Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/NFA3uFAx96A95rjvJ98fMzqbBf4.roa
File: NFA3uFAx96A95rjvJ98fMzqbBf4.roa (raw, json)
Hash identifier: LdX/SIe2JOeoavAXgzHlxiW4kDdpNgnVHXsjXdN3zUE=
Subject key identifier: 34:50:37:B8:50:31:F7:A0:3D:E6:B8:EF:27:DF:1F:33:3A:9B:05:FE
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10F9
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NFA3uFAx96A95rjvJ98fMzqbBf4.roa
Signing time: Wed 01 Feb 2023 10:29:18 +0000
ROA not before: Wed 01 Feb 2023 10:29:18 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 123.204.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4345 (0x10f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:18 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=345037B85031F7A03DE6B8EF27DF1F333A9B05FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8c:b8:1f:bf:53:a3:1e:1b:04:f3:35:c5:b2:
5f:dc:ed:7f:83:a3:95:3f:d1:1a:af:78:60:8f:49:
ab:e9:b4:8a:86:33:46:6e:b6:72:f7:1a:07:66:79:
a1:2c:ff:5a:44:9c:a6:07:96:0e:a0:09:e9:44:e3:
24:95:28:4e:8f:8c:c1:e9:83:9e:c1:6f:5b:77:7f:
c5:60:f8:06:10:48:75:4c:98:4d:3e:36:f5:d8:ad:
d4:24:2e:fa:51:24:12:7f:a6:d7:13:69:a1:88:2e:
d2:44:1c:21:fc:e7:49:90:17:18:a0:8f:98:a6:e3:
ce:f2:20:e0:4d:3e:5d:e9:cd:eb:71:ba:a9:91:a1:
bc:69:0f:16:67:1f:19:11:4f:e4:22:ac:2d:07:5e:
9e:96:60:db:9f:49:08:fd:e9:ca:31:33:c3:38:2e:
65:af:55:e8:ba:1e:1f:d3:fe:72:23:87:90:3c:31:
32:63:9e:45:78:f7:7e:c7:11:03:44:9a:0e:fb:fd:
30:80:be:d2:96:66:f4:7d:fa:e2:9f:78:91:b4:e1:
63:68:44:66:03:0a:ff:6b:0b:ab:9e:56:c3:94:75:
e0:84:eb:de:66:2c:f1:51:b6:52:a5:81:00:9b:58:
45:db:41:9a:b2:a6:8e:b7:ba:fd:8c:e5:08:a1:b0:
da:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:50:37:B8:50:31:F7:A0:3D:E6:B8:EF:27:DF:1F:33:3A:9B:05:FE
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NFA3uFAx96A95rjvJ98fMzqbBf4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.204.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:15:bc:a6:e7:ee:ea:f2:c9:d3:87:47:29:57:c5:8d:9a:05:
4a:0b:16:26:7e:5c:4c:27:c4:8e:c2:7a:e4:3f:7d:21:30:51:
2c:38:3c:d4:2b:0e:66:43:d4:01:80:2f:d8:f4:29:b2:b2:50:
a6:a9:4e:3c:7b:31:c1:6a:29:81:32:d9:0c:ad:2d:9f:2c:89:
de:77:05:27:ed:99:12:cc:bc:f6:aa:2b:64:87:97:6c:fb:ae:
67:0f:84:ff:1e:8c:c3:45:12:69:ef:57:8f:90:9c:79:7c:39:
d4:9c:ff:d7:dd:67:5e:c0:9f:72:59:ae:4e:ce:46:b2:d2:52:
2b:30:88:99:30:a2:a1:00:c8:ce:86:a6:89:99:b2:2f:60:f7:
07:e8:97:de:b3:48:cc:76:5d:73:5a:e7:53:f1:fc:02:29:65:
70:6b:8b:7a:5f:23:c9:be:ff:78:53:39:ea:3b:64:36:39:b5:
2d:48:13:31:20:12:92:96:7c:99:1b:98:e0:ce:95:1d:68:eb:
cc:20:47:0b:e0:40:20:25:ea:41:fe:db:d1:56:ee:d1:9b:89:
51:98:23:96:38:26:d3:03:7d:8d:bf:31:5f:26:aa:23:40:7f:
1c:9f:00:73:4c:f7:e0:6e:66:7d:4a:01:11:ab:09:86:cc:f9:
17:c6:da:d0
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM0NTAzN0I4NTAzMUY3
QTAzREU2QjhFRjI3REYxRjMzM0E5QjA1RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqjLgfv1OjHhsE8zXFsl/c7X+Do5U/0RqveGCPSavptIqGM0Zu
tnL3GgdmeaEs/1pEnKYHlg6gCelE4ySVKE6PjMHpg57Bb1t3f8Vg+AYQSHVMmE0+
NvXYrdQkLvpRJBJ/ptcTaaGILtJEHCH850mQFxigj5im487yIOBNPl3pzetxuqmR
obxpDxZnHxkRT+QirC0HXp6WYNufSQj96coxM8M4LmWvVei6Hh/T/nIjh5A8MTJj
nkV4937HEQNEmg77/TCAvtKWZvR9+uKfeJG04WNoRGYDCv9rC6ueVsOUdeCE695m
LPFRtlKlgQCbWEXbQZqypo63uv2M5QihsNr5AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUNFA3uFAx96A95rjvJ98fMzqbBf4wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTkZBM3VGQXg5NkE5NXJqdko5OGZN
enFiQmY0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHvMMA0G
CSqGSIb3DQEBCwUAA4IBAQBpFbym5+7q8snTh0cpV8WNmgVKCxYmflxMJ8SOwnrk
P30hMFEsODzUKw5mQ9QBgC/Y9CmyslCmqU48ezHBaimBMtkMrS2fLInedwUn7ZkS
zLz2qitkh5ds+65nD4T/HozDRRJp71ePkJx5fDnUnP/X3WdewJ9yWa5Ozkay0lIr
MIiZMKKhAMjOhqaJmbIvYPcH6Jfes0jMdl1zWudT8fwCKWVwa4t6XyPJvv94Uznq
O2Q2ObUtSBMxIBKSlnyZG5jgzpUdaOvMIEcL4EAgJepB/tvRVu7Rm4lRmCOWOCbT
A32NvzFfJqojQH8cnwBzTPfgbmZ9SgERqwmGzPkXxtrQ
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org