Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/32MPq9XBPKOa1ZAz7gkb9ci71dQ.roa
File: 32MPq9XBPKOa1ZAz7gkb9ci71dQ.roa (raw, json)
Hash identifier: 7R0aZ20Dr0s+g3jvH7ghUtlzbn+hFf1XbuxRLRyoE7o=
Subject key identifier: DF:63:0F:AB:D5:C1:3C:A3:9A:D5:90:33:EE:09:1B:F5:C8:BB:D5:D4
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/32MPq9XBPKOa1ZAz7gkb9ci71dQ.roa
Signing time: Thu 15 Sep 2022 02:47:19 +0000
ROA not before: Thu 15 Sep 2022 02:47:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9924
IP address blocks: 61.30.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3529 (0xdc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 15 02:47:19 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DF630FABD5C13CA39AD59033EE091BF5C8BBD5D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:0e:a2:d2:e9:64:00:09:50:11:c8:12:2d:
88:a9:e5:6d:3e:cc:f1:6f:b4:e4:8b:4b:ab:0f:83:
cf:88:ce:3c:f0:a8:f8:c1:96:b4:d6:d6:38:dc:22:
2f:c1:38:dc:4c:78:80:d6:4d:4e:57:8f:8e:4d:d2:
ee:54:bd:0e:09:3b:42:ee:2d:a7:1a:fc:4d:e7:8f:
36:a2:01:b0:ae:ac:cf:0f:7b:2b:15:4d:b3:77:c3:
1d:36:51:cb:ac:56:0b:60:4d:d2:ff:95:9b:f7:49:
0d:f7:cb:0d:cc:81:d8:c7:c2:b0:85:5f:91:fa:64:
b8:a0:f8:2c:c1:e6:f3:fc:0f:b7:6c:a0:14:38:f5:
c4:03:4e:dd:d0:3b:e3:7b:80:1d:78:18:6f:07:4a:
28:6c:79:c0:6d:fb:85:9a:b1:40:c3:50:b6:de:2e:
03:d6:d3:66:0f:93:2a:ec:b6:ee:d6:0e:d6:d3:2f:
2a:bd:a8:f5:ea:26:d7:8b:0c:b6:a7:d7:b7:cc:52:
a3:d7:f5:de:cf:c5:ab:03:64:b6:b8:c7:54:fe:d4:
09:98:d3:e1:6c:90:ef:ae:0c:74:d9:d1:7e:ec:b8:
ac:6e:2a:4a:5c:2b:79:ac:5b:dc:2c:f9:3b:93:a9:
a9:db:c2:f8:a7:89:5c:76:35:f8:56:ac:86:45:77:
d6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:63:0F:AB:D5:C1:3C:A3:9A:D5:90:33:EE:09:1B:F5:C8:BB:D5:D4
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/32MPq9XBPKOa1ZAz7gkb9ci71dQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.30.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:75:3d:75:81:cd:ec:d6:b7:49:28:0e:a4:7c:1c:0b:6f:5b:
13:71:64:44:8e:6b:a2:04:e7:56:cd:b2:f9:3f:4d:97:c4:2c:
97:e6:bc:6b:23:c6:59:c8:09:48:3c:f9:4b:97:85:d8:b1:df:
d1:6e:89:d1:c8:0a:44:d3:22:cf:f7:42:c9:19:8a:7b:31:78:
89:5b:58:c3:ee:34:2b:71:b4:fd:e7:61:f0:0c:5a:71:8e:2e:
f6:d1:ce:fd:72:17:d0:13:2c:01:d1:1d:d3:3b:b4:24:00:34:
b9:41:ab:24:2f:a7:e0:85:8f:5b:e9:40:3c:7f:18:a7:d1:fa:
7d:63:a9:bc:9a:18:09:34:3b:18:eb:29:44:4c:62:3a:17:c1:
71:75:05:da:62:af:7c:4e:74:ee:e8:9a:8b:d8:ff:14:09:db:
d0:33:80:e7:48:e6:76:af:0a:3b:80:0c:cd:25:e9:c5:38:1f:
f2:31:fc:39:b7:af:77:0b:2f:18:d5:a0:c5:da:61:69:81:c3:
35:17:18:0d:d2:c5:0f:be:bb:3e:c3:b2:af:6d:db:31:42:6f:
b4:49:ad:ed:a3:65:c9:35:fa:af:f7:75:72:42:db:90:33:5d:
41:e4:96:2d:73:89:80:4d:ae:10:40:8b:d6:56:23:e5:bd:0c:
2e:82:51:57
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ3MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERGNjMwRkFCRDVDMTND
QTM5QUQ1OTAzM0VFMDkxQkY1QzhCQkQ1RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLWg6i0ulkAAlQEcgSLYip5W0+zPFvtOSLS6sPg8+IzjzwqPjB
lrTW1jjcIi/BONxMeIDWTU5Xj45N0u5UvQ4JO0LuLaca/E3njzaiAbCurM8PeysV
TbN3wx02UcusVgtgTdL/lZv3SQ33yw3MgdjHwrCFX5H6ZLig+CzB5vP8D7dsoBQ4
9cQDTt3QO+N7gB14GG8HSihsecBt+4WasUDDULbeLgPW02YPkyrstu7WDtbTLyq9
qPXqJteLDLan17fMUqPX9d7PxasDZLa4x1T+1AmY0+FskO+uDHTZ0X7suKxuKkpc
K3msW9ws+TuTqanbwviniVx2NfhWrIZFd9ZJAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQU32MPq9XBPKOa1ZAz7gkb9ci71dQwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvMzJNUHE5WEJQS09hMVpB
ejdna2I5Y2k3MWRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AD0eMA0GCSqGSIb3DQEBCwUAA4IBAQAkdT11gc3s1rdJKA6kfBwLb1sTcWREjmui
BOdWzbL5P02XxCyX5rxrI8ZZyAlIPPlLl4XYsd/RbonRyApE0yLP90LJGYp7MXiJ
W1jD7jQrcbT952HwDFpxji720c79chfQEywB0R3TO7QkADS5QaskL6fghY9b6UA8
fxin0fp9Y6m8mhgJNDsY6ylETGI6F8FxdQXaYq98TnTu6JqL2P8UCdvQM4DnSOZ2
rwo7gAzNJenFOB/yMfw5t693Cy8Y1aDF2mFpgcM1FxgN0sUPvrs+w7KvbdsxQm+0
Sa3to2XJNfqv93VyQtuQM11B5JYtc4mATa4QQIvWViPlvQwuglFX
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:49 2023 by rpki-client on console-ams.rpki-client.org