Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/SaAq4i3lXFYgIVnSFc6Fq4unBHg.roa
File: SaAq4i3lXFYgIVnSFc6Fq4unBHg.roa (raw, json)
Hash identifier: Ngf7FRII4d3tWSPh5qxqnotv7xdyCqQq53GzUa6FNz0=
Subject key identifier: 49:A0:2A:E2:2D:E5:5C:56:20:21:59:D2:15:CE:85:AB:8B:A7:04:78
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10A4
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/SaAq4i3lXFYgIVnSFc6Fq4unBHg.roa
Signing time: Wed 01 Feb 2023 10:28:50 +0000
ROA not before: Wed 01 Feb 2023 10:28:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 122.147.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4260 (0x10a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:50 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=49A02AE22DE55C56202159D215CE85AB8BA70478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:39:c6:35:59:da:d0:cc:3c:05:26:fd:04:3d:
1a:7b:67:cb:46:d8:77:6a:d6:e6:8b:79:23:12:9a:
02:5b:47:50:33:cf:12:59:d8:65:4d:66:35:9e:59:
d8:e6:44:fd:7b:68:73:b4:56:11:a4:41:1e:75:52:
36:d3:7b:3d:a9:51:de:bb:30:91:d2:66:dd:94:43:
39:d4:8b:fe:12:92:67:5e:b7:4d:5d:69:e7:fe:a7:
f1:29:7b:c5:28:ff:9f:cc:2b:31:53:d0:b0:ef:51:
24:3e:0d:5c:a5:96:35:32:41:3f:83:7e:8a:38:0c:
cc:6b:27:11:d6:ec:83:90:ab:66:fc:2e:20:22:25:
6d:e2:eb:ed:de:ff:68:63:21:fd:f7:e7:ba:1b:e7:
42:8c:e6:7a:fd:31:98:63:fb:1d:11:ad:dd:87:73:
43:5a:a4:6f:6a:88:71:6d:03:84:44:d7:c7:a6:7e:
cc:91:42:d4:36:4c:db:29:ec:48:de:90:c5:33:e0:
ac:bd:82:ad:30:f5:7a:44:73:bf:a2:1e:86:cb:b6:
55:6e:99:35:ce:4d:09:a6:82:89:70:bb:32:ed:b0:
0d:f8:d6:26:35:bd:a2:6c:70:34:0f:9d:dc:9e:25:
50:2c:db:5c:6c:5d:9b:e6:7d:fa:51:e9:5b:28:74:
ad:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A0:2A:E2:2D:E5:5C:56:20:21:59:D2:15:CE:85:AB:8B:A7:04:78
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/SaAq4i3lXFYgIVnSFc6Fq4unBHg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.168.0/21
Signature Algorithm: sha256WithRSAEncryption
95:13:d0:c6:ee:d0:89:da:cc:39:20:cb:ab:d1:50:9d:57:9e:
13:a2:ce:25:8c:14:94:66:b3:b1:7d:02:e9:f7:41:72:73:6f:
cd:e4:32:69:c9:14:f8:7e:0b:6b:e8:da:9a:b5:ca:d1:d4:a1:
32:74:0f:9a:cb:3f:95:56:92:29:10:ea:2b:d9:55:ae:b3:69:
a7:a1:07:ff:ce:7b:9a:d9:67:e1:ea:77:21:e2:ef:98:a0:ed:
89:85:1e:0d:4a:6e:f9:a0:5c:82:92:ad:6d:df:d7:33:8e:c9:
63:c1:08:fd:27:28:ab:2e:d5:22:25:32:40:42:98:8a:57:50:
b2:d6:39:87:23:40:dd:92:1e:ae:b0:28:88:d8:31:a0:ff:eb:
fd:5e:ad:e4:5d:f4:d0:4b:dd:0c:66:05:f4:f0:8f:bf:91:e1:
41:7d:79:d8:ad:2f:e7:a6:67:fc:c0:5e:05:55:94:c1:a5:26:
56:4a:15:ed:3d:3b:ba:09:69:d9:1e:e1:1a:2f:23:8f:99:00:
83:2f:b1:87:c4:6d:87:4f:72:2e:b3:5a:f0:5b:39:9f:0c:fb:
8d:d7:41:6f:a3:8b:15:af:dd:52:fc:c4:65:c3:5c:e8:e8:1d:
d4:f4:32:1d:ff:47:95:37:b1:a5:cc:9c:58:d2:a9:70:86:a5:
5f:dd:f4:3a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQ5QTAyQUUyMkRFNTVD
NTYyMDIxNTlEMjE1Q0U4NUFCOEJBNzA0NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjOcY1WdrQzDwFJv0EPRp7Z8tG2Hdq1uaLeSMSmgJbR1AzzxJZ
2GVNZjWeWdjmRP17aHO0VhGkQR51UjbTez2pUd67MJHSZt2UQznUi/4Skmdet01d
aef+p/Epe8Uo/5/MKzFT0LDvUSQ+DVylljUyQT+Dfoo4DMxrJxHW7IOQq2b8LiAi
JW3i6+3e/2hjIf3357ob50KM5nr9MZhj+x0Rrd2Hc0NapG9qiHFtA4RE18emfsyR
QtQ2TNsp7EjekMUz4Ky9gq0w9XpEc7+iHobLtlVumTXOTQmmgolwuzLtsA341iY1
vaJscDQPndyeJVAs21xsXZvmffpR6VsodK3DAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUSaAq4i3lXFYgIVnSFc6Fq4unBHgwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvU2FBcTRpM2xYRllnSVZuU0ZjNkZx
NHVuQkhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTqDAN
BgkqhkiG9w0BAQsFAAOCAQEAlRPQxu7QidrMOSDLq9FQnVeeE6LOJYwUlGazsX0C
6fdBcnNvzeQyackU+H4La+jamrXK0dShMnQPmss/lVaSKRDqK9lVrrNpp6EH/857
mtln4ep3IeLvmKDtiYUeDUpu+aBcgpKtbd/XM47JY8EI/Scoqy7VIiUyQEKYildQ
stY5hyNA3ZIerrAoiNgxoP/r/V6t5F300EvdDGYF9PCPv5HhQX152K0v56Zn/MBe
BVWUwaUmVkoV7T07uglp2R7hGi8jj5kAgy+xh8Rth09yLrNa8Fs5nwz7jddBb6OL
Fa/dUvzEZcNc6Ogd1PQyHf9HlTexpcycWNKpcIalX930Og==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org