Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HINM58NqUZIU4PqS7r2Z6fdGmF8.roa
File: HINM58NqUZIU4PqS7r2Z6fdGmF8.roa (raw, json)
Hash identifier: PFb9MBZ3JP4Kt/4FpKWaFIwsgT7vKVKFVe0b4oPiECw=
Subject key identifier: 1C:83:4C:E7:C3:6A:51:92:14:E0:FA:92:EE:BD:99:E9:F7:46:98:5F
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD9
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HINM58NqUZIU4PqS7r2Z6fdGmF8.roa
Signing time: Wed 01 Feb 2023 10:28:48 +0000
ROA not before: Wed 01 Feb 2023 10:28:48 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.8.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3289 (0xcd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:48 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1C834CE7C36A519214E0FA92EEBD99E9F746985F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:bc:33:a8:5f:89:b0:2e:1d:8c:16:ad:c3:99:
84:ea:10:02:88:a5:aa:c9:b2:e5:de:1c:91:6a:2c:
9c:e0:7f:69:32:a8:a1:8d:e6:64:7a:de:33:47:6b:
54:b3:bb:81:d9:fd:96:67:f3:a8:b8:b7:f5:5e:1c:
81:d0:42:cc:9d:1d:66:30:72:cf:09:44:f0:ec:06:
9f:f0:c8:9f:9d:fd:81:c5:0e:bf:e4:33:27:62:98:
06:00:f6:d9:ad:39:25:52:85:75:e3:1a:56:c9:a4:
67:97:a8:09:33:36:a3:6a:29:d7:71:67:39:04:6d:
f9:ac:22:c4:4a:73:21:f3:31:14:f5:08:32:be:41:
03:10:2b:80:94:9b:15:f2:4a:d1:66:c7:39:77:f8:
78:a2:ef:fe:80:cf:e7:f4:9d:8f:c5:c8:11:8c:2b:
03:19:22:e2:66:03:01:7a:92:b8:d2:fe:db:d0:98:
d7:bc:58:fa:bf:5a:5e:e9:7a:83:dc:b3:3d:d1:69:
7a:2a:f9:c9:f2:21:ff:64:c5:21:fa:b9:72:36:d8:
cc:36:7f:52:d0:a3:2e:de:7e:93:ac:88:8a:a9:c6:
91:7b:6b:31:04:2e:46:7d:f5:d8:7b:4c:78:f9:1d:
6e:3c:5e:00:7e:b7:0d:f7:95:70:71:13:6d:5a:9a:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:83:4C:E7:C3:6A:51:92:14:E0:FA:92:EE:BD:99:E9:F7:46:98:5F
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HINM58NqUZIU4PqS7r2Z6fdGmF8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:0b:c9:c9:50:35:4d:75:7e:24:69:d3:8a:f7:d9:d7:c9:6f:
fe:35:f0:e1:cd:c6:ad:52:7d:72:ad:3e:b6:a3:12:b5:c0:1d:
42:24:98:05:16:66:01:18:42:17:f0:01:21:12:09:56:ed:6b:
80:45:ea:be:db:08:10:2c:51:e9:6c:ef:b4:fc:f9:ca:68:73:
af:18:67:3f:7f:a5:63:7a:d5:7f:9f:65:6b:1c:cb:21:9b:2a:
0d:69:b6:33:b4:a4:04:f3:1b:d0:b3:0f:e5:0a:5e:c3:68:64:
0e:59:68:31:a6:5c:06:c8:78:82:73:f4:cd:9a:bc:97:54:c4:
26:c8:7b:e3:c8:1f:50:f4:52:d5:63:b9:af:48:d1:7e:10:83:
7f:24:81:4a:a5:03:fa:7d:02:0e:07:cf:1e:5a:99:e8:9a:88:
09:ed:d4:1c:d5:d8:96:ea:f5:c7:46:4e:40:3a:55:d6:fa:b7:
38:d0:fc:ac:c5:33:65:a4:13:67:e2:32:97:5f:b8:39:ae:44:
f1:cc:e8:eb:a5:9d:59:1f:1c:4f:48:c7:1e:f7:14:94:e3:16:
81:a6:6a:6c:db:ac:64:ee:2c:28:37:2a:a3:b0:db:5d:8a:e9:
f0:3e:d5:5e:18:d8:61:74:1e:bf:97:a6:f3:0a:f4:52:ed:32:
6e:c3:14:f6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4NDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFDODM0Q0U3QzM2QTUx
OTIxNEUwRkE5MkVFQkQ5OUU5Rjc0Njk4NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDivDOoX4mwLh2MFq3DmYTqEAKIparJsuXeHJFqLJzgf2kyqKGN
5mR63jNHa1Szu4HZ/ZZn86i4t/VeHIHQQsydHWYwcs8JRPDsBp/wyJ+d/YHFDr/k
MydimAYA9tmtOSVShXXjGlbJpGeXqAkzNqNqKddxZzkEbfmsIsRKcyHzMRT1CDK+
QQMQK4CUmxXyStFmxzl3+Hii7/6Az+f0nY/FyBGMKwMZIuJmAwF6krjS/tvQmNe8
WPq/Wl7peoPcsz3RaXoq+cnyIf9kxSH6uXI22Mw2f1LQoy7efpOsiIqpxpF7azEE
LkZ99dh7THj5HW48XgB+tw33lXBxE21amsFlAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHINM58NqUZIU4PqS7r2Z6fdGmF8wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSElOTTU4TnFVWklVNFBxUzdyMlo2
ZmRHbUY4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BICDAN
BgkqhkiG9w0BAQsFAAOCAQEAowvJyVA1TXV+JGnTivfZ18lv/jXw4c3GrVJ9cq0+
tqMStcAdQiSYBRZmARhCF/ABIRIJVu1rgEXqvtsIECxR6WzvtPz5ymhzrxhnP3+l
Y3rVf59laxzLIZsqDWm2M7SkBPMb0LMP5Qpew2hkDlloMaZcBsh4gnP0zZq8l1TE
Jsh748gfUPRS1WO5r0jRfhCDfySBSqUD+n0CDgfPHlqZ6JqICe3UHNXYlur1x0ZO
QDpV1vq3OND8rMUzZaQTZ+Iyl1+4Oa5E8czo66WdWR8cT0jHHvcUlOMWgaZqbNus
ZO4sKDcqo7DbXYrp8D7VXhjYYXQev5em8wr0Uu0ybsMU9g==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org