Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/fuVxf_9hfHE8s6NenxBp2_zsKEQ.roa
File: fuVxf_9hfHE8s6NenxBp2_zsKEQ.roa (raw, json)
Hash identifier: uNAbh7SXDPOynNNesfyG2JMr5rGuXWKlq6HIf6J2YZc=
Subject key identifier: 7E:E5:71:7F:FF:61:7C:71:3C:B3:A3:5E:9F:10:69:DB:FC:EC:28:44
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1118
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/fuVxf_9hfHE8s6NenxBp2_zsKEQ.roa
Signing time: Wed 01 Feb 2023 10:29:27 +0000
ROA not before: Wed 01 Feb 2023 10:29:27 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 221.169.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4376 (0x1118)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:27 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=7EE5717FFF617C713CB3A35E9F1069DBFCEC2844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2d:35:b3:a8:85:d4:8f:3b:e7:04:48:cd:39:
0d:5e:7a:08:01:37:06:80:98:d4:ab:7c:9b:2a:b4:
21:fc:4d:03:0e:22:e9:ed:06:11:b5:39:4b:c7:5c:
95:bf:c9:ac:0e:be:7b:69:43:de:99:78:91:b1:a2:
ac:e0:b1:34:52:c4:b2:6d:1f:0c:7c:6d:5e:ec:11:
37:ee:25:df:00:1f:be:60:fd:6e:8a:d7:df:26:a7:
f6:90:00:16:01:e0:ff:66:95:89:22:e3:a3:6b:ac:
52:5d:b0:71:7b:94:2c:f2:55:43:bf:0b:18:bd:0f:
a0:c7:8e:bb:67:e5:e6:cb:dd:97:a2:39:a7:f8:8e:
14:80:86:22:e9:72:57:b7:1e:57:ee:4b:4f:0a:5c:
8f:a0:ba:f1:65:1a:bf:11:27:2a:78:7f:dc:24:6d:
41:09:91:81:a3:5d:fc:92:71:38:8e:d2:87:f1:d6:
51:25:66:91:1b:3d:74:3c:27:19:92:89:55:d3:62:
4c:6d:08:a8:4d:40:05:0b:53:b3:da:4e:2c:5d:40:
6d:4f:1b:ab:7b:7e:a0:25:9e:ba:7b:8b:92:f1:e4:
d5:5a:24:c6:9a:f5:bb:82:ef:d8:12:8b:a6:be:a8:
c1:30:08:c0:bf:93:4f:ec:fd:bf:10:f8:ba:ea:0c:
ca:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E5:71:7F:FF:61:7C:71:3C:B3:A3:5E:9F:10:69:DB:FC:EC:28:44
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/fuVxf_9hfHE8s6NenxBp2_zsKEQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:72:aa:11:3a:28:34:e5:53:e0:29:50:2e:86:71:9c:4b:c7:
3d:d8:c2:94:99:09:a0:1f:34:40:d6:ef:38:26:b1:68:61:69:
92:e9:63:4c:82:47:38:59:ff:81:75:96:b4:97:22:ab:f8:e7:
e4:d5:65:5d:c4:89:c7:c2:06:d9:7f:aa:35:90:9d:bf:77:db:
f7:57:48:f5:b3:35:ab:65:d9:ef:fd:b3:e1:f6:70:1b:44:6e:
04:cf:33:b5:7e:16:42:ac:5a:78:07:dc:bd:b3:c7:ae:54:c0:
81:a4:d5:9a:0f:72:e3:50:8a:29:22:6c:55:9c:d6:bc:27:fd:
d1:85:86:54:0f:6d:0a:65:88:1d:fd:8a:e7:b7:1d:80:69:94:
0e:f0:7a:ba:a3:02:ea:aa:0a:c0:16:72:4e:bf:de:4d:67:a1:
4e:4f:6c:bb:ac:e5:93:6e:9d:e5:1e:3f:07:52:b2:1c:34:17:
c6:1d:07:18:7a:35:d7:ad:b2:e3:47:97:1a:81:29:32:70:7f:
27:3d:5c:cb:05:48:6e:ab:be:67:e8:6e:66:28:d6:bd:d7:20:
ff:1a:64:99:54:1b:30:fe:81:14:73:53:64:a5:03:c6:0a:01:
de:75:63:e0:09:d1:1e:a2:0b:7b:5e:7f:a7:88:c9:ab:0e:8c:
d5:e6:c5:61
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICERgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdFRTU3MTdGRkY2MTdD
NzEzQ0IzQTM1RTlGMTA2OURCRkNFQzI4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOLTWzqIXUjzvnBEjNOQ1eeggBNwaAmNSrfJsqtCH8TQMOIunt
BhG1OUvHXJW/yawOvntpQ96ZeJGxoqzgsTRSxLJtHwx8bV7sETfuJd8AH75g/W6K
198mp/aQABYB4P9mlYki46NrrFJdsHF7lCzyVUO/Cxi9D6DHjrtn5ebL3ZeiOaf4
jhSAhiLpcle3HlfuS08KXI+guvFlGr8RJyp4f9wkbUEJkYGjXfyScTiO0ofx1lEl
ZpEbPXQ8JxmSiVXTYkxtCKhNQAULU7PaTixdQG1PG6t7fqAlnrp7i5Lx5NVaJMaa
9buC79gSi6a+qMEwCMC/k0/s/b8Q+LrqDMpvAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUfuVxf/9hfHE8s6NenxBp2/zsKEQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZnVWeGZfOWhmSEU4czZOZW54QnAy
X3pzS0VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN2pMA0G
CSqGSIb3DQEBCwUAA4IBAQB0cqoROig05VPgKVAuhnGcS8c92MKUmQmgHzRA1u84
JrFoYWmS6WNMgkc4Wf+BdZa0lyKr+Ofk1WVdxInHwgbZf6o1kJ2/d9v3V0j1szWr
Zdnv/bPh9nAbRG4EzzO1fhZCrFp4B9y9s8euVMCBpNWaD3LjUIopImxVnNa8J/3R
hYZUD20KZYgd/Yrntx2AaZQO8Hq6owLqqgrAFnJOv95NZ6FOT2y7rOWTbp3lHj8H
UrIcNBfGHQcYejXXrbLjR5cagSkycH8nPVzLBUhuq75n6G5mKNa91yD/GmSZVBsw
/oEUc1NkpQPGCgHedWPgCdEeogt7Xn+niMmrDozV5sVh
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:53:16 2023 by rpki-client on console-fra.rpki-client.org