Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/xWmZl0okYDpfSHCqQk6yxyElR74.roa
File: xWmZl0okYDpfSHCqQk6yxyElR74.roa (raw, json)
Hash identifier: EQJBm4+USa31v77ea/Q3DkehvsyJkBUWl4xxdIj7SCM=
Subject key identifier: C5:69:99:97:4A:24:60:3A:5F:48:70:AA:42:4E:B2:C7:21:25:47:BE
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1041
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xWmZl0okYDpfSHCqQk6yxyElR74.roa
Signing time: Wed 01 Feb 2023 10:28:19 +0000
ROA not before: Wed 01 Feb 2023 10:28:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 123.205.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4161 (0x1041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C56999974A24603A5F4870AA424EB2C7212547BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:56:9c:1d:4f:18:ea:b9:88:74:40:30:66:95:
99:8e:a0:f1:a6:5d:4b:3d:3d:8a:64:0f:8b:f1:52:
cb:b7:63:a3:82:11:4c:f7:4c:dd:eb:1b:93:01:35:
c0:cc:79:de:8b:67:51:29:df:b2:cb:c2:8d:16:f7:
00:c6:6d:cb:c2:55:9d:9f:52:6b:df:08:f9:0a:1a:
f0:2f:fe:d1:47:0a:f2:fc:6d:1c:ad:cf:1f:70:22:
32:1c:e6:68:04:bb:3b:5f:cc:42:d6:89:47:32:26:
bd:5a:e6:36:da:5b:41:8a:0d:4a:63:64:31:49:b1:
46:21:7e:e9:51:a8:e4:07:9d:68:e2:a7:d1:ce:3c:
52:59:6e:94:3e:af:76:c1:b2:3f:b5:db:3a:4d:8f:
19:50:3a:db:b5:fb:29:c1:b1:db:f4:bb:71:78:25:
bf:b6:99:52:7c:85:e0:c4:72:f7:83:da:b5:54:5c:
4c:1c:88:bc:59:c2:9a:48:28:db:a4:45:18:7b:73:
80:45:18:32:64:0e:f6:29:b4:bc:b1:b3:5f:73:fa:
59:c4:ce:bc:9a:3f:b0:f3:3f:96:5e:83:25:16:d1:
76:da:c9:60:44:af:2d:4c:cf:3c:e4:b7:18:00:ac:
1d:29:c8:c8:32:67:ec:6f:03:e7:8f:0c:a1:70:7f:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:69:99:97:4A:24:60:3A:5F:48:70:AA:42:4E:B2:C7:21:25:47:BE
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xWmZl0okYDpfSHCqQk6yxyElR74.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.205.105.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:3e:9e:af:c9:0b:03:f9:de:1e:17:73:56:a5:cb:b9:95:b8:
58:f0:7a:4f:a4:ec:e0:52:e2:e5:dd:bc:9f:e0:21:3c:3a:6e:
9a:59:56:a6:8e:06:6a:5b:04:df:3a:b2:98:30:63:68:be:d0:
d3:8e:d7:51:ca:8c:83:09:f0:53:88:cd:84:d0:03:04:5f:b2:
eb:8b:71:d6:27:ff:bb:a2:bc:be:3d:5f:46:ed:21:38:a5:0d:
63:74:be:9c:66:c6:25:02:8f:ed:c3:44:49:ef:7e:1f:bf:32:
4b:ea:d1:3e:7a:c4:44:17:31:67:9e:91:54:23:57:d6:48:5b:
71:6b:bc:14:bf:c2:c6:65:ed:c5:83:10:fc:b4:4d:72:97:f8:
d9:37:e5:19:24:45:d8:7b:26:a7:d4:60:bf:e0:fc:0b:d9:c6:
d9:ed:e5:0d:34:cd:d7:aa:78:0f:8b:56:32:2b:bb:88:70:90:
eb:11:19:a4:e2:44:a3:0b:5c:8d:99:67:26:e5:02:3c:65:f4:
79:de:9b:b7:cd:9b:94:09:0b:cc:cb:92:9c:ff:d5:27:3c:eb:
97:40:5c:fa:db:c0:87:d8:67:42:53:81:aa:09:49:26:98:ff:
a7:fc:8d:6d:75:2a:24:84:99:f2:21:1a:d1:be:45:cb:85:6b:
36:b3:27:5f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEEEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM1Njk5OTk3NEEyNDYw
M0E1RjQ4NzBBQTQyNEVCMkM3MjEyNTQ3QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKVpwdTxjquYh0QDBmlZmOoPGmXUs9PYpkD4vxUsu3Y6OCEUz3
TN3rG5MBNcDMed6LZ1Ep37LLwo0W9wDGbcvCVZ2fUmvfCPkKGvAv/tFHCvL8bRyt
zx9wIjIc5mgEuztfzELWiUcyJr1a5jbaW0GKDUpjZDFJsUYhfulRqOQHnWjip9HO
PFJZbpQ+r3bBsj+12zpNjxlQOtu1+ynBsdv0u3F4Jb+2mVJ8heDEcveD2rVUXEwc
iLxZwppIKNukRRh7c4BFGDJkDvYptLyxs19z+lnEzryaP7DzP5ZegyUW0XbayWBE
ry1MzzzktxgArB0pyMgyZ+xvA+ePDKFwf6pZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxWmZl0okYDpfSHCqQk6yxyElR74wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveFdtWmwwb2tZRHBmU0hDcVFrNnl4
eUVsUjc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHvNaTAN
BgkqhkiG9w0BAQsFAAOCAQEAqT6er8kLA/neHhdzVqXLuZW4WPB6T6Ts4FLi5d28
n+AhPDpumllWpo4GalsE3zqymDBjaL7Q047XUcqMgwnwU4jNhNADBF+y64tx1if/
u6K8vj1fRu0hOKUNY3S+nGbGJQKP7cNESe9+H78yS+rRPnrERBcxZ56RVCNX1khb
cWu8FL/CxmXtxYMQ/LRNcpf42TflGSRF2Hsmp9Rgv+D8C9nG2e3lDTTN16p4D4tW
Miu7iHCQ6xEZpOJEowtcjZlnJuUCPGX0ed6bt82blAkLzMuSnP/VJzzrl0Bc+tvA
h9hnQlOBqglJJpj/p/yNbXUqJISZ8iEa0b5Fy4VrNrMnXw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org