Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/_38bknQvwsasfcCPeuyqmpUL5p0.roa
File: _38bknQvwsasfcCPeuyqmpUL5p0.roa (raw, json)
Hash identifier: 2/HLRl801Hp4wbgioBPIQPYnxfCCe6DrFzNtfox1h2Q=
Subject key identifier: FF:7F:1B:92:74:2F:C2:C6:AC:7D:C0:8F:7A:EC:AA:9A:95:0B:E6:9D
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 104E
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/_38bknQvwsasfcCPeuyqmpUL5p0.roa
Signing time: Wed 01 Feb 2023 10:28:23 +0000
ROA not before: Wed 01 Feb 2023 10:28:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 60.245.112.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4174 (0x104e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=FF7F1B92742FC2C6AC7DC08F7AECAA9A950BE69D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:1c:7c:3e:fa:04:7e:6c:d1:1f:dc:9c:f4:
07:19:8e:06:57:8d:ad:89:5e:62:b1:b8:fa:35:9b:
3a:55:28:40:93:b8:71:86:62:6f:6f:c6:77:a1:d4:
50:c2:e3:c3:78:55:22:be:47:ce:79:75:f0:77:8c:
cb:e4:f5:d5:a5:43:08:80:e8:49:3a:0c:ad:20:42:
2a:77:0f:66:b2:f1:c6:d0:0a:f1:41:50:0d:22:82:
bb:53:59:c0:e6:b7:5f:be:8e:77:bd:40:6b:67:d2:
84:88:70:60:0a:c8:6b:47:57:b9:11:22:2c:85:99:
20:c8:a8:47:bd:f9:3d:a3:7a:c7:cd:32:02:ad:1a:
20:37:23:02:53:50:df:33:1c:8f:10:74:ce:31:d5:
cb:6a:f0:e5:7d:d5:8c:bd:f7:77:4b:4b:0f:0a:20:
65:c8:02:49:7b:97:d3:22:98:67:32:c1:bb:b4:72:
98:90:6c:cf:7f:ac:ca:e4:88:62:16:6d:ab:87:ef:
13:ec:07:fc:f2:81:51:25:e6:dc:6e:9f:0a:d9:a5:
01:61:57:7d:8a:12:c3:aa:3a:43:f9:d6:bf:4b:1b:
24:41:39:f3:87:f2:46:d5:a2:39:a3:20:53:00:d6:
6f:da:c1:72:fd:d7:85:dd:f7:bd:d2:ca:9d:c1:18:
cc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7F:1B:92:74:2F:C2:C6:AC:7D:C0:8F:7A:EC:AA:9A:95:0B:E6:9D
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/_38bknQvwsasfcCPeuyqmpUL5p0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.245.112.0/21
Signature Algorithm: sha256WithRSAEncryption
03:93:10:26:ee:50:b1:87:49:45:ef:14:88:da:42:a2:97:dc:
4c:8c:b1:8e:30:6c:54:9f:88:52:62:69:e3:c9:50:2e:40:5f:
f4:27:80:c7:ce:b9:04:4e:6e:23:3c:fa:b5:36:54:1b:e1:f1:
ed:9e:0c:62:bd:1f:fd:dd:78:d4:2f:c6:09:9d:f8:85:fd:3b:
61:9b:08:92:50:08:f6:7c:09:65:2f:e3:c0:7d:ba:76:00:f7:
07:ea:30:3e:81:86:09:2d:65:06:d7:12:ee:c8:00:4b:a3:fe:
63:ef:e6:9d:2a:94:f2:77:78:b8:3b:0a:30:62:29:37:99:a8:
7a:29:78:04:9b:ec:92:29:fe:22:64:e9:92:88:12:03:37:b5:
e1:75:de:7e:c7:ea:34:6a:ae:50:ed:09:f3:18:f2:1f:b9:84:
02:8a:13:f4:74:88:16:7a:43:ca:5b:a1:6b:7f:8c:ec:ae:38:
a5:6a:9e:eb:c5:6e:3b:f2:67:b9:8e:70:09:84:a0:42:4c:ef:
1f:80:5a:87:7f:12:95:19:e1:de:5f:f6:aa:4f:e3:be:db:e2:
08:e2:d6:eb:5e:e6:ee:42:f1:52:e0:78:b3:c2:85:c4:ae:14:
cb:89:5d:fc:3a:7f:c4:80:4a:ac:5a:44:be:f5:4d:da:9d:45:
35:02:43:63
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZGN0YxQjkyNzQyRkMy
QzZBQzdEQzA4RjdBRUNBQTlBOTUwQkU2OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK4Rx8PvoEfmzRH9yc9AcZjgZXja2JXmKxuPo1mzpVKECTuHGG
Ym9vxneh1FDC48N4VSK+R855dfB3jMvk9dWlQwiA6Ek6DK0gQip3D2ay8cbQCvFB
UA0igrtTWcDmt1++jne9QGtn0oSIcGAKyGtHV7kRIiyFmSDIqEe9+T2jesfNMgKt
GiA3IwJTUN8zHI8QdM4x1ctq8OV91Yy993dLSw8KIGXIAkl7l9MimGcywbu0cpiQ
bM9/rMrkiGIWbauH7xPsB/zygVEl5txunwrZpQFhV32KEsOqOkP51r9LGyRBOfOH
8kbVojmjIFMA1m/awXL914Xd973Syp3BGMz7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/38bknQvwsasfcCPeuyqmpUL5p0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvXzM4YmtuUXZ3c2FzZmNDUGV1eXFt
cFVMNXAwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzz1cDAN
BgkqhkiG9w0BAQsFAAOCAQEAA5MQJu5QsYdJRe8UiNpCopfcTIyxjjBsVJ+IUmJp
48lQLkBf9CeAx865BE5uIzz6tTZUG+Hx7Z4MYr0f/d141C/GCZ34hf07YZsIklAI
9nwJZS/jwH26dgD3B+owPoGGCS1lBtcS7sgAS6P+Y+/mnSqU8nd4uDsKMGIpN5mo
eil4BJvskin+ImTpkogSAze14XXefsfqNGquUO0J8xjyH7mEAooT9HSIFnpDyluh
a3+M7K44pWqe68VuO/JnuY5wCYSgQkzvH4Bah38SlRnh3l/2qk/jvtviCOLW617m
7kLxUuB4s8KFxK4Uy4ld/Dp/xIBKrFpEvvVN2p1FNQJDYw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:15 2023 by rpki-client on console-fra.rpki-client.org