Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HM9tf6ayTKQudW04s1XcNfVVixc.roa
File: HM9tf6ayTKQudW04s1XcNfVVixc.roa (raw, json)
Hash identifier: ttcq5zzBOWTbjqRH2EjeHKpPHBvA7I9mUj9unCC3as4=
Subject key identifier: 1C:CF:6D:7F:A6:B2:4C:A4:2E:75:6D:38:B3:55:DC:35:F5:55:8B:17
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD1
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HM9tf6ayTKQudW04s1XcNfVVixc.roa
Signing time: Wed 01 Feb 2023 10:28:21 +0000
ROA not before: Wed 01 Feb 2023 10:28:21 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.16.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3281 (0xcd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:21 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1CCF6D7FA6B24CA42E756D38B355DC35F5558B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:fc:52:c2:02:ef:96:ce:6c:8b:c5:21:3e:85:
54:10:f6:45:bb:ec:c0:73:3d:ae:8b:c3:40:08:5e:
bb:23:b7:de:9d:32:50:42:44:bb:73:46:49:9b:87:
f9:a9:d9:9a:66:f0:b2:7f:fd:7e:46:a0:0a:c8:31:
93:30:45:c3:31:9f:34:b3:68:9c:c5:86:94:2d:d0:
72:df:11:12:d4:10:53:d9:0f:e8:4e:4b:8f:c7:b1:
4d:19:ea:74:eb:c5:32:73:80:d9:de:98:af:ae:89:
0d:23:60:81:b1:39:50:60:0d:3d:c4:da:ed:9a:a0:
39:77:78:72:49:f6:9f:73:75:3c:fa:30:9c:8c:16:
e4:b6:1b:90:be:6d:b3:81:da:d3:61:15:9d:43:8b:
75:02:9f:8d:77:05:eb:b8:f6:ba:85:b3:fe:04:e6:
fc:28:70:77:7a:d9:d0:10:6d:84:a6:36:70:5d:aa:
5c:a7:90:33:23:79:6d:79:19:a7:62:a5:e1:1d:aa:
c2:f0:dd:65:bc:77:d7:1c:40:6e:71:44:f4:b1:18:
e4:52:55:d9:fc:d6:2b:46:ff:8a:e2:4c:f0:f7:9c:
1d:28:6e:1c:0d:aa:f0:88:50:75:ce:9f:bb:20:7e:
2e:88:92:e5:84:a1:f4:4d:2b:17:af:0b:c4:75:61:
89:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CF:6D:7F:A6:B2:4C:A4:2E:75:6D:38:B3:55:DC:35:F5:55:8B:17
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HM9tf6ayTKQudW04s1XcNfVVixc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:be:98:f0:25:43:2d:54:2c:ff:e8:0f:09:9d:1f:d2:88:9c:
c1:a2:fb:7e:b6:a9:10:00:68:6b:1d:34:8e:7f:77:e0:16:76:
e5:aa:b9:39:4b:1d:61:f7:0b:ed:5d:75:ce:3c:fe:43:0f:99:
b7:94:46:14:91:27:71:85:66:69:2b:b6:21:38:cc:ae:30:27:
c7:bb:f0:61:f0:a3:67:e1:3b:26:ef:99:ec:8a:c2:91:ab:c9:
9d:6a:ed:c1:ec:56:3e:5c:0e:d5:f7:a2:34:48:08:c0:a1:64:
bf:ae:cb:34:83:94:2c:95:ca:ae:79:46:86:82:1f:cf:d7:a8:
b5:c2:b8:73:ad:0d:8d:dc:39:2f:32:35:07:28:e3:aa:41:39:
e7:b3:db:e1:ac:69:4e:59:c3:60:c2:d9:d2:c7:06:ce:1a:0e:
52:25:63:bf:42:72:ae:ef:66:9f:d6:64:ea:c0:8a:16:95:ae:
f2:5d:1d:33:e4:cc:31:39:80:16:65:ae:a8:74:9c:de:5a:85:
19:f7:85:da:b0:b2:c4:d0:eb:7f:b1:41:9f:19:d0:cd:2e:f1:
d7:97:a0:37:01:0e:1e:66:bb:18:c8:e3:21:07:76:45:86:79:
fd:be:de:cb:46:47:74:f9:dd:9d:5c:3c:ed:95:f0:93:1f:b2:
db:b6:a9:16
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4MjFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFDQ0Y2RDdGQTZCMjRD
QTQyRTc1NkQzOEIzNTVEQzM1RjU1NThCMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDt/FLCAu+WzmyLxSE+hVQQ9kW77MBzPa6Lw0AIXrsjt96dMlBC
RLtzRkmbh/mp2Zpm8LJ//X5GoArIMZMwRcMxnzSzaJzFhpQt0HLfERLUEFPZD+hO
S4/HsU0Z6nTrxTJzgNnemK+uiQ0jYIGxOVBgDT3E2u2aoDl3eHJJ9p9zdTz6MJyM
FuS2G5C+bbOB2tNhFZ1Di3UCn413Beu49rqFs/4E5vwocHd62dAQbYSmNnBdqlyn
kDMjeW15GadipeEdqsLw3WW8d9ccQG5xRPSxGORSVdn81itG/4riTPD3nB0obhwN
qvCIUHXOn7sgfi6IkuWEofRNKxevC8R1YYmvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHM9tf6ayTKQudW04s1XcNfVVixcwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSE05dGY2YXlUS1F1ZFcwNHMxWGNO
ZlZWaXhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN
BgkqhkiG9w0BAQsFAAOCAQEArb6Y8CVDLVQs/+gPCZ0f0oicwaL7frapEABoax00
jn934BZ25aq5OUsdYfcL7V11zjz+Qw+Zt5RGFJEncYVmaSu2ITjMrjAnx7vwYfCj
Z+E7Ju+Z7IrCkavJnWrtwexWPlwO1feiNEgIwKFkv67LNIOULJXKrnlGhoIfz9eo
tcK4c60Njdw5LzI1ByjjqkE557Pb4axpTlnDYMLZ0scGzhoOUiVjv0Jyru9mn9Zk
6sCKFpWu8l0dM+TMMTmAFmWuqHSc3lqFGfeF2rCyxNDrf7FBnxnQzS7x15egNwEO
Hma7GMjjIQd2RYZ5/b7ey0ZHdPndnVw87ZXwkx+y27apFg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org