Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjPNwRKy60AwLp5bsVWwB83ss9w.roa
File: ZjPNwRKy60AwLp5bsVWwB83ss9w.roa (raw, json)
Hash identifier: RkBEdS9vKQSlAcW6yf5pTO4oAsNi0vGHKBkY2B4bJ7Q=
Subject key identifier: 66:33:CD:C1:12:B2:EB:40:30:2E:9E:5B:B1:55:B0:07:CD:EC:B3:DC
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10EC
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjPNwRKy60AwLp5bsVWwB83ss9w.roa
Signing time: Wed 01 Feb 2023 10:29:13 +0000
ROA not before: Wed 01 Feb 2023 10:29:13 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 220.229.68.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4332 (0x10ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:13 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6633CDC112B2EB40302E9E5BB155B007CDECB3DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7f:6b:28:7a:8b:44:b5:96:3f:1c:52:b7:ca:
36:c6:0c:25:8a:1a:d0:d7:20:d6:db:d0:ac:be:fa:
f3:74:7e:0f:40:13:62:f9:8e:6f:7c:c8:ea:db:13:
c1:ef:3a:a6:3d:e7:5d:16:78:e0:eb:20:f2:3e:94:
47:ff:9f:c4:d7:33:43:c7:af:db:74:2b:7c:d6:0c:
2a:20:f2:36:e6:38:aa:8d:78:54:34:33:6b:c2:ca:
4f:bd:f2:5f:06:d2:eb:49:51:0c:f3:1f:00:77:18:
61:83:d6:91:d0:b9:2c:90:a0:f2:f3:86:54:7e:a3:
6d:18:16:85:15:63:98:ce:14:1e:ab:f8:a5:4d:6c:
e1:76:04:b1:e4:c6:af:f2:43:b3:82:79:66:dc:9b:
a6:28:95:02:93:ac:c1:91:38:ec:d5:3d:75:52:2e:
28:de:1e:e6:24:d4:4b:87:9f:da:53:78:27:e4:2a:
5b:45:63:3a:1b:5f:c5:44:1c:4b:a0:f3:b9:23:c4:
21:65:97:34:04:29:5e:41:38:e5:e0:d7:ba:75:4d:
8a:e7:50:fc:f6:ce:ea:5f:08:39:c4:f9:4a:3a:0a:
33:8d:eb:d0:8a:7f:a8:d3:1e:05:41:3c:2e:ce:f4:
bf:b2:0e:3f:62:b3:ee:ab:b1:23:6e:18:f2:7a:d4:
d6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:33:CD:C1:12:B2:EB:40:30:2E:9E:5B:B1:55:B0:07:CD:EC:B3:DC
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ZjPNwRKy60AwLp5bsVWwB83ss9w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:1b:3c:95:8c:bb:88:8b:5a:78:35:b7:ca:a3:5a:30:ef:4b:
8e:fa:9b:75:1b:ad:86:88:d7:7e:41:45:c5:f5:66:8f:2e:52:
1d:ff:ad:13:f6:91:0e:9c:4b:1f:9b:1d:6e:15:ef:21:39:44:
8f:3d:f4:f5:c1:b4:ae:0d:e7:80:35:26:2c:bb:69:65:e0:30:
2e:46:4c:85:66:17:d1:0f:03:9b:7d:79:5f:a8:39:d4:10:63:
39:8d:c7:2c:7b:95:20:28:99:64:e9:3b:40:b6:7a:61:f1:e2:
f4:2e:b1:50:6f:a1:01:f4:51:dc:b2:cb:ce:01:e9:92:55:70:
e2:ea:34:e3:02:62:06:62:97:95:f3:d0:74:98:d4:d1:2f:53:
ce:ad:02:5b:ba:1e:55:17:49:7f:b8:c1:b2:d9:8d:bc:df:44:
5f:bc:32:88:54:e7:3d:4c:84:de:f1:5a:31:9f:43:16:fb:47:
10:7b:74:05:b3:44:f6:f3:07:50:a4:8f:c0:a3:87:4b:e7:85:
ab:98:1a:5b:b8:c1:d7:c6:a6:48:37:81:22:a8:7b:46:f0:a2:
7e:c9:ba:fb:24:c9:d7:64:7a:f0:53:ab:dd:4d:2c:ce:f1:e4:
4a:38:73:64:6f:07:96:35:cc:ce:96:49:5b:4f:15:e8:86:af:
70:fa:9d:29
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY2MzNDREMxMTJCMkVC
NDAzMDJFOUU1QkIxNTVCMDA3Q0RFQ0IzREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaf2soeotEtZY/HFK3yjbGDCWKGtDXINbb0Ky++vN0fg9AE2L5
jm98yOrbE8HvOqY9510WeODrIPI+lEf/n8TXM0PHr9t0K3zWDCog8jbmOKqNeFQ0
M2vCyk+98l8G0utJUQzzHwB3GGGD1pHQuSyQoPLzhlR+o20YFoUVY5jOFB6r+KVN
bOF2BLHkxq/yQ7OCeWbcm6YolQKTrMGROOzVPXVSLijeHuYk1EuHn9pTeCfkKltF
YzobX8VEHEug87kjxCFllzQEKV5BOOXg17p1TYrnUPz2zupfCDnE+Uo6CjON69CK
f6jTHgVBPC7O9L+yDj9is+6rsSNuGPJ61NYLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZjPNwRKy60AwLp5bsVWwB83ss9wwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWmpQTndSS3k2MEF3THA1YnNWV3dC
ODNzczl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN
BgkqhkiG9w0BAQsFAAOCAQEAXBs8lYy7iItaeDW3yqNaMO9LjvqbdRuthojXfkFF
xfVmjy5SHf+tE/aRDpxLH5sdbhXvITlEjz309cG0rg3ngDUmLLtpZeAwLkZMhWYX
0Q8Dm315X6g51BBjOY3HLHuVICiZZOk7QLZ6YfHi9C6xUG+hAfRR3LLLzgHpklVw
4uo04wJiBmKXlfPQdJjU0S9Tzq0CW7oeVRdJf7jBstmNvN9EX7wyiFTnPUyE3vFa
MZ9DFvtHEHt0BbNE9vMHUKSPwKOHS+eFq5gaW7jB18amSDeBIqh7RvCifsm6+yTJ
12R68FOr3U0szvHkSjhzZG8HljXMzpZJW08V6IavcPqdKQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org