Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/qhSa_to4sTS3phXljoW82HPKGEI.roa
File: qhSa_to4sTS3phXljoW82HPKGEI.roa (raw, json)
Hash identifier: mKNsYKKFtuWZn45u5NVCjj7FYu/URw5odzPJfjqoXD8=
Subject key identifier: AA:14:9A:FE:DA:38:B1:34:B7:A6:15:E5:8E:85:BC:D8:73:CA:18:42
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1092
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qhSa_to4sTS3phXljoW82HPKGEI.roa
Signing time: Wed 01 Feb 2023 10:28:44 +0000
ROA not before: Wed 01 Feb 2023 10:28:44 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 106.107.152.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4242 (0x1092)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:44 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AA149AFEDA38B134B7A615E58E85BCD873CA1842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:43:8c:b6:d0:7b:90:0c:a9:5d:ce:41:e9:be:
3e:4c:6c:a4:60:80:76:72:12:46:cb:ad:84:5d:5d:
17:5c:90:36:3a:5e:d1:02:79:69:54:f0:da:ff:84:
fa:33:d4:1d:5b:fd:80:bb:58:c3:57:14:cd:d8:f3:
62:2e:e3:b5:16:3e:57:12:80:95:94:13:fb:11:33:
be:58:1c:e0:e7:b5:3b:33:fc:bf:63:e6:3b:1c:65:
b9:56:21:dc:b6:79:59:07:7e:47:6e:53:a3:12:b5:
6a:ff:6e:9e:cb:02:2f:3a:36:01:47:f7:79:eb:00:
f8:f1:f5:a4:4c:19:78:af:8c:24:42:72:fd:e6:64:
52:8e:9c:8e:15:fb:d1:fc:36:58:2a:92:88:c7:5e:
0b:12:8c:b8:f0:bc:41:c5:64:4b:f0:6c:58:6c:d2:
2c:80:76:fe:67:b8:97:ff:17:78:ce:88:ee:ee:64:
ec:75:0b:51:6c:7f:ae:46:da:7c:bd:ea:68:83:14:
01:c8:26:57:84:2c:d0:49:17:0a:48:fc:0b:b3:59:
80:76:32:2b:59:1b:e4:72:bc:48:7c:c8:3b:00:f9:
9c:0a:50:23:0d:d7:0d:d6:51:43:e8:a6:44:23:e2:
17:0a:b7:76:32:e0:b9:7b:65:b1:e0:b8:2d:0e:20:
bb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:14:9A:FE:DA:38:B1:34:B7:A6:15:E5:8E:85:BC:D8:73:CA:18:42
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/qhSa_to4sTS3phXljoW82HPKGEI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.107.152.0/21
Signature Algorithm: sha256WithRSAEncryption
13:85:43:0d:e5:53:21:53:9e:5f:81:de:5a:94:2d:db:86:2f:
98:92:6a:b0:8d:6b:dc:5a:2a:2e:6a:4a:ea:8f:e7:7d:62:8e:
12:61:21:12:68:a4:c5:78:d9:11:60:77:a8:75:d2:81:b8:72:
11:30:31:2a:d4:10:c6:16:ae:0d:c8:56:70:43:c8:4a:79:6f:
84:15:7c:62:e1:f2:e9:32:84:32:b0:0d:b2:2d:ba:de:5b:91:
e8:0b:19:f5:fe:86:14:f6:d4:6d:20:ca:59:e6:09:fe:a5:f3:
1d:16:60:c7:b9:82:4e:f0:ed:7b:aa:aa:e9:48:3e:39:e7:7a:
70:83:05:0f:01:17:8b:d6:27:f3:26:26:03:5c:6c:cc:40:3b:
aa:69:6f:c5:91:64:54:c2:ed:35:16:ba:f2:66:ab:9a:6b:ea:
bb:bf:41:dc:cf:8f:7d:48:fd:72:aa:ef:7b:e5:73:54:b4:16:
32:f6:74:66:21:a1:4e:3a:03:34:75:3f:85:e4:be:07:0b:73:
a0:7f:ef:a7:95:17:8e:fc:d4:60:65:b9:d6:b3:62:32:33:bf:
1a:76:93:72:50:5b:76:7d:88:08:55:bf:12:9c:6e:75:31:da:
12:f3:c7:1d:5d:01:ab:b8:aa:ab:f8:2d:4a:79:19:1c:cc:13:
ff:98:22:57
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFBMTQ5QUZFREEzOEIx
MzRCN0E2MTVFNThFODVCQ0Q4NzNDQTE4NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYQ4y20HuQDKldzkHpvj5MbKRggHZyEkbLrYRdXRdckDY6XtEC
eWlU8Nr/hPoz1B1b/YC7WMNXFM3Y82Iu47UWPlcSgJWUE/sRM75YHODntTsz/L9j
5jscZblWIdy2eVkHfkduU6MStWr/bp7LAi86NgFH93nrAPjx9aRMGXivjCRCcv3m
ZFKOnI4V+9H8NlgqkojHXgsSjLjwvEHFZEvwbFhs0iyAdv5nuJf/F3jOiO7uZOx1
C1Fsf65G2ny96miDFAHIJleELNBJFwpI/AuzWYB2MitZG+RyvEh8yDsA+ZwKUCMN
1w3WUUPopkQj4hcKt3Yy4Ll7ZbHguC0OILsBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqhSa/to4sTS3phXljoW82HPKGEIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcWhTYV90bzRzVFMzcGhYbGpvVzgy
SFBLR0VJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2prmDAN
BgkqhkiG9w0BAQsFAAOCAQEAE4VDDeVTIVOeX4HeWpQt24YvmJJqsI1r3FoqLmpK
6o/nfWKOEmEhEmikxXjZEWB3qHXSgbhyETAxKtQQxhauDchWcEPISnlvhBV8YuHy
6TKEMrANsi263luR6AsZ9f6GFPbUbSDKWeYJ/qXzHRZgx7mCTvDte6qq6Ug+Oed6
cIMFDwEXi9Yn8yYmA1xszEA7qmlvxZFkVMLtNRa68marmmvqu79B3M+PfUj9cqrv
e+VzVLQWMvZ0ZiGhTjoDNHU/heS+BwtzoH/vp5UXjvzUYGW51rNiMjO/GnaTclBb
dn2ICFW/EpxudTHaEvPHHV0Bq7iqq/gtSnkZHMwT/5giVw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org