Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/aPpVHsLFfMkHrMqZxh2nPjAx_LI.roa
File: aPpVHsLFfMkHrMqZxh2nPjAx_LI.roa (raw, json)
Hash identifier: rIjkrB1RCnu3hx7icl7Ij4ysiYwWW1+/P1HjzFAxQ24=
Subject key identifier: 68:FA:55:1E:C2:C5:7C:C9:07:AC:CA:99:C6:1D:A7:3E:30:31:FC:B2
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0AB1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/aPpVHsLFfMkHrMqZxh2nPjAx_LI.roa
Signing time: Thu 15 Sep 2022 02:41:46 +0000
ROA not before: Thu 15 Sep 2022 02:41:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 103.234.228.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 15 02:41:46 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=68FA551EC2C57CC907ACCA99C61DA73E3031FCB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:56:a5:29:a6:e8:b2:b0:44:a8:e7:f6:c1:87:
f7:6e:b1:80:30:2c:bb:06:e2:79:92:db:a8:0a:af:
53:1b:0f:6b:cb:b7:88:37:1d:27:9e:9c:0d:0a:f0:
a4:d2:0f:61:00:42:e6:8b:c0:62:b6:a4:1f:ca:fe:
72:6c:79:d9:ac:9c:a3:62:e9:57:68:05:76:e6:c9:
be:80:c3:19:1e:43:80:ac:81:bc:3a:8a:0f:6b:8b:
74:81:00:e9:b1:14:35:e2:53:43:f8:ee:6d:50:f3:
ec:ec:fb:10:bb:59:9c:fc:53:60:a7:45:22:e6:82:
cf:12:33:53:29:c4:c6:8d:fd:34:73:1e:79:08:b5:
6c:83:9f:1a:c0:2a:78:c3:82:5e:78:32:70:8e:58:
91:58:cc:dd:ed:a0:d9:f1:23:56:64:38:d1:61:25:
10:ef:b5:ae:56:3a:02:42:c7:6f:65:50:26:a4:69:
d4:1a:cb:d3:4b:3a:d2:66:ed:e3:1e:30:bd:1a:a4:
5f:b3:24:bb:a8:14:9f:0e:42:8e:66:ca:28:8c:43:
1d:0e:8c:1a:f9:28:b1:94:0c:f4:48:98:02:6c:30:
50:fe:f7:0a:ed:52:93:19:d0:c4:36:f3:05:bc:ff:
fb:31:b0:57:13:da:90:82:36:42:df:76:b5:d6:96:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FA:55:1E:C2:C5:7C:C9:07:AC:CA:99:C6:1D:A7:3E:30:31:FC:B2
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/aPpVHsLFfMkHrMqZxh2nPjAx_LI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.228.0/22
Signature Algorithm: sha256WithRSAEncryption
31:5d:ec:7a:7a:90:cc:97:28:9c:fb:58:ca:87:01:dd:8f:44:
8b:fa:50:c4:22:a4:ed:e1:a8:a0:cd:af:2a:34:9e:a7:b5:c4:
fc:23:3a:29:a2:05:81:31:96:06:c0:b5:e9:81:fd:2b:15:fc:
f2:cc:e8:3c:db:bd:b4:e4:33:aa:1d:00:35:d3:89:76:c1:1a:
41:30:31:06:46:64:51:41:e7:e1:3f:dd:b1:fc:91:28:37:4f:
7d:e7:9d:da:b7:12:a6:57:d2:13:f3:eb:e8:e5:cc:3c:71:44:
f9:c4:f7:b5:b6:b9:55:8a:72:31:db:85:89:cd:2e:e2:fe:e5:
1d:a5:40:e3:87:46:4e:0c:76:a2:b6:2c:ad:c0:ff:bb:5a:32:
76:7d:e8:e1:16:fa:da:3e:09:53:5c:8c:bd:3f:6a:10:6c:0c:
64:91:bc:be:f5:f2:be:4e:48:ac:d0:44:6c:bc:10:8f:27:2b:
55:84:ed:4f:5f:b7:39:ef:c6:6b:92:ef:90:91:b5:b1:15:e9:
c3:91:3c:77:8b:c7:84:b2:21:7c:97:39:d8:a8:8b:0c:b2:cb:
32:48:22:41:bf:d8:ca:e6:a8:74:4c:c4:08:b3:b1:88:29:b0:
1d:2c:a6:2c:ac:19:c3:99:bb:4a:21:de:7b:da:29:36:f0:43:
bb:c1:f3:ba
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMjA5MTUw
MjQxNDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY4RkE1NTFFQzJDNTdD
QzkwN0FDQ0E5OUM2MURBNzNFMzAzMUZDQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSVqUppuiysESo5/bBh/dusYAwLLsG4nmS26gKr1MbD2vLt4g3
HSeenA0K8KTSD2EAQuaLwGK2pB/K/nJsedmsnKNi6VdoBXbmyb6AwxkeQ4Csgbw6
ig9ri3SBAOmxFDXiU0P47m1Q8+zs+xC7WZz8U2CnRSLmgs8SM1MpxMaN/TRzHnkI
tWyDnxrAKnjDgl54MnCOWJFYzN3toNnxI1ZkONFhJRDvta5WOgJCx29lUCakadQa
y9NLOtJm7eMeML0apF+zJLuoFJ8OQo5myiiMQx0OjBr5KLGUDPRImAJsMFD+9wrt
UpMZ0MQ28wW8//sxsFcT2pCCNkLfdrXWlrn5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUaPpVHsLFfMkHrMqZxh2nPjAx/LIwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9hUHBWSHNMRmZNa0hyTXFaeGgy
blBqQXhfTEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+rk
MA0GCSqGSIb3DQEBCwUAA4IBAQAxXex6epDMlyic+1jKhwHdj0SL+lDEIqTt4aig
za8qNJ6ntcT8IzopogWBMZYGwLXpgf0rFfzyzOg827205DOqHQA104l2wRpBMDEG
RmRRQefhP92x/JEoN099553atxKmV9IT8+vo5cw8cUT5xPe1trlVinIx24WJzS7i
/uUdpUDjh0ZODHaitiytwP+7WjJ2fejhFvraPglTXIy9P2oQbAxkkby+9fK+Tkis
0ERsvBCPJytVhO1PX7c578Zrku+QkbWxFenDkTx3i8eEsiF8lznYqIsMsssySCJB
v9jK5qh0TMQIs7GIKbAdLKYsrBnDmbtKId572ik28EO7wfO6
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:18:40 2023 by rpki-client on console-fra.rpki-client.org