Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/TNVhsOGuGmMughCR0HGvB91jS_A.roa
File: TNVhsOGuGmMughCR0HGvB91jS_A.roa (raw, json)
Hash identifier: aiI5uaZ7+InBuOLa1rsS/wZL2ufsmG/XlOon0O+nyRk=
Subject key identifier: 4C:D5:61:B0:E1:AE:1A:63:2E:82:10:91:D0:71:AF:07:DD:63:4B:F0
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1082
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/TNVhsOGuGmMughCR0HGvB91jS_A.roa
Signing time: Wed 01 Feb 2023 10:28:39 +0000
ROA not before: Wed 01 Feb 2023 10:28:39 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 123.204.0.0/15 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4226 (0x1082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:39 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4CD561B0E1AE1A632E821091D071AF07DD634BF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:80:20:a6:97:d3:c3:10:e9:6e:2b:ac:69:4f:
b0:ca:4d:f7:fd:41:31:5b:dc:cc:0d:f6:65:02:23:
8e:ef:e4:30:4e:af:aa:16:a1:9a:9b:6e:89:33:ec:
cc:ed:35:12:87:f9:e4:96:bf:b4:12:b4:e2:8e:40:
cc:ea:b0:70:bf:3f:d0:e2:9b:7a:aa:d1:2f:f0:26:
23:69:8f:8c:0e:c6:3f:c1:ed:f9:69:27:9e:ad:47:
b8:8e:b8:52:e0:0a:eb:fe:9a:fd:f5:eb:50:ef:84:
23:d5:56:9c:27:d3:91:29:ae:67:81:b9:50:e4:67:
d3:31:04:f4:22:2e:0d:82:d2:c0:98:60:41:55:8b:
e2:b6:aa:a9:a5:9a:10:49:55:83:da:a9:0b:03:35:
d9:2a:c8:62:a1:f1:87:03:66:66:a9:c7:13:ca:47:
00:6a:f8:dd:f0:6f:3b:da:42:e3:ee:1f:12:86:54:
9c:c0:41:5a:c4:53:7d:d6:1e:e8:fc:07:2c:b3:24:
56:bf:99:3d:39:f6:ab:cf:10:c0:7c:0d:58:b7:2e:
24:f8:c7:b1:08:79:86:e9:d9:62:b1:59:07:c3:43:
c2:7f:b9:a5:0c:51:b5:13:d3:e0:c1:16:04:c0:89:
5e:00:8d:c5:7f:72:77:26:36:38:ec:57:42:76:5c:
04:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D5:61:B0:E1:AE:1A:63:2E:82:10:91:D0:71:AF:07:DD:63:4B:F0
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/TNVhsOGuGmMughCR0HGvB91jS_A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6e:b4:42:2f:1c:30:25:9e:fb:3f:30:48:f8:80:9d:98:42:45:
89:10:67:fa:74:d4:e4:db:90:1e:44:85:c3:fa:fe:26:e5:96:
6f:87:78:aa:51:94:c7:5e:c1:15:32:5a:8d:d5:e4:1f:e6:9f:
fa:11:35:44:b8:08:d0:71:ed:0c:e7:05:57:73:e0:f1:68:d4:
3b:4d:d0:44:43:52:04:31:d3:d2:40:8d:dc:ed:29:71:99:3d:
80:84:c3:de:27:78:95:a9:3c:b8:b1:6a:9c:5f:43:55:37:eb:
ab:ce:a1:76:ca:5b:d4:79:79:30:f1:b2:46:3c:4c:6c:f5:bb:
eb:06:ab:8e:68:27:45:44:fe:09:bb:4f:2d:b8:05:65:45:1b:
86:17:be:4b:bf:03:92:23:c1:1b:75:1e:bf:a3:11:2b:68:1f:
fe:66:00:21:78:91:a7:8f:c1:f7:0f:da:62:3a:77:ba:33:32:
84:64:ce:08:67:c2:7d:76:aa:0c:18:2b:c0:be:be:83:d0:15:
f2:76:c6:46:5c:12:83:06:15:88:08:7b:e0:63:3d:49:4f:af:
09:c5:95:68:a0:99:21:ca:b2:0e:e9:90:a4:90:cb:16:07:2c:
32:e9:29:d2:0a:f5:cf:16:8c:9d:a5:18:12:23:78:8a:82:21:
cd:20:02:b4
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEIIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MzlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRDRDU2MUIwRTFBRTFB
NjMyRTgyMTA5MUQwNzFBRjA3REQ2MzRCRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDngCCml9PDEOluK6xpT7DKTff9QTFb3MwN9mUCI47v5DBOr6oW
oZqbbokz7MztNRKH+eSWv7QStOKOQMzqsHC/P9Dim3qq0S/wJiNpj4wOxj/B7flp
J56tR7iOuFLgCuv+mv3161DvhCPVVpwn05EprmeBuVDkZ9MxBPQiLg2C0sCYYEFV
i+K2qqmlmhBJVYPaqQsDNdkqyGKh8YcDZmapxxPKRwBq+N3wbzvaQuPuHxKGVJzA
QVrEU33WHuj8ByyzJFa/mT059qvPEMB8DVi3LiT4x7EIeYbp2WKxWQfDQ8J/uaUM
UbUT0+DBFgTAiV4AjcV/cncmNjjsV0J2XAQFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUTNVhsOGuGmMughCR0HGvB91jS/AwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvVE5WaHNPR3VHbU11Z2hDUjBIR3ZC
OTFqU19BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAXvMMA0G
CSqGSIb3DQEBCwUAA4IBAQButEIvHDAlnvs/MEj4gJ2YQkWJEGf6dNTk25AeRIXD
+v4m5ZZvh3iqUZTHXsEVMlqN1eQf5p/6ETVEuAjQce0M5wVXc+DxaNQ7TdBEQ1IE
MdPSQI3c7SlxmT2AhMPeJ3iVqTy4sWqcX0NVN+urzqF2ylvUeXkw8bJGPExs9bvr
BquOaCdFRP4Ju08tuAVlRRuGF75LvwOSI8EbdR6/oxEraB/+ZgAheJGnj8H3D9pi
One6MzKEZM4IZ8J9dqoMGCvAvr6D0BXydsZGXBKDBhWICHvgYz1JT68JxZVooJkh
yrIO6ZCkkMsWBywy6SnSCvXPFoydpRgSI3iKgiHNIAK0
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:50 2023 by rpki-client on console-ams.rpki-client.org