Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/z3Ix1la-I8xclX2CkEBM9eMIEaM.roa
File: z3Ix1la-I8xclX2CkEBM9eMIEaM.roa (raw, json)
Hash identifier: dfMJqBhMiSQ1PZRNpk8tWeCnS6pBPmATM0njXLHSVmE=
Subject key identifier: CF:72:31:D6:56:BE:23:CC:5C:95:7D:82:90:40:4C:F5:E3:08:11:A3
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1105
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/z3Ix1la-I8xclX2CkEBM9eMIEaM.roa
Signing time: Wed 01 Feb 2023 10:29:22 +0000
ROA not before: Wed 01 Feb 2023 10:29:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 106.105.112.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4357 (0x1105)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:29:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CF7231D656BE23CC5C957D8290404CF5E30811A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9a:94:53:76:00:7a:c2:d5:3d:a4:93:20:e2:
94:8e:aa:02:67:c4:7a:87:0b:d4:ec:3c:39:01:ff:
16:82:44:f1:d5:4a:4f:ca:0c:e0:9b:fc:45:a4:5b:
a0:36:9f:bd:ab:7a:19:92:ea:7d:72:a4:69:46:6a:
d0:34:cc:c7:ab:99:b5:67:3c:34:3a:4a:43:db:f1:
68:1d:3f:93:34:90:94:66:2a:3f:ec:2a:a6:6d:05:
8e:24:83:43:9b:16:58:80:32:fd:b7:6e:15:27:ae:
ac:c1:63:c7:50:2a:72:17:b7:61:86:84:9d:b5:a8:
19:5d:76:5f:f2:71:48:bb:af:7d:6a:52:e2:22:bd:
6f:cc:3e:8a:dd:02:de:5e:a4:5c:c8:e2:62:33:6a:
54:a6:84:c4:85:80:05:ac:81:92:04:8d:6d:e0:64:
44:ec:d9:c6:43:4b:18:18:e6:bf:60:58:7d:3a:d6:
15:58:85:f2:b9:88:fb:14:62:06:86:af:17:50:eb:
be:2e:63:a1:03:6c:6d:fc:6f:8c:92:aa:73:e0:e9:
c0:c7:70:83:3d:76:ce:7b:d0:77:6e:02:2d:15:81:
55:b2:17:f6:64:40:cf:1d:e7:7c:f1:7f:ca:7e:e1:
f5:47:de:d0:bc:bb:3c:dd:39:42:ce:0d:f1:74:46:
c2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:72:31:D6:56:BE:23:CC:5C:95:7D:82:90:40:4C:F5:E3:08:11:A3
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/z3Ix1la-I8xclX2CkEBM9eMIEaM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.112.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:1e:c1:4b:36:4d:c2:57:24:e9:73:f6:a7:3c:7a:c8:7f:ce:
59:74:68:6f:10:af:e2:75:30:bc:d7:a8:d6:80:e5:63:ca:43:
fd:d2:57:3b:d5:d5:c9:7a:46:6d:e1:cc:63:ce:74:d8:9a:e1:
47:ac:63:eb:f3:1d:f9:8b:c6:33:3c:db:9b:41:c9:c4:49:09:
3d:d8:52:38:86:6e:97:de:fd:e7:71:c9:86:1b:50:d7:6e:e9:
50:8c:da:91:d9:ed:5a:2e:09:e2:09:19:1f:9e:f3:31:ea:4b:
a5:7d:14:a9:ab:a9:44:c0:e4:41:6b:da:35:39:72:8d:0a:5e:
04:3d:8a:5e:3f:0f:15:b0:e2:00:89:d6:0c:b0:7e:af:f3:e8:
6e:2b:70:2a:79:97:f9:ad:ea:21:73:c0:52:16:2c:0f:25:07:
c0:bb:03:46:10:66:c1:d7:1b:54:c9:90:62:da:50:a6:40:0c:
1e:cd:e5:fe:c4:de:7e:80:60:28:b6:4b:16:68:23:6b:7c:dc:
c9:87:c8:17:58:0d:bb:6d:86:9a:37:de:fb:af:6d:e7:35:5a:
06:f6:15:65:b5:b7:f9:df:28:1f:78:84:1d:0c:6e:24:25:ce:
b1:c8:62:a8:7c:aa:6d:bc:e5:ed:68:9c:24:4d:4b:bd:42:61:
41:21:bd:67
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI5MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENGNzIzMUQ2NTZCRTIz
Q0M1Qzk1N0Q4MjkwNDA0Q0Y1RTMwODExQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDimpRTdgB6wtU9pJMg4pSOqgJnxHqHC9TsPDkB/xaCRPHVSk/K
DOCb/EWkW6A2n72rehmS6n1ypGlGatA0zMermbVnPDQ6SkPb8WgdP5M0kJRmKj/s
KqZtBY4kg0ObFliAMv23bhUnrqzBY8dQKnIXt2GGhJ21qBlddl/ycUi7r31qUuIi
vW/MPordAt5epFzI4mIzalSmhMSFgAWsgZIEjW3gZETs2cZDSxgY5r9gWH061hVY
hfK5iPsUYgaGrxdQ674uY6EDbG38b4ySqnPg6cDHcIM9ds570HduAi0VgVWyF/Zk
QM8d53zxf8p+4fVH3tC8uzzdOULODfF0RsLLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz3Ix1la+I8xclX2CkEBM9eMIEaMwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvejNJeDFsYS1JOHhjbFgyQ2tFQk05
ZU1JRWFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBGppcDAN
BgkqhkiG9w0BAQsFAAOCAQEAqR7BSzZNwlck6XP2pzx6yH/OWXRobxCv4nUwvNeo
1oDlY8pD/dJXO9XVyXpGbeHMY8502JrhR6xj6/Md+YvGMzzbm0HJxEkJPdhSOIZu
l97953HJhhtQ127pUIzakdntWi4J4gkZH57zMepLpX0UqaupRMDkQWvaNTlyjQpe
BD2KXj8PFbDiAInWDLB+r/PobitwKnmX+a3qIXPAUhYsDyUHwLsDRhBmwdcbVMmQ
YtpQpkAMHs3l/sTefoBgKLZLFmgja3zcyYfIF1gNu22Gmjfe+69t5zVaBvYVZbW3
+d8oH3iEHQxuJCXOschiqHyqbbzl7WicJE1LvUJhQSG9Zw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:52:51 2023 by rpki-client on console-ams.rpki-client.org