Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/yzp9dtegP6lttvCRo3mkplCzbrc.roa
File: yzp9dtegP6lttvCRo3mkplCzbrc.roa (raw, json)
Hash identifier: PF3ukY/Jf9tAbAs9d+V0nHy4/dYeDhppQ1CegAiTum0=
Subject key identifier: CB:3A:7D:76:D7:A0:3F:A9:6D:B6:F0:91:A3:79:A4:A6:50:B3:6E:B7
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0DC9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/yzp9dtegP6lttvCRo3mkplCzbrc.roa
Signing time: Thu 15 Sep 2022 02:46:51 +0000
ROA not before: Thu 15 Sep 2022 02:46:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131597
IP address blocks: 219.86.64.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3529 (0xdc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 15 02:46:51 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CB3A7D76D7A03FA96DB6F091A379A4A650B36EB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bd:1f:47:53:64:fd:38:fb:4f:a2:26:0a:5f:
cf:fc:4f:07:7c:a1:50:f2:59:0e:75:b3:66:98:8e:
ec:19:b7:2b:dc:58:6d:1c:7c:93:3d:da:42:ff:6c:
44:f7:74:40:21:0f:26:62:69:c0:62:a2:94:1a:7c:
b8:f1:a0:36:be:f6:ec:e0:89:61:5d:4f:0f:82:c2:
70:58:1c:94:14:c0:6b:05:bc:26:e9:31:d8:d5:b2:
c8:d0:49:48:e3:4f:7c:9b:e5:19:c6:2e:e1:98:0e:
4e:71:96:fc:86:61:f0:a7:a6:14:98:6d:ba:cc:a1:
22:5d:c3:38:66:51:7a:d2:ba:03:e5:5a:43:08:d7:
1d:a3:1b:cb:9d:93:bd:0d:58:e6:22:d6:16:a6:70:
d3:26:ca:7c:cc:5e:01:ce:34:3b:d4:16:a2:64:1f:
bb:dd:6a:9b:f5:41:4e:ee:a1:50:fc:6b:1a:f1:c7:
ad:56:ff:d5:a1:fb:42:18:ef:28:f6:bb:d1:e8:52:
1c:62:d1:01:15:0b:16:27:91:87:51:6e:d4:3e:b2:
80:ea:e3:5d:d8:cb:4d:8a:9b:1c:11:e0:ac:78:5e:
e5:31:f0:1e:79:cc:fc:a6:0a:d8:f9:c4:ab:f9:30:
98:ea:aa:1e:e2:ef:0b:a8:56:b4:e0:8a:26:b8:c1:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3A:7D:76:D7:A0:3F:A9:6D:B6:F0:91:A3:79:A4:A6:50:B3:6E:B7
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/yzp9dtegP6lttvCRo3mkplCzbrc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.86.64.0/21
Signature Algorithm: sha256WithRSAEncryption
16:15:40:db:9b:3c:e3:8d:3c:e1:a4:50:eb:16:f4:63:12:69:
2b:8e:f3:62:9e:42:75:5d:81:bb:ef:67:2c:5c:a4:f4:3d:4e:
05:82:52:1f:b6:f3:51:29:97:fc:49:8c:76:41:e4:a7:d1:8d:
e3:63:2f:08:56:b3:30:d8:40:5b:28:7c:62:1e:64:60:3a:ce:
f9:a3:b3:19:aa:21:51:4f:f6:fb:b1:3e:db:2f:6e:7b:3c:37:
31:9f:fa:b4:eb:1d:c0:64:cc:82:18:8c:a1:7d:42:c7:54:04:
33:62:e6:a6:45:93:f5:02:b9:75:84:4f:71:0f:e3:94:51:1b:
86:87:77:09:b7:22:5e:6d:7d:49:a8:6d:15:52:c7:c9:2b:63:
3e:8e:18:07:d6:7e:c4:f5:29:bf:5c:d3:26:2c:58:d2:8d:0a:
58:3d:63:e6:01:e4:9b:21:fe:cd:9a:e9:6b:e5:9f:87:2d:e9:
cd:92:d9:71:3f:d3:a2:99:19:b5:ad:23:79:cf:5d:6e:eb:ff:
0b:b2:9a:14:4f:d1:07:0b:ad:ee:54:fb:3d:23:10:e4:42:e5:
f9:e4:c6:bc:d4:34:6c:4d:0f:b7:a4:96:33:72:41:c0:97:04:
51:3b:65:9c:49:01:db:88:f5:de:b2:0d:6e:9d:48:cf:e8:08:
8e:87:22:68
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMjA5MTUw
MjQ2NTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENCM0E3RDc2RDdBMDNG
QTk2REI2RjA5MUEzNzlBNEE2NTBCMzZFQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOvR9HU2T9OPtPoiYKX8/8Twd8oVDyWQ51s2aYjuwZtyvcWG0c
fJM92kL/bET3dEAhDyZiacBiopQafLjxoDa+9uzgiWFdTw+CwnBYHJQUwGsFvCbp
MdjVssjQSUjjT3yb5RnGLuGYDk5xlvyGYfCnphSYbbrMoSJdwzhmUXrSugPlWkMI
1x2jG8udk70NWOYi1hamcNMmynzMXgHONDvUFqJkH7vdapv1QU7uoVD8axrxx61W
/9Wh+0IY7yj2u9HoUhxi0QEVCxYnkYdRbtQ+soDq413Yy02KmxwR4Kx4XuUx8B55
zPymCtj5xKv5MJjqqh7i7wuoVrTgiia4wbRnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyzp9dtegP6lttvCRo3mkplCzbrcwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQveXpwOWR0ZWdQNmx0dHZD
Um8zbWtwbEN6YnJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
A9tWQDANBgkqhkiG9w0BAQsFAAOCAQEAFhVA25s844084aRQ6xb0YxJpK47zYp5C
dV2Bu+9nLFyk9D1OBYJSH7bzUSmX/EmMdkHkp9GN42MvCFazMNhAWyh8Yh5kYDrO
+aOzGaohUU/2+7E+2y9uezw3MZ/6tOsdwGTMghiMoX1Cx1QEM2LmpkWT9QK5dYRP
cQ/jlFEbhod3CbciXm19SahtFVLHyStjPo4YB9Z+xPUpv1zTJixY0o0KWD1j5gHk
myH+zZrpa+Wfhy3pzZLZcT/TopkZta0jec9dbuv/C7KaFE/RBwut7lT7PSMQ5ELl
+eTGvNQ0bE0Pt6SWM3JBwJcEUTtlnEkB24j13rINbp1Iz+gIjociaA==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:21:50 2023 by rpki-client on console-ams.rpki-client.org