sha256WithRSAEncryption
32:f5:5d:17:a8:cd:88:76:0a:a4:0a:bd:50:1d:67:b1:89:36:
d1:83:71:43:3c:00:13:59:9d:1a:35:d9:6c:f6:63:33:56:bc:
97:55:bd:f8:1a:91:d4:eb:53:a0:21:c6:97:d4:d3:47:64:85:
4f:2a:c1:3d:7d:ef:7b:2a:bd:cf:5c:ec:d1:a9:12:d9:58:21:
29:7e:c2:df:db:67:20:b0:9d:e4:d8:c5:33:0c:93:fd:d1:5e:
ba:93:29:52:73:55:96:c8:41:30:a2:35:1a:b2:a3:e3:20:62:
ec:e6:ba:e7:e9:b7:8c:60:a4:ee:12:78:21:79:bd:c5:04:60:
82:ce:e6:62:1a:f7:18:b0:1a:15:d6:35:c7:ef:a8:88:3a:8a:
4c:6e:8c:66:63:ed:e8:1e:63:5e:ee:aa:a1:c1:91:74:72:76:
c8:df:46:64:72:a1:85:69:d3:b8:a0:7d:a9:25:b4:41:cd:c8:
99:3e:e0:cb:f6:5d:e3:56:6f:db:47:55:61:b4:43:a5:08:47:
08:71:f1:b6:e8:d2:dd:f6:95:06:9d:7b:76:95:e5:21:42:46:
72:2c:20:19:47:a0:6b:af:21:da:54:62:a5:85:a6:9e:1e:c3:
e0:c5:7d:fe:39:94:97:d4:83:ef:d6:09:ea:ef:93:39:5d:bc:
6e:a4:66:6c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEVGOEMxQzM2MEY5NTk2
RUYwNDI0MEJCNDk2QjczNzc5Qzg5REE3MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEV8NlH5kXhtq5AZFofNhiQHS+n3PprBeTdWg2MU3Vw+Gh/dLa
XelU924jIA9/yJ+9wCVjPp+eaFYPvZlNP7uHebqvuWO54wqPqc80scSKCs9cmEU3
5Z+GcD9sOZErxRoU6uxFboJrohh80QFk/hMKJerJr979wHfDwo/ETiTij1jHMYG8
d7TbFo3tdbTMhQ4nTqz/uoN9F6VzjsncMrMqznP00cSuiHYB0mj8FTotIBeg8JUO
ZxPoILyWb35Wiz7AZ1pNrpjSvQ5sYlRvXletBPktkdqTEMvVvtY+66DvuX+gsXIo
XfDG0Wc4gQUAs9BVpCGj+jQfVSnhzJtou5L1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU74wcNg+Vlu8EJAu0lrc3ecidpxkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvNzR3Y05nLVZsdThFSkF1MGxyYzNl
Y2lkcHhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB2pqADAN
BgkqhkiG9w0BAQsFAAOCAQEAMvVdF6jNiHYKpAq9UB1nsYk20YNxQzwAE1mdGjXZ
bPZjM1a8l1W9+BqR1OtToCHGl9TTR2SFTyrBPX3veyq9z1zs0akS2VghKX7C39tn
ILCd5NjFMwyT/dFeupMpUnNVlshBMKI1GrKj4yBi7Oa65+m3jGCk7hJ4IXm9xQRg
gs7mYhr3GLAaFdY1x++oiDqKTG6MZmPt6B5jXu6qocGRdHJ2yN9GZHKhhWnTuKB9
qSW0Qc3ImT7gy/Zd41Zv20dVYbRDpQhHCHHxtujS3faVBp17dpXlIUJGciwgGUeg
a68h2lRipYWmnh7D4MV9/jmUl9SD79YJ6u+TOV28bqRmbA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org