Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/OGkWhTVlYewkKxWOQqOABNDIo34.roa
File: OGkWhTVlYewkKxWOQqOABNDIo34.roa (raw, json)
Hash identifier: TX20bvXsC/2FvoT6P2sd0WfZynOVV0XVdZ7v9IiCEwY=
Subject key identifier: 38:69:16:85:35:65:61:EC:24:2B:15:8E:42:A3:80:04:D0:C8:A3:7E
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1156
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OGkWhTVlYewkKxWOQqOABNDIo34.roa
Signing time: Thu 06 Apr 2023 06:45:51 +0000
ROA not before: Thu 06 Apr 2023 06:45:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131602
IP address blocks: 122.147.16.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4438 (0x1156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Apr 6 06:45:51 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=38691685356561EC242B158E42A38004D0C8A37E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:76:7d:17:33:26:70:3f:26:ca:4c:36:10:
4b:55:ad:44:54:c6:c5:e5:3e:6f:4c:0b:43:e3:e4:
64:29:26:ac:5b:73:a7:53:92:65:b3:e2:88:8e:31:
01:78:e8:19:52:25:04:0e:e6:a8:2e:67:3d:1d:06:
c2:b0:85:ed:bf:13:6f:aa:8d:f7:f7:c5:be:69:d4:
ee:58:6d:25:92:de:a7:e9:e4:12:6f:01:1d:15:c1:
fb:c2:3b:3b:92:ee:6e:9b:ba:78:eb:28:b0:79:6b:
0d:dc:ea:fc:91:26:06:ca:ce:bb:6e:7a:1f:1a:ee:
d7:12:e9:7e:20:b5:36:63:f0:0e:ff:6a:38:d7:56:
b4:2c:78:22:cc:00:e9:f5:07:e1:e8:b0:f1:d3:a0:
55:00:32:1b:4d:68:63:44:ec:d3:81:e2:4e:f5:d0:
51:ed:87:df:8e:14:f0:40:42:19:87:94:ee:bd:e6:
9d:8d:ff:a7:53:3f:58:ac:a0:c5:d1:9a:bb:a6:3c:
b0:51:6b:f8:9a:4c:c8:97:51:68:7b:ec:1f:0c:7a:
49:7a:d3:c1:98:56:5e:a1:1e:9f:0f:6d:19:eb:6e:
dd:93:fc:88:b0:9b:8c:9c:97:01:a3:36:2d:7f:e4:
62:6f:0d:ea:02:19:1f:7d:10:6e:25:c9:33:59:d3:
ee:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:69:16:85:35:65:61:EC:24:2B:15:8E:42:A3:80:04:D0:C8:A3:7E
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OGkWhTVlYewkKxWOQqOABNDIo34.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:62:78:44:8b:c5:9d:11:8c:59:dd:ce:51:8a:cd:e6:09:57:
b5:fa:c8:c8:04:9b:1c:6f:a4:b6:4a:b0:1a:28:0a:ac:c0:d6:
69:b5:d7:ab:8b:e5:fe:5b:83:da:be:fa:8c:a8:ef:d3:fb:af:
d0:6c:ed:ab:72:2f:a2:62:0d:a8:5d:34:1d:05:d2:89:b0:f3:
3c:c0:9c:f4:c9:7c:a0:9b:a9:cf:4c:ce:96:ff:76:73:c2:db:
cb:fe:75:94:fd:4a:b6:a5:c8:8b:16:2b:74:b6:e8:5c:f5:4d:
e3:ec:45:7c:3a:9e:bf:39:55:55:f2:8a:aa:75:f2:40:77:63:
6c:79:8f:b7:0d:1c:43:5a:6e:bf:d0:11:46:ab:04:c1:36:37:
56:1f:3c:43:d5:f3:70:dd:b3:dc:50:46:88:be:0d:9c:bc:36:
a9:e3:9b:1f:69:df:7c:11:4d:d9:a2:ee:31:c8:d4:63:ad:43:
dc:c2:d9:7a:9f:d0:a8:cd:62:0f:29:9e:b1:e9:a1:c3:4c:7f:
ed:ce:e4:91:ad:4a:b0:12:52:23:99:93:e0:ce:8e:84:23:f9:
d4:a7:d1:63:57:1c:69:a4:68:dd:13:fd:79:28:90:fa:83:e4:
30:9f:ea:f6:fa:89:9f:5f:e0:4b:c5:cc:6c:34:03:5c:b7:b8:
e7:20:bc:55
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA0MDYw
NjQ1NTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM4NjkxNjg1MzU2NTYx
RUMyNDJCMTU4RTQyQTM4MDA0RDBDOEEzN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxG3Z9FzMmcD8mykw2EEtVrURUxsXlPm9MC0Pj5GQpJqxbc6dT
kmWz4oiOMQF46BlSJQQO5qguZz0dBsKwhe2/E2+qjff3xb5p1O5YbSWS3qfp5BJv
AR0VwfvCOzuS7m6bunjrKLB5aw3c6vyRJgbKzrtueh8a7tcS6X4gtTZj8A7/ajjX
VrQseCLMAOn1B+HosPHToFUAMhtNaGNE7NOB4k710FHth9+OFPBAQhmHlO695p2N
/6dTP1isoMXRmrumPLBRa/iaTMiXUWh77B8Mekl608GYVl6hHp8PbRnrbt2T/Iiw
m4yclwGjNi1/5GJvDeoCGR99EG4lyTNZ0+7jAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOGkWhTVlYewkKxWOQqOABNDIo34wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvT0drV2hUVmxZZXdrS3hXT1FxT0FC
TkRJbzM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTEDAN
BgkqhkiG9w0BAQsFAAOCAQEAa2J4RIvFnRGMWd3OUYrN5glXtfrIyASbHG+ktkqw
GigKrMDWabXXq4vl/luD2r76jKjv0/uv0Gztq3IvomINqF00HQXSibDzPMCc9Ml8
oJupz0zOlv92c8Lby/51lP1KtqXIixYrdLboXPVN4+xFfDqevzlVVfKKqnXyQHdj
bHmPtw0cQ1puv9ARRqsEwTY3Vh88Q9XzcN2z3FBGiL4NnLw2qeObH2nffBFN2aLu
McjUY61D3MLZep/QqM1iDymesemhw0x/7c7kka1KsBJSI5mT4M6OhCP51KfRY1cc
aaRo3RP9eSiQ+oPkMJ/q9vqJn1/gS8XMbDQDXLe45yC8VQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org