Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/A4R39lrsVusZe0HDPxF11d5qXFI.roa
File: A4R39lrsVusZe0HDPxF11d5qXFI.roa (raw, json)
Hash identifier: 5h/mLWX2YuR15stfwnRjvPvq6Fm3B+Gc8ywnW7acfHA=
Subject key identifier: 03:84:77:F6:5A:EC:56:EB:19:7B:41:C3:3F:11:75:D5:DE:6A:5C:52
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10EA
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/A4R39lrsVusZe0HDPxF11d5qXFI.roa
Signing time: Wed 01 Feb 2023 10:29:12 +0000
ROA not before: Wed 01 Feb 2023 10:29:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 218.210.118.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4330 (0x10ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:12 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=038477F65AEC56EB197B41C33F1175D5DE6A5C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bf:b3:f9:63:c2:94:93:28:e4:7c:fb:75:01:
43:73:86:45:f4:47:4e:ec:37:89:86:0e:3d:07:36:
99:81:df:2f:21:75:f0:6d:ff:f7:54:a2:22:f7:ca:
57:d7:d3:49:f4:7d:22:9f:b5:3f:33:a1:ed:dd:72:
5e:8b:76:89:74:00:4b:6c:db:d3:c5:09:15:8e:27:
62:09:4b:6c:13:70:14:5c:ed:7b:78:1c:ab:a6:82:
d0:c9:75:fa:58:39:d8:71:0a:a0:29:8d:c6:54:6b:
77:be:26:ef:6e:77:94:ab:88:12:b7:66:89:f8:b4:
c3:68:83:3a:38:c4:87:d3:a5:bd:4f:94:e4:1e:ba:
63:f1:45:66:fd:3c:5f:be:f7:c7:4f:e3:fa:da:57:
87:d5:9d:62:8d:99:35:5d:00:c1:a0:98:ce:37:33:
d4:de:f0:42:78:f1:e5:1e:cd:7e:c2:a1:8d:32:84:
69:47:9b:a3:33:b9:f2:5c:10:2e:6b:68:fc:ad:86:
62:36:6a:a6:b8:cf:b8:d0:63:cb:6d:4a:c2:0e:20:
7f:a7:10:19:f4:7b:ed:2d:2d:57:78:c3:df:0b:b7:
d4:b7:d4:06:a0:ff:a1:ab:5c:d5:9c:e8:73:e4:b6:
7e:1e:7e:b0:36:58:26:5e:f5:89:91:e2:fa:aa:31:
b7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:84:77:F6:5A:EC:56:EB:19:7B:41:C3:3F:11:75:D5:DE:6A:5C:52
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/A4R39lrsVusZe0HDPxF11d5qXFI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.118.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:2c:55:cd:d4:da:3a:1e:6a:7f:56:48:a7:b9:08:1a:6c:b4:
fb:50:52:56:62:3b:ed:53:bd:da:72:c6:29:a9:f0:0b:7f:27:
a5:70:39:7e:92:e5:a9:cc:bc:4e:f7:72:c7:56:d9:28:b4:d8:
b4:6e:64:ca:0c:03:93:69:9f:53:d7:2f:4d:88:ee:1a:43:b1:
be:e6:9c:84:76:a9:fa:83:ab:cd:d2:a1:bf:c4:e8:d6:9c:d2:
bf:bf:ed:7f:77:8b:b0:a8:39:a7:c3:4a:ff:27:b3:8e:29:b9:
9d:3f:43:15:f5:40:cf:3d:a1:75:db:17:94:97:6d:07:68:d3:
8d:5f:4d:db:90:21:eb:56:fa:a3:91:b3:bd:eb:69:df:ab:25:
5c:c5:3b:a5:6e:6e:ec:a9:f0:40:b7:25:ac:14:96:ce:db:c3:
af:29:90:ed:7e:31:e5:2e:a0:19:b9:d9:5c:99:fc:a3:3a:5c:
de:b1:e0:89:05:79:a8:f6:5c:3b:bf:f4:dd:91:90:b2:3d:d3:
d6:f6:71:0f:f4:33:5c:6d:06:53:46:db:b7:c0:29:97:ca:e4:
6f:4a:75:db:a0:ee:1b:fc:d6:3a:43:e0:19:d1:8d:72:6c:b0:
dc:ce:39:61:a0:32:0c:9a:5c:64:e5:aa:2d:f5:f4:eb:6f:7d:
dd:19:34:0b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDAzODQ3N0Y2NUFFQzU2
RUIxOTdCNDFDMzNGMTE3NUQ1REU2QTVDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEv7P5Y8KUkyjkfPt1AUNzhkX0R07sN4mGDj0HNpmB3y8hdfBt
//dUoiL3ylfX00n0fSKftT8zoe3dcl6Ldol0AEts29PFCRWOJ2IJS2wTcBRc7Xt4
HKumgtDJdfpYOdhxCqApjcZUa3e+Ju9ud5SriBK3Zon4tMNogzo4xIfTpb1PlOQe
umPxRWb9PF++98dP4/raV4fVnWKNmTVdAMGgmM43M9Te8EJ48eUezX7CoY0yhGlH
m6MzufJcEC5raPythmI2aqa4z7jQY8ttSsIOIH+nEBn0e+0tLVd4w98Lt9S31Aag
/6GrXNWc6HPktn4efrA2WCZe9YmR4vqqMbdjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUA4R39lrsVusZe0HDPxF11d5qXFIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQTRSMzlscnNWdXNaZTBIRFB4RjEx
ZDVxWEZJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdrSdjAN
BgkqhkiG9w0BAQsFAAOCAQEAXixVzdTaOh5qf1ZIp7kIGmy0+1BSVmI77VO92nLG
KanwC38npXA5fpLlqcy8Tvdyx1bZKLTYtG5kygwDk2mfU9cvTYjuGkOxvuachHap
+oOrzdKhv8To1pzSv7/tf3eLsKg5p8NK/yezjim5nT9DFfVAzz2hddsXlJdtB2jT
jV9N25Ah61b6o5Gzvetp36slXMU7pW5u7KnwQLclrBSWztvDrymQ7X4x5S6gGbnZ
XJn8ozpc3rHgiQV5qPZcO7/03ZGQsj3T1vZxD/QzXG0GU0bbt8Apl8rkb0p126Du
G/zWOkPgGdGNcmyw3M45YaAyDJpcZOWqLfX062993Rk0Cw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org