Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM8SpyLPxQ-FeJvZrLT2oHAPE1o.roa
File: PM8SpyLPxQ-FeJvZrLT2oHAPE1o.roa (raw, json)
Hash identifier: fu0RJdcIqzDL767e4PG95m4GaS6rmQ4OdtYWQ0CyIQA=
Subject key identifier: 3C:CF:12:A7:22:CF:C5:0F:85:78:9B:D9:AC:B4:F6:A0:70:0F:13:5A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1119
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM8SpyLPxQ-FeJvZrLT2oHAPE1o.roa
Signing time: Wed 01 Feb 2023 10:29:28 +0000
ROA not before: Wed 01 Feb 2023 10:29:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 218.210.48.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4377 (0x1119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:28 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3CCF12A722CFC50F85789BD9ACB4F6A0700F135A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4b:73:6c:c1:d2:4c:3f:96:2d:9b:1a:db:cb:
af:c6:e6:35:ec:75:d7:f0:04:a7:d2:48:77:78:d3:
02:79:32:58:44:52:61:fa:c3:bd:2c:ba:67:8e:a5:
6e:84:4c:8d:94:af:c4:59:70:ea:42:fa:fc:6e:b2:
17:cf:4a:03:f1:7f:8f:bd:9d:bc:46:16:c5:29:e9:
fc:aa:ab:1d:79:c8:c9:43:53:73:04:7c:b9:e9:82:
0d:21:62:55:6b:86:17:30:7e:eb:bd:ab:6b:70:a3:
58:32:1b:d7:19:33:d7:7c:46:25:19:be:37:cc:18:
dd:70:16:34:f6:7b:e5:d3:d2:cb:e6:33:6d:98:c1:
9c:6c:52:e8:aa:e6:ee:56:55:68:f6:af:8f:96:75:
f5:9c:14:69:a6:28:44:b7:17:7c:51:67:76:11:b2:
1b:23:25:3b:fd:25:76:32:91:d5:dc:25:72:1d:5a:
39:80:c2:d6:dd:26:d2:3a:74:22:ab:a0:2c:68:13:
cb:41:6a:4a:0b:22:6f:68:66:22:95:cc:e1:73:ac:
1c:85:de:8e:89:e7:c1:2f:4d:c8:a2:6d:c5:6f:60:
8c:96:84:e6:2a:f9:0c:a4:c7:05:c3:6e:36:84:2a:
c9:a6:e5:9b:95:17:09:b4:fe:ca:74:99:6c:a5:ef:
f6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:12:A7:22:CF:C5:0F:85:78:9B:D9:AC:B4:F6:A0:70:0F:13:5A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM8SpyLPxQ-FeJvZrLT2oHAPE1o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.48.0/20
Signature Algorithm: sha256WithRSAEncryption
71:49:5a:14:52:93:92:54:56:d7:38:f5:37:bf:db:e0:c7:30:
eb:b8:60:21:00:63:72:12:6c:7a:d8:d3:32:82:c1:9f:f1:43:
26:01:91:a6:2b:17:8a:d6:5f:1a:8c:63:fd:8d:32:37:ba:19:
a4:c1:c3:b6:a9:43:9e:a1:8a:52:2e:b1:da:69:78:eb:0a:28:
38:36:7e:32:35:fa:91:85:40:c5:14:3a:72:c5:74:dc:4d:30:
d1:6d:e8:33:1c:6a:b9:ad:cb:f6:be:2d:38:d8:cd:9e:f0:17:
07:10:03:10:94:48:56:d3:87:47:0e:93:1d:50:87:2d:88:40:
1b:1e:6a:30:37:5c:77:83:58:7f:af:b8:6f:d4:7d:77:69:83:
2a:56:40:b8:07:03:9e:70:70:81:08:0e:65:60:31:c2:47:63:
99:3b:79:c4:33:6d:68:3f:e6:77:88:94:fa:a1:2d:80:05:c3:
8f:16:be:aa:15:a8:3e:19:c7:9b:ea:f2:99:da:7f:53:1d:11:
78:be:bc:7f:f5:da:30:5a:47:cf:04:40:66:ff:26:64:80:0b:
df:c6:e5:0f:ad:89:0d:09:fb:84:25:29:ca:29:a0:09:9e:e5:
5a:15:66:51:7d:ef:8b:13:41:0a:ae:39:df:59:4a:52:88:68:
0c:76:7a:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICERkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNDQ0YxMkE3MjJDRkM1
MEY4NTc4OUJEOUFDQjRGNkEwNzAwRjEzNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFS3NswdJMP5Ytmxrby6/G5jXsddfwBKfSSHd40wJ5MlhEUmH6
w70sumeOpW6ETI2Ur8RZcOpC+vxushfPSgPxf4+9nbxGFsUp6fyqqx15yMlDU3ME
fLnpgg0hYlVrhhcwfuu9q2two1gyG9cZM9d8RiUZvjfMGN1wFjT2e+XT0svmM22Y
wZxsUuiq5u5WVWj2r4+WdfWcFGmmKES3F3xRZ3YRshsjJTv9JXYykdXcJXIdWjmA
wtbdJtI6dCKroCxoE8tBakoLIm9oZiKVzOFzrByF3o6J58EvTciibcVvYIyWhOYq
+QykxwXDbjaEKsmm5ZuVFwm0/sp0mWyl7/YTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPM8SpyLPxQ+FeJvZrLT2oHAPE1owHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUE04U3B5TFB4US1GZUp2WnJMVDJv
SEFQRTFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNrSMDAN
BgkqhkiG9w0BAQsFAAOCAQEAcUlaFFKTklRW1zj1N7/b4Mcw67hgIQBjchJsetjT
MoLBn/FDJgGRpisXitZfGoxj/Y0yN7oZpMHDtqlDnqGKUi6x2ml46wooODZ+MjX6
kYVAxRQ6csV03E0w0W3oMxxqua3L9r4tONjNnvAXBxADEJRIVtOHRw6THVCHLYhA
Gx5qMDdcd4NYf6+4b9R9d2mDKlZAuAcDnnBwgQgOZWAxwkdjmTt5xDNtaD/md4iU
+qEtgAXDjxa+qhWoPhnHm+rymdp/Ux0ReL68f/XaMFpHzwRAZv8mZIAL38blD62J
DQn7hCUpyimgCZ7lWhVmUX3vixNBCq4531lKUohoDHZ6gg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org