Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtubRd0s7MDdjEL3g5gRJzChJus.roa
File: KtubRd0s7MDdjEL3g5gRJzChJus.roa (raw, json)
Hash identifier: FBfIfqpcQVGWfDNNiPswZaBTvpE5nmJCgenxCnecI24=
Subject key identifier: 2A:DB:9B:45:DD:2C:EC:C0:DD:8C:42:F7:83:98:11:27:30:A1:26:EB
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1072
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtubRd0s7MDdjEL3g5gRJzChJus.roa
Signing time: Wed 01 Feb 2023 10:28:34 +0000
ROA not before: Wed 01 Feb 2023 10:28:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 203.70.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4210 (0x1072)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:34 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2ADB9B45DD2CECC0DD8C42F78398112730A126EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:80:b4:c3:a5:ea:96:54:0c:99:d9:a2:ff:
05:9d:57:54:80:92:7f:f3:e1:35:5b:53:50:a5:d6:
5e:7f:99:77:c0:39:0f:d4:44:27:6a:ba:e4:e5:b0:
8f:91:90:a2:ca:f7:78:97:a2:96:34:74:0e:e3:c0:
a7:e1:57:ae:00:07:3e:86:b5:a2:be:20:9e:5d:8e:
6b:ca:5b:0f:b0:6d:ae:d0:e7:c9:15:55:fa:67:25:
30:93:25:d7:5c:b4:32:25:9f:a8:da:94:8a:f5:74:
4a:2c:97:fd:94:36:c3:fa:d0:66:3a:e7:5a:14:62:
f6:11:2e:f4:b9:50:a7:ea:0f:e6:16:44:03:1b:49:
15:da:d6:92:54:b0:8e:0c:ac:ac:3a:99:3c:ed:c3:
b7:6a:37:1b:9c:e3:f8:59:94:27:5d:d1:3a:d1:bc:
b7:46:87:86:6f:87:74:df:19:1b:32:98:18:21:b3:
df:ca:b2:cc:f8:91:1b:5d:81:66:c3:80:15:45:55:
ea:9e:ed:d1:f2:35:68:9f:a6:22:fe:47:12:f4:ab:
2b:50:c4:e6:98:4f:a3:73:be:78:8c:6a:d0:b8:68:
71:e8:23:be:e5:44:4a:47:dd:e0:84:13:c8:c9:6b:
fe:e4:2d:cf:d0:11:26:23:65:14:d8:cd:98:31:25:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DB:9B:45:DD:2C:EC:C0:DD:8C:42:F7:83:98:11:27:30:A1:26:EB
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtubRd0s7MDdjEL3g5gRJzChJus.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:f6:cb:d7:f0:6c:1f:2f:bf:f9:fd:2f:33:f2:83:61:dd:40:
88:d5:03:60:01:26:b1:6a:fe:80:c8:80:2a:9a:97:89:d5:70:
a2:b6:28:9b:65:53:e2:5d:9c:49:c3:07:5b:99:36:0a:f1:2c:
19:f4:d7:05:0d:79:55:8d:5b:15:3f:0c:1d:1f:21:e4:24:0e:
eb:86:49:1e:ff:5c:1c:52:aa:b1:d7:5e:d7:e5:ad:43:27:9e:
d2:a5:df:14:9f:40:06:d5:aa:46:f4:48:22:b3:6b:21:18:24:
ba:93:a5:5f:03:71:81:13:52:38:6b:91:3b:95:9d:53:7f:14:
14:fa:a6:0a:57:3d:06:86:0a:a0:8d:31:6b:85:d2:20:10:1b:
13:65:66:0a:5f:f2:b9:4d:93:6f:63:aa:80:bf:05:8a:93:c9:
f7:35:3f:2a:e0:48:5a:d4:74:6d:e1:b0:65:7e:b3:18:76:92:
6d:d1:7e:a3:b3:6a:38:2d:71:bb:4d:39:18:c5:d6:53:16:18:
c3:c6:e5:2a:bc:aa:a9:61:ea:8b:15:09:14:1a:96:5d:3f:f5:
f2:58:9f:11:a9:0e:b4:b1:24:1f:0c:df:39:07:80:c3:e1:2c:
16:7b:f2:65:e0:73:3c:f5:b1:27:2f:e7:c0:ec:e2:ba:9b:b4:
79:d3:e9:a3
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJBREI5QjQ1REQyQ0VD
QzBERDhDNDJGNzgzOTgxMTI3MzBBMTI2RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqa4C0w6XqllQMmdmi/wWdV1SAkn/z4TVbU1Cl1l5/mXfAOQ/U
RCdquuTlsI+RkKLK93iXopY0dA7jwKfhV64ABz6GtaK+IJ5djmvKWw+wba7Q58kV
VfpnJTCTJddctDIln6jalIr1dEosl/2UNsP60GY651oUYvYRLvS5UKfqD+YWRAMb
SRXa1pJUsI4MrKw6mTztw7dqNxuc4/hZlCdd0TrRvLdGh4Zvh3TfGRsymBghs9/K
ssz4kRtdgWbDgBVFVeqe7dHyNWifpiL+RxL0qytQxOaYT6NzvniMatC4aHHoI77l
REpH3eCEE8jJa/7kLc/QESYjZRTYzZgxJX/vAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUKtubRd0s7MDdjEL3g5gRJzChJuswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvS3R1YlJkMHM3TURkakVMM2c1Z1JK
ekNoSnVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMtGMA0G
CSqGSIb3DQEBCwUAA4IBAQBa9svX8GwfL7/5/S8z8oNh3UCI1QNgASaxav6AyIAq
mpeJ1XCitiibZVPiXZxJwwdbmTYK8SwZ9NcFDXlVjVsVPwwdHyHkJA7rhkke/1wc
Uqqx117X5a1DJ57Spd8Un0AG1apG9Egis2shGCS6k6VfA3GBE1I4a5E7lZ1TfxQU
+qYKVz0GhgqgjTFrhdIgEBsTZWYKX/K5TZNvY6qAvwWKk8n3NT8q4Eha1HRt4bBl
frMYdpJt0X6js2o4LXG7TTkYxdZTFhjDxuUqvKqpYeqLFQkUGpZdP/XyWJ8RqQ60
sSQfDN85B4DD4SwWe/Jl4HM89bEnL+fA7OK6m7R50+mj
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org