Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/PT2cj3glt18mDnKpsTimvPqpFIM.roa
File: PT2cj3glt18mDnKpsTimvPqpFIM.roa (raw, json)
Hash identifier: IxDl/A/Q2N9RG8kce0e8IeYRIyTJQQUaF9Q4CInd6cc=
Subject key identifier: 3D:3D:9C:8F:78:25:B7:5F:26:0E:72:A9:B1:38:A6:BC:FA:A9:14:83
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10AB
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PT2cj3glt18mDnKpsTimvPqpFIM.roa
Signing time: Wed 01 Feb 2023 10:28:52 +0000
ROA not before: Wed 01 Feb 2023 10:28:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 103.234.40.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4267 (0x10ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:52 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3D3D9C8F7825B75F260E72A9B138A6BCFAA91483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:a7:ba:1a:62:92:92:71:64:db:90:86:47:
64:e1:78:dc:6e:8a:9b:95:27:b5:8a:9a:fc:fa:de:
0f:6c:4c:b5:6a:16:42:ad:08:75:75:25:b5:92:3f:
65:59:00:8b:19:49:ab:ec:de:ac:29:9d:02:fe:07:
9c:23:2f:89:68:d2:97:20:da:e5:d2:ed:48:7d:0c:
df:9d:c2:1e:ae:be:21:91:e7:a2:8d:be:16:f4:c3:
6b:54:7a:aa:b9:7a:92:8a:89:9b:1f:fd:be:67:90:
54:1b:aa:51:fa:8b:a1:4e:a3:1b:50:e7:be:58:5a:
ce:ee:e4:85:1b:f6:6c:bc:c4:6b:02:9a:a6:da:3f:
2c:44:da:ca:4a:2c:8d:e1:ed:99:87:3d:82:5d:cb:
7a:a5:c3:f2:04:0a:e7:8d:34:32:72:be:17:bc:a1:
07:1b:4a:99:c6:7c:9f:47:b9:3e:59:77:ad:a3:c2:
31:6e:54:74:15:62:10:3c:f9:3c:54:57:94:82:fd:
d0:af:d7:51:b7:db:2a:31:72:46:df:4a:14:28:0d:
ca:01:92:ec:16:2b:cc:9c:a0:1d:d7:35:a5:74:b7:
4b:be:9d:2f:1f:ab:6f:b5:17:27:83:56:45:fa:a6:
59:25:bd:ab:5a:7f:d4:ce:08:32:9a:be:c5:8f:9b:
f1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:9C:8F:78:25:B7:5F:26:0E:72:A9:B1:38:A6:BC:FA:A9:14:83
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PT2cj3glt18mDnKpsTimvPqpFIM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.40.0/22
Signature Algorithm: sha256WithRSAEncryption
48:a7:73:02:d3:c1:ac:9d:19:4a:be:b7:83:21:11:3d:e1:33:
da:82:d9:62:48:48:cf:e8:c4:00:c8:3e:28:04:cf:85:e7:41:
d1:b9:7f:a1:e7:30:6b:1d:36:87:b5:5c:e7:11:27:f2:db:8a:
18:80:08:5d:e0:bc:d1:2b:6f:d3:27:01:92:dc:85:e1:0c:a8:
8a:5a:f7:fd:22:7e:0e:d6:b4:11:f1:d2:e1:ef:dd:2f:a1:cb:
81:2b:9d:b6:58:d9:91:42:37:67:fc:42:0d:cc:cd:f0:8b:5a:
4a:9e:0a:79:a0:54:3d:39:ef:44:37:08:6e:7c:b5:ca:67:2a:
46:c1:de:40:25:48:46:c1:dc:f2:85:8d:ea:78:c2:6c:75:fc:
38:2a:b2:b1:ff:21:0a:9e:8a:fe:c7:18:88:4a:d1:09:ad:cd:
2a:03:c4:2c:bd:87:d2:27:0d:3b:55:9a:02:ba:5d:01:c4:c5:
d9:c5:1c:01:7f:1d:5b:fe:a6:3b:ea:67:de:7a:45:0d:de:fe:
34:6d:a7:7d:6e:d1:9a:af:54:d9:25:4d:ce:00:14:fe:da:51:
d0:92:27:db:3e:af:aa:0c:57:e0:19:97:d0:d9:bf:62:5e:59:
3f:37:37:6d:fe:48:b4:8b:4e:f3:5f:13:bd:85:bb:aa:9d:a9:
02:4e:9e:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNEM0Q5QzhGNzgyNUI3
NUYyNjBFNzJBOUIxMzhBNkJDRkFBOTE0ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZWae6GmKSknFk25CGR2TheNxuipuVJ7WKmvz63g9sTLVqFkKt
CHV1JbWSP2VZAIsZSavs3qwpnQL+B5wjL4lo0pcg2uXS7Uh9DN+dwh6uviGR56KN
vhb0w2tUeqq5epKKiZsf/b5nkFQbqlH6i6FOoxtQ575YWs7u5IUb9my8xGsCmqba
PyxE2spKLI3h7ZmHPYJdy3qlw/IECueNNDJyvhe8oQcbSpnGfJ9HuT5Zd62jwjFu
VHQVYhA8+TxUV5SC/dCv11G32yoxckbfShQoDcoBkuwWK8ycoB3XNaV0t0u+nS8f
q2+1FyeDVkX6plklvataf9TOCDKavsWPm/HrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPT2cj3glt18mDnKpsTimvPqpFIMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUFQyY2ozZ2x0MThtRG5LcHNUaW12
UHFwRklNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmfqKDAN
BgkqhkiG9w0BAQsFAAOCAQEASKdzAtPBrJ0ZSr63gyERPeEz2oLZYkhIz+jEAMg+
KATPhedB0bl/oecwax02h7Vc5xEn8tuKGIAIXeC80Stv0ycBktyF4Qyoilr3/SJ+
Dta0EfHS4e/dL6HLgSudtljZkUI3Z/xCDczN8ItaSp4KeaBUPTnvRDcIbny1ymcq
RsHeQCVIRsHc8oWN6njCbHX8OCqysf8hCp6K/scYiErRCa3NKgPELL2H0icNO1Wa
ArpdAcTF2cUcAX8dW/6mO+pn3npFDd7+NG2nfW7Rmq9U2SVNzgAU/tpR0JIn2z6v
qgxX4BmX0Nm/Yl5ZPzc3bf5ItItO818TvYW7qp2pAk6eKg==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org