Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/TkuqqIOiNQDvfU9KofZUAttuvBk.roa
File: TkuqqIOiNQDvfU9KofZUAttuvBk.roa (raw, json)
Hash identifier: XSk29JqvIDWktUXrCuhhS0Fuymbgp3E9rd1ChTdamw4=
Subject key identifier: 4E:4B:AA:A8:83:A2:35:00:EF:7D:4F:4A:A1:F6:54:02:DB:6E:BC:19
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD5
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/TkuqqIOiNQDvfU9KofZUAttuvBk.roa
Signing time: Wed 01 Feb 2023 10:28:29 +0000
ROA not before: Wed 01 Feb 2023 10:28:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.240.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3285 (0xcd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:29 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4E4BAAA883A23500EF7D4F4AA1F65402DB6EBC19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1a:7d:94:22:ce:1e:b6:62:9a:14:fc:ec:a9:
f2:c2:eb:0f:67:bd:94:57:58:f0:12:0b:c8:f3:26:
c0:25:22:42:55:49:ab:bd:93:14:37:f4:c5:85:b4:
9e:b4:02:e0:d0:92:8b:5a:8c:69:d6:dc:1d:93:97:
c9:1f:84:8d:4e:2c:f1:d5:7c:9b:30:25:31:5e:7c:
bc:56:4e:70:d9:20:93:88:22:85:67:1a:81:0a:23:
07:51:f8:1a:ad:fb:83:0a:5a:8a:c9:44:e1:75:b3:
07:38:5a:89:c6:5e:1c:83:06:41:e0:68:9d:01:89:
25:af:e5:8e:2d:02:05:cd:7c:51:26:76:1a:45:b3:
f7:9b:2d:49:39:72:34:77:07:9b:5e:cf:4a:26:c5:
f6:6c:4e:95:03:88:1f:1a:b4:10:3d:b3:92:25:35:
d5:0e:58:88:0f:a8:da:ca:53:d3:91:be:d8:3b:37:
25:b7:f2:29:2e:33:fa:62:2b:7e:14:6c:24:85:b9:
50:fe:e7:8f:d7:a4:c3:02:e0:bd:de:2c:26:82:e6:
54:20:36:f5:64:e1:fa:c1:b2:90:16:70:06:65:34:
50:e5:1f:37:fb:64:4b:61:77:d6:4d:21:51:83:2c:
4b:23:7e:10:a8:6c:c1:5b:c2:f5:71:a3:2d:0e:ce:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4B:AA:A8:83:A2:35:00:EF:7D:4F:4A:A1:F6:54:02:DB:6E:BC:19
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/TkuqqIOiNQDvfU9KofZUAttuvBk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.240.0/21
Signature Algorithm: sha256WithRSAEncryption
60:61:5b:a4:f3:92:c9:56:cf:d9:f6:79:a6:2b:15:51:c8:7e:
46:8e:e9:28:e0:78:e8:73:5d:73:24:fd:c1:55:2d:c2:f9:4e:
2b:2c:3b:a3:cf:79:95:09:09:57:c4:6f:c9:37:b7:b6:83:fb:
fa:5f:25:64:50:f6:48:fb:d1:5b:e3:ec:65:2c:43:f0:8f:9a:
2c:cc:34:10:53:09:d5:d6:09:2e:a9:68:3c:e7:43:2c:37:25:
90:c2:4c:92:1f:ce:4e:99:a6:58:f4:42:6f:f4:8c:46:c8:00:
d2:0e:42:9e:23:cc:1a:c6:09:9c:bd:2d:f1:48:f1:7a:ad:62:
28:b6:c6:6b:33:55:3d:c8:ea:42:08:a4:16:1d:c0:1f:da:98:
3a:99:2a:ae:42:15:cf:7e:69:e8:cf:62:dd:b3:35:91:f9:62:
ef:22:e2:5b:78:28:9d:22:4a:e4:8e:b8:f2:c6:ce:13:24:8c:
2e:12:a3:ae:c2:d2:f9:ba:77:f9:c1:d7:8b:44:75:b4:99:57:
b8:d4:ec:bf:42:c4:7e:97:45:49:04:2a:a3:a2:c2:cd:90:db:
cf:62:67:5e:8f:8c:b8:ee:88:59:5b:84:4b:c6:b4:b9:77:3c:
b0:dc:d2:75:af:b6:15:60:77:8c:d6:ce:79:5f:44:eb:b7:d9:
a9:6b:78:7f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4MjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRFNEJBQUE4ODNBMjM1
MDBFRjdENEY0QUExRjY1NDAyREI2RUJDMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIGn2UIs4etmKaFPzsqfLC6w9nvZRXWPASC8jzJsAlIkJVSau9
kxQ39MWFtJ60AuDQkotajGnW3B2Tl8kfhI1OLPHVfJswJTFefLxWTnDZIJOIIoVn
GoEKIwdR+Bqt+4MKWorJROF1swc4WonGXhyDBkHgaJ0BiSWv5Y4tAgXNfFEmdhpF
s/ebLUk5cjR3B5tez0omxfZsTpUDiB8atBA9s5IlNdUOWIgPqNrKU9ORvtg7NyW3
8ikuM/piK34UbCSFuVD+54/XpMMC4L3eLCaC5lQgNvVk4frBspAWcAZlNFDlHzf7
ZEthd9ZNIVGDLEsjfhCobMFbwvVxoy0OznVHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUTkuqqIOiNQDvfU9KofZUAttuvBkwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvVGt1cXFJT2lOUUR2ZlU5S29mWlVB
dHR1dkJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN
BgkqhkiG9w0BAQsFAAOCAQEAYGFbpPOSyVbP2fZ5pisVUch+Ro7pKOB46HNdcyT9
wVUtwvlOKyw7o895lQkJV8RvyTe3toP7+l8lZFD2SPvRW+PsZSxD8I+aLMw0EFMJ
1dYJLqloPOdDLDclkMJMkh/OTpmmWPRCb/SMRsgA0g5CniPMGsYJnL0t8Ujxeq1i
KLbGazNVPcjqQgikFh3AH9qYOpkqrkIVz35p6M9i3bM1kfli7yLiW3gonSJK5I64
8sbOEySMLhKjrsLS+bp3+cHXi0R1tJlXuNTsv0LEfpdFSQQqo6LCzZDbz2JnXo+M
uO6IWVuES8a0uXc8sNzSda+2FWB3jNbOeV9E67fZqWt4fw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org