Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/nXZv5zhKgYQJhEEZnbhAckVUbYQ.roa
File: nXZv5zhKgYQJhEEZnbhAckVUbYQ.roa (raw, json)
Hash identifier: 61ySDhAKC13tA9u6bQhWJ+d0U2ycNwFpvOhxImyodiM=
Subject key identifier: 9D:76:6F:E7:38:4A:81:84:09:84:41:19:9D:B8:40:72:45:54:6D:84
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10C3
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nXZv5zhKgYQJhEEZnbhAckVUbYQ.roa
Signing time: Wed 01 Feb 2023 10:29:01 +0000
ROA not before: Wed 01 Feb 2023 10:29:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 203.190.16.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4291 (0x10c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:01 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9D766FE7384A8184098441199DB8407245546D84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:75:a3:94:f8:9c:81:e7:d7:63:d8:da:8a:e8:
73:74:26:55:13:31:da:23:4e:23:72:80:62:50:aa:
29:83:e9:5b:67:e4:01:c2:31:ce:be:6e:9f:4c:1f:
11:e2:73:26:22:04:92:a5:31:71:ed:28:38:15:fe:
db:87:66:07:0a:cf:70:10:68:45:81:49:b8:ab:b1:
60:c1:17:a5:9b:6d:d9:de:35:ee:3e:02:54:e9:69:
8a:48:a8:89:a5:d4:85:9b:cd:55:61:3b:0a:26:b4:
d8:a4:e3:07:d5:80:6e:df:c9:8f:fc:52:89:a0:c7:
33:f4:f1:56:3b:99:c1:f6:96:4c:9d:31:93:c2:23:
3f:b8:9f:1e:f4:6f:ba:50:dc:6a:5e:ae:07:65:62:
61:c2:bf:d8:8f:b8:91:d9:74:3d:c7:93:bd:b3:a3:
9a:cf:8a:e8:8a:25:e8:19:58:81:68:fa:86:7f:c8:
f8:d7:d0:33:54:ad:d2:36:81:20:7c:62:e0:ed:39:
bf:c0:d8:b1:01:f2:8c:4b:9f:07:15:10:a3:72:41:
d7:2d:4f:94:78:74:4c:ac:07:ee:26:e0:85:9c:c6:
f4:af:c1:e3:a8:da:b2:0b:9f:40:38:02:b1:8e:a9:
04:8a:90:e0:f7:93:3b:d1:6c:e7:a0:e0:03:1d:44:
74:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:76:6F:E7:38:4A:81:84:09:84:41:19:9D:B8:40:72:45:54:6D:84
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nXZv5zhKgYQJhEEZnbhAckVUbYQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.190.16.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:7e:5c:58:36:3b:14:fa:a4:55:d2:15:1c:6e:75:26:ee:f7:
6d:c9:55:65:4a:fd:af:eb:39:c0:4e:94:5d:be:c1:e4:72:e3:
90:8d:6b:4c:ec:3f:dd:26:4f:87:a9:94:cb:65:65:25:01:2a:
1e:97:38:61:c1:cb:d2:f7:7d:54:cc:10:c7:49:da:d4:fd:01:
79:b7:d8:94:63:a0:5d:e3:8e:2e:16:74:cc:e5:6b:ab:ab:c7:
ff:d9:97:2b:e8:f1:77:01:00:f3:17:c2:62:be:d5:08:c5:3b:
81:15:29:9b:d2:32:11:29:d8:0f:ce:54:ee:ed:9f:5f:64:1a:
dc:bf:0a:3e:23:c9:d6:dc:ac:31:20:63:c1:35:80:1e:73:74:
ae:48:16:1b:de:e1:3a:e6:a4:56:16:ca:de:96:e6:b1:11:1b:
a9:0b:8a:d7:5c:6a:c2:7d:e3:af:66:1a:5f:a3:93:4b:ca:f4:
f6:02:da:16:eb:71:8e:57:16:ad:34:e4:39:4e:f9:8a:38:a6:
21:6b:96:60:74:12:b7:7e:48:cf:09:c1:42:3e:8d:2c:82:31:
cb:67:7e:d3:a3:89:77:ce:b5:7e:70:e3:41:5a:2f:b4:80:b7:
15:14:91:64:fe:d8:1a:b3:39:12:ea:08:48:9f:db:02:fa:d7:
10:4b:c2:7f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlENzY2RkU3Mzg0QTgx
ODQwOTg0NDExOTlEQjg0MDcyNDU1NDZEODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtdaOU+JyB59dj2NqK6HN0JlUTMdojTiNygGJQqimD6Vtn5AHC
Mc6+bp9MHxHicyYiBJKlMXHtKDgV/tuHZgcKz3AQaEWBSbirsWDBF6WbbdneNe4+
AlTpaYpIqIml1IWbzVVhOwomtNik4wfVgG7fyY/8UomgxzP08VY7mcH2lkydMZPC
Iz+4nx70b7pQ3GpergdlYmHCv9iPuJHZdD3Hk72zo5rPiuiKJegZWIFo+oZ/yPjX
0DNUrdI2gSB8YuDtOb/A2LEB8oxLnwcVEKNyQdctT5R4dEysB+4m4IWcxvSvweOo
2rILn0A4ArGOqQSKkOD3kzvRbOeg4AMdRHQnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnXZv5zhKgYQJhEEZnbhAckVUbYQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvblhadjV6aEtnWVFKaEVFWm5iaEFj
a1ZVYllRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8u+EDAN
BgkqhkiG9w0BAQsFAAOCAQEADn5cWDY7FPqkVdIVHG51Ju73bclVZUr9r+s5wE6U
Xb7B5HLjkI1rTOw/3SZPh6mUy2VlJQEqHpc4YcHL0vd9VMwQx0na1P0BebfYlGOg
XeOOLhZ0zOVrq6vH/9mXK+jxdwEA8xfCYr7VCMU7gRUpm9IyESnYD85U7u2fX2Qa
3L8KPiPJ1tysMSBjwTWAHnN0rkgWG97hOuakVhbK3pbmsREbqQuK11xqwn3jr2Ya
X6OTS8r09gLaFutxjlcWrTTkOU75ijimIWuWYHQSt35IzwnBQj6NLIIxy2d+06OJ
d861fnDjQVovtIC3FRSRZP7YGrM5EuoISJ/bAvrXEEvCfw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org