Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/OFm1XLqDYkZHklSq2BViqWfaE_g.roa
File: OFm1XLqDYkZHklSq2BViqWfaE_g.roa (raw, json)
Hash identifier: EEJC+bBVhomHRUz57svM6/9TlF67JvbbHZpxZlHn8Xk=
Subject key identifier: 38:59:B5:5C:BA:83:62:46:47:92:54:AA:D8:15:62:A9:67:DA:13:F8
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1091
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OFm1XLqDYkZHklSq2BViqWfaE_g.roa
Signing time: Wed 01 Feb 2023 10:28:43 +0000
ROA not before: Wed 01 Feb 2023 10:28:43 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 122.146.96.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4241 (0x1091)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:43 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3859B55CBA836246479254AAD81562A967DA13F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cf:66:9f:bb:1d:95:10:0b:4c:0c:e0:a5:90:
4c:3d:10:d7:cf:7f:7d:08:93:de:8d:98:57:58:d0:
99:c3:83:bb:ab:c9:78:c7:8c:d1:c7:b8:e0:5f:1e:
d3:f8:d6:15:51:ef:6a:af:17:d5:73:74:28:84:8f:
f0:f2:cd:fc:89:d3:9d:1b:50:3b:c3:66:74:3f:a6:
fd:c7:7e:a6:8e:05:5d:a6:29:70:24:99:19:66:48:
da:66:36:a9:a4:61:d8:67:54:9c:94:05:d1:ad:72:
94:20:0e:8a:ce:82:9e:f9:93:71:55:c6:47:85:90:
5d:49:34:1e:fe:7e:23:c9:74:a5:f2:ab:d4:97:a5:
cf:93:57:89:27:f0:27:be:00:74:fa:b0:a8:bf:09:
01:63:4f:b4:b5:64:05:71:46:a3:11:b1:23:54:7b:
97:8e:60:a0:6d:ee:75:0c:c1:53:cb:8c:78:ad:9c:
e5:4e:2c:ef:94:44:36:47:cc:09:80:0d:38:23:eb:
15:95:26:80:b4:33:93:b8:a5:4e:f5:c0:7c:ca:cc:
54:5b:f4:78:e8:16:91:c4:2f:02:3a:09:e7:6f:58:
73:12:31:d0:27:4e:a4:a3:03:20:cf:4c:12:c7:66:
6d:38:af:f6:21:d5:90:c3:b3:5a:75:99:7c:2d:41:
b6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:59:B5:5C:BA:83:62:46:47:92:54:AA:D8:15:62:A9:67:DA:13:F8
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OFm1XLqDYkZHklSq2BViqWfaE_g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.146.96.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:c1:c8:e8:dd:c0:25:38:9a:10:e3:db:e5:34:51:6b:97:83:
83:88:4e:b8:8d:a9:76:3a:12:fa:5e:6f:28:21:9e:1a:b5:5c:
ea:48:01:f8:29:0e:c2:af:d2:17:a1:44:2f:1f:89:5b:60:26:
6f:80:7e:be:66:1d:96:3b:0a:d4:21:6b:68:fd:a1:db:f5:af:
0e:da:37:12:c3:4c:50:25:e4:61:ef:d0:82:85:e4:b2:d0:de:
b4:6d:12:e0:b2:c5:3a:69:49:a6:98:f3:e9:0b:5a:88:fe:5d:
89:71:06:e6:51:65:c4:b7:2c:41:cb:52:29:60:05:0a:16:09:
a1:08:05:43:86:e0:96:9a:db:21:7a:28:8f:1e:95:27:11:e1:
4a:d3:69:8a:23:af:f8:ea:ab:b6:f9:d2:0d:be:e6:28:1b:54:
a5:03:6f:a1:b7:db:b0:2d:19:6e:d1:6e:22:da:68:c0:0b:cd:
53:e8:58:35:ae:db:2d:eb:9c:2b:a6:f5:81:4a:bc:ae:c1:3c:
b9:57:8f:0c:85:ab:7c:60:ca:5c:69:59:ae:e0:c5:73:c4:81:
fc:55:bf:64:2f:06:c2:67:b6:09:98:65:67:92:b1:a2:54:30:
c3:e2:22:5a:3f:e3:55:88:49:3c:29:34:37:b7:95:a2:37:85:
97:5a:db:7a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4NTlCNTVDQkE4MzYy
NDY0NzkyNTRBQUQ4MTU2MkE5NjdEQTEzRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIz2afux2VEAtMDOClkEw9ENfPf30Ik96NmFdY0JnDg7uryXjH
jNHHuOBfHtP41hVR72qvF9VzdCiEj/DyzfyJ050bUDvDZnQ/pv3HfqaOBV2mKXAk
mRlmSNpmNqmkYdhnVJyUBdGtcpQgDorOgp75k3FVxkeFkF1JNB7+fiPJdKXyq9SX
pc+TV4kn8Ce+AHT6sKi/CQFjT7S1ZAVxRqMRsSNUe5eOYKBt7nUMwVPLjHitnOVO
LO+URDZHzAmADTgj6xWVJoC0M5O4pU71wHzKzFRb9HjoFpHELwI6CedvWHMSMdAn
TqSjAyDPTBLHZm04r/Yh1ZDDs1p1mXwtQbZ5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOFm1XLqDYkZHklSq2BViqWfaE/gwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvT0ZtMVhMcURZa1pIa2xTcTJCVmlx
V2ZhRV9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBXqSYDAN
BgkqhkiG9w0BAQsFAAOCAQEAW8HI6N3AJTiaEOPb5TRRa5eDg4hOuI2pdjoS+l5v
KCGeGrVc6kgB+CkOwq/SF6FELx+JW2Amb4B+vmYdljsK1CFraP2h2/WvDto3EsNM
UCXkYe/QgoXkstDetG0S4LLFOmlJppjz6QtaiP5diXEG5lFlxLcsQctSKWAFChYJ
oQgFQ4bglprbIXoojx6VJxHhStNpiiOv+OqrtvnSDb7mKBtUpQNvobfbsC0ZbtFu
ItpowAvNU+hYNa7bLeucK6b1gUq8rsE8uVePDIWrfGDKXGlZruDFc8SB/FW/ZC8G
wme2CZhlZ5KxolQww+IiWj/jVYhJPCk0N7eVojeFl1rbeg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org