Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/iWWf8NPpxzGih4PQPx8z6tuqwzw.roa
File: iWWf8NPpxzGih4PQPx8z6tuqwzw.roa (raw, json)
Hash identifier: 2RAGru4yG/OAy8/iuzwV/HHcQtjLJjBuVWwdzmJq1MU=
Subject key identifier: 89:65:9F:F0:D3:E9:C7:31:A2:87:83:D0:3F:1F:33:EA:DB:AA:C3:3C
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CDC
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iWWf8NPpxzGih4PQPx8z6tuqwzw.roa
Signing time: Wed 01 Feb 2023 10:28:52 +0000
ROA not before: Wed 01 Feb 2023 10:28:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 139.175.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3292 (0xcdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:52 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=89659FF0D3E9C731A28783D03F1F33EADBAAC33C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fa:3d:ad:a1:74:17:2f:13:be:0b:14:e7:6f:
de:08:7e:bf:7b:fc:87:88:e8:07:c7:2d:e6:14:a6:
00:0a:32:7a:cd:f2:43:c0:e8:5f:eb:92:39:89:1e:
05:87:11:5f:61:f9:71:ad:c2:f7:cf:18:e4:18:6c:
af:09:d5:21:08:85:cf:3a:69:0e:53:8d:85:57:5a:
7b:d0:fa:4e:36:34:a7:b6:1e:28:7c:99:c3:c3:5a:
e4:1c:05:98:d9:79:09:1b:03:b2:01:ba:1e:cf:ec:
75:51:79:3b:c5:82:de:3a:9b:8f:27:ff:89:70:fd:
8e:ac:ae:b6:11:cf:33:4f:d3:91:bc:40:3c:bc:96:
02:3e:eb:b5:e5:a0:ff:00:9a:a8:40:e5:90:a9:54:
81:54:b1:17:13:b3:a8:32:e6:9a:a9:73:ab:c2:35:
29:fb:66:bc:93:41:e7:0f:94:16:ba:1e:76:63:54:
6b:b5:07:72:72:b8:cb:43:aa:bc:c9:0b:50:53:26:
80:cb:e1:93:17:7f:8a:3a:07:f8:8b:03:85:58:f1:
06:14:54:ec:7f:f5:63:45:5a:bd:5f:30:ca:d1:90:
40:0f:34:5a:c2:7a:18:3e:51:0a:7d:4f:0a:1a:61:
f6:6f:b4:c8:bd:f5:93:62:72:a5:04:34:f0:96:eb:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:65:9F:F0:D3:E9:C7:31:A2:87:83:D0:3F:1F:33:EA:DB:AA:C3:3C
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iWWf8NPpxzGih4PQPx8z6tuqwzw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
139.175.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:2b:fb:f4:34:0e:5b:89:e1:0e:8b:32:14:cb:ab:3e:a7:1f:
54:d9:6b:88:e3:e0:32:e1:93:24:3e:a8:9f:98:92:09:f1:a4:
ee:7a:7a:a4:b4:27:a4:c9:4a:e1:4d:68:e8:6c:0c:b6:0d:17:
a7:88:07:ca:49:68:b9:c4:c6:ed:db:96:c0:f9:f4:17:3a:9f:
1a:ef:14:2a:29:6f:85:7b:24:c7:30:76:ab:ab:95:e5:37:87:
3c:8a:e2:29:ad:42:e7:d1:f5:08:eb:94:3c:1b:8f:ae:f3:fc:
a4:86:e8:21:7c:a2:f9:5e:98:99:d9:aa:ca:ec:39:c0:6a:37:
f3:9b:7f:89:f8:82:ba:b7:ca:ea:24:24:cc:0d:c0:6c:a6:83:
fd:5c:ae:d3:b8:48:e1:08:c5:7b:8d:b2:c8:6c:86:9b:18:4d:
00:72:55:05:3f:bc:e2:13:c2:51:cd:c4:9f:55:bb:8e:63:f7:
71:e9:e2:96:d3:d1:ab:30:82:26:96:34:b5:1a:7b:a5:3f:35:
19:a2:ec:62:5b:c5:ce:4d:bf:14:b9:a2:08:9d:4d:88:b1:aa:
3a:2b:4e:c7:97:8d:a1:c1:a7:f7:5e:c4:09:2b:7f:05:8f:30:
75:64:af:a3:22:64:ec:0e:27:54:3e:29:24:69:de:44:56:41:
10:1c:2c:c4
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5NjU5RkYwRDNFOUM3
MzFBMjg3ODNEMDNGMUYzM0VBREJBQUMzM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB+j2toXQXLxO+CxTnb94Ifr97/IeI6AfHLeYUpgAKMnrN8kPA
6F/rkjmJHgWHEV9h+XGtwvfPGOQYbK8J1SEIhc86aQ5TjYVXWnvQ+k42NKe2Hih8
mcPDWuQcBZjZeQkbA7IBuh7P7HVReTvFgt46m48n/4lw/Y6srrYRzzNP05G8QDy8
lgI+67XloP8AmqhA5ZCpVIFUsRcTs6gy5pqpc6vCNSn7ZryTQecPlBa6HnZjVGu1
B3JyuMtDqrzJC1BTJoDL4ZMXf4o6B/iLA4VY8QYUVOx/9WNFWr1fMMrRkEAPNFrC
ehg+UQp9TwoaYfZvtMi99ZNicqUENPCW69K/AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUiWWf8NPpxzGih4PQPx8z6tuqwzwwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaVdXZjhOUHB4ekdpaDRQUVB4OHo2
dHVxd3p3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIuvMA0G
CSqGSIb3DQEBCwUAA4IBAQA9K/v0NA5bieEOizIUy6s+px9U2WuI4+Ay4ZMkPqif
mJIJ8aTuenqktCekyUrhTWjobAy2DReniAfKSWi5xMbt25bA+fQXOp8a7xQqKW+F
eyTHMHarq5XlN4c8iuIprULn0fUI65Q8G4+u8/ykhughfKL5XpiZ2arK7DnAajfz
m3+J+IK6t8rqJCTMDcBspoP9XK7TuEjhCMV7jbLIbIabGE0AclUFP7ziE8JRzcSf
VbuOY/dx6eKW09GrMIImljS1GnulPzUZouxiW8XOTb8UuaIInU2Isao6K07Hl42h
waf3XsQJK38FjzB1ZK+jImTsDidUPikkad5EVkEQHCzE
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org