Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/MAtM28FZMchWWDW7MJkXLVraqDE.roa
File: MAtM28FZMchWWDW7MJkXLVraqDE.roa (raw, json)
Hash identifier: USD1a3Eiw7s8y2KN9Ogvi4lEYi1OqCWC5S1oRFqauGs=
Subject key identifier: 30:0B:4C:DB:C1:59:31:C8:56:58:35:BB:30:99:17:2D:5A:DA:A8:31
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1043
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/MAtM28FZMchWWDW7MJkXLVraqDE.roa
Signing time: Wed 01 Feb 2023 10:28:20 +0000
ROA not before: Wed 01 Feb 2023 10:28:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 122.146.64.0/18 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4163 (0x1043)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:20 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=300B4CDBC15931C8565835BB3099172D5ADAA831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7c:4b:89:51:a7:f9:c6:c7:2b:32:f9:76:f9:
73:4c:d4:e2:fe:68:b5:2b:1e:86:5f:bc:26:e7:5e:
47:44:d4:ec:61:6e:7a:67:f3:38:23:03:10:0c:1b:
c6:5b:96:59:f6:30:10:64:69:1d:85:80:ab:61:ee:
31:40:05:cc:27:fe:a5:2f:39:3b:0a:0c:eb:0a:ee:
a8:2f:78:ce:e6:94:da:13:78:00:f3:e3:fe:8c:3c:
06:45:fa:d1:88:9d:5b:c7:87:af:16:36:4b:56:f6:
da:e3:d2:71:ba:77:e5:59:a5:bf:6f:60:db:d3:a1:
76:1c:30:52:39:79:74:37:60:d7:bd:e6:31:c4:6e:
d8:8d:61:1e:36:2e:f5:5e:f5:c6:01:59:3a:ea:50:
89:bd:79:9f:5b:8f:bf:89:9e:54:52:24:53:07:1b:
60:9b:d1:2e:e7:18:98:16:03:01:92:f5:2b:d9:69:
87:59:db:38:89:b0:19:9c:52:a2:a4:05:8c:4c:05:
ef:69:59:46:c9:7b:1c:7c:f9:12:87:37:6e:cb:a9:
12:e6:ad:b8:15:ac:e0:e3:72:f2:da:59:11:9c:89:
6d:14:16:36:a7:85:8e:e1:41:2b:b0:a1:11:f0:7b:
31:63:61:a6:83:dd:d9:ad:94:ed:c6:46:56:ba:fd:
fc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0B:4C:DB:C1:59:31:C8:56:58:35:BB:30:99:17:2D:5A:DA:A8:31
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/MAtM28FZMchWWDW7MJkXLVraqDE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.146.64.0/18
Signature Algorithm: sha256WithRSAEncryption
93:f9:f6:5f:e6:63:e9:4e:68:30:73:c3:76:6c:33:1c:50:bf:
97:bb:a7:7d:7c:a8:57:8d:21:a9:2f:84:bf:c7:d8:25:0a:ce:
d1:db:e1:55:9b:96:dc:1e:4d:eb:8d:71:f6:48:c8:3f:29:22:
d4:14:da:5f:4c:fe:ff:3e:ae:3f:9a:6b:f6:b1:14:cd:14:af:
f3:7d:26:62:a3:b9:93:ce:b8:51:e7:38:18:93:a1:f2:0c:98:
cf:d9:7f:92:48:34:1e:c6:30:37:88:0e:0f:3e:c8:e6:f9:bf:
e2:f3:d7:74:96:3e:2b:32:d3:6e:e9:3b:5b:10:61:68:b7:61:
f3:49:cc:b6:07:48:65:51:03:e3:16:55:b2:aa:a0:48:12:ac:
6b:bd:ed:85:ee:e2:e5:2f:6b:2c:da:cb:70:3d:ea:a1:14:b9:
eb:f5:71:86:ec:6a:9b:c5:1e:74:5f:e8:af:dd:41:cf:3b:0d:
01:f3:15:5d:5d:00:dd:62:65:93:78:00:5f:b1:92:1f:03:03:
ef:ae:66:91:df:44:a5:ef:ac:23:5b:57:f0:3a:f8:d6:6f:66:
bc:eb:da:f8:d5:b5:7a:42:c9:fc:43:60:b7:a7:c5:06:2a:ec:
73:e6:5c:63:53:39:32:41:69:2d:a6:6b:93:82:15:5d:c9:8c:
4b:9c:0b:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwMEI0Q0RCQzE1OTMx
Qzg1NjU4MzVCQjMwOTkxNzJENUFEQUE4MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCafEuJUaf5xscrMvl2+XNM1OL+aLUrHoZfvCbnXkdE1Oxhbnpn
8zgjAxAMG8Zblln2MBBkaR2FgKth7jFABcwn/qUvOTsKDOsK7qgveM7mlNoTeADz
4/6MPAZF+tGInVvHh68WNktW9trj0nG6d+VZpb9vYNvToXYcMFI5eXQ3YNe95jHE
btiNYR42LvVe9cYBWTrqUIm9eZ9bj7+JnlRSJFMHG2Cb0S7nGJgWAwGS9SvZaYdZ
2ziJsBmcUqKkBYxMBe9pWUbJexx8+RKHN27LqRLmrbgVrODjcvLaWRGciW0UFjan
hY7hQSuwoRHwezFjYaaD3dmtlO3GRla6/fxpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMAtM28FZMchWWDW7MJkXLVraqDEwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTUF0TTI4RlpNY2hXV0RXN01Ka1hM
VnJhcURFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnqSQDAN
BgkqhkiG9w0BAQsFAAOCAQEAk/n2X+Zj6U5oMHPDdmwzHFC/l7unfXyoV40hqS+E
v8fYJQrO0dvhVZuW3B5N641x9kjIPyki1BTaX0z+/z6uP5pr9rEUzRSv830mYqO5
k864Uec4GJOh8gyYz9l/kkg0HsYwN4gODz7I5vm/4vPXdJY+KzLTbuk7WxBhaLdh
80nMtgdIZVED4xZVsqqgSBKsa73the7i5S9rLNrLcD3qoRS56/Vxhuxqm8UedF/o
r91BzzsNAfMVXV0A3WJlk3gAX7GSHwMD765mkd9Epe+sI1tX8Dr41m9mvOva+NW1
ekLJ/ENgt6fFBirsc+ZcY1M5MkFpLaZrk4IVXcmMS5wLJA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org