Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/CXhhUcpBixLotDDe3enJ1tGedHw.roa
File: CXhhUcpBixLotDDe3enJ1tGedHw.roa (raw, json)
Hash identifier: XOEBYXWQbQk/HBmR23WCAgE3euHUqDxu0J/42foTm7k=
Subject key identifier: 09:78:61:51:CA:41:8B:12:E8:B4:30:DE:DD:E9:C9:D6:D1:9E:74:7C
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 21D8
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/CXhhUcpBixLotDDe3enJ1tGedHw.roa
Signing time: Fri 25 Nov 2022 04:40:28 +0000
ROA not before: Fri 25 Nov 2022 04:40:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 118.233.144.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8664 (0x21d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:40:28 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=09786151CA418B12E8B430DEDDE9C9D6D19E747C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:79:71:aa:2a:ae:88:e8:05:42:1d:53:5e:
ea:1d:02:b9:b2:10:c3:2f:31:52:0e:07:0f:37:75:
2f:64:1e:5d:ca:83:3b:82:72:5f:e5:50:56:d6:f8:
da:a6:64:de:af:e0:26:90:39:48:39:7d:14:cd:05:
3d:a6:23:3c:e2:80:93:6b:b2:42:d9:5b:06:4b:1f:
19:87:42:dc:c8:e6:b1:b4:7a:5b:7a:99:d9:e8:e2:
c3:0b:24:d8:79:30:b0:8d:79:3c:33:e8:61:66:76:
b3:99:21:49:f5:a5:45:92:26:25:a0:9e:47:82:09:
a6:b0:b9:65:55:20:4c:d2:74:70:48:ce:47:de:11:
00:5b:09:72:6c:7e:ec:2e:80:e9:19:1f:97:5f:5a:
59:62:58:78:5a:ae:55:3a:76:40:01:bc:64:d9:12:
5c:9a:92:70:81:61:a1:8f:e7:da:ed:be:1e:f7:ce:
01:c1:0c:2e:94:ba:a5:46:73:12:a8:1b:3b:8a:e0:
8b:a8:3d:74:e7:9e:75:d1:90:0e:d9:1a:53:98:24:
7f:dc:fe:fd:ca:b6:d5:f3:f6:40:f2:bb:10:ea:2b:
5a:06:5c:4e:a2:d2:f7:1a:a1:73:e5:88:8c:24:90:
64:71:4b:5c:50:49:f9:09:9a:75:1e:f8:e3:6c:be:
00:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:78:61:51:CA:41:8B:12:E8:B4:30:DE:DD:E9:C9:D6:D1:9E:74:7C
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/CXhhUcpBixLotDDe3enJ1tGedHw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.233.144.0/21
Signature Algorithm: sha256WithRSAEncryption
29:cc:cd:10:28:12:8e:cc:79:78:25:26:e9:96:9d:4d:a2:7e:
f9:da:ca:a3:8c:90:d8:7b:26:1f:57:f9:db:75:73:77:c5:28:
c4:93:6b:56:8a:5f:44:a2:08:66:bc:c7:ec:cf:8a:e1:6f:30:
50:d3:ce:59:07:96:34:46:bb:a8:5e:a3:de:87:73:1e:e9:0a:
f9:42:a8:87:6d:15:bf:a8:cb:2b:2a:6b:f4:2c:16:83:03:d5:
d5:5e:02:8e:c5:99:87:ee:ce:21:fa:f6:94:1c:17:d8:18:dd:
07:57:53:e7:0c:43:2a:e2:e3:ef:e8:3a:40:2e:a4:f2:d7:cf:
00:28:91:d1:b9:86:bb:f2:82:2f:e5:03:aa:64:3e:b6:70:25:
d4:b3:a7:e4:1f:4a:bd:24:f9:e0:37:9e:b2:3c:a1:0a:d7:62:
02:06:38:26:c0:48:0a:3a:b8:30:da:c9:9a:14:52:58:04:67:
8b:1b:f6:6f:41:05:41:5d:19:5c:f1:a5:cf:b4:6f:af:47:bd:
93:a1:9b:64:7b:ef:18:7f:ad:57:f3:5c:81:c4:b2:39:04:c7:
9c:0a:87:6b:fc:28:1a:ea:6f:67:6f:a2:07:ff:56:c9:4e:e2:
cc:56:55:ee:2b:9f:f2:40:8f:a9:81:f0:06:7d:96:51:b0:74:
ac:34:06:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQwMjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA5Nzg2MTUxQ0E0MThC
MTJFOEI0MzBERURERTlDOUQ2RDE5RTc0N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3NHlxqiquiOgFQh1TXuodArmyEMMvMVIOBw83dS9kHl3KgzuC
cl/lUFbW+NqmZN6v4CaQOUg5fRTNBT2mIzzigJNrskLZWwZLHxmHQtzI5rG0elt6
mdno4sMLJNh5MLCNeTwz6GFmdrOZIUn1pUWSJiWgnkeCCaawuWVVIEzSdHBIzkfe
EQBbCXJsfuwugOkZH5dfWlliWHharlU6dkABvGTZElyaknCBYaGP59rtvh73zgHB
DC6UuqVGcxKoGzuK4IuoPXTnnnXRkA7ZGlOYJH/c/v3KttXz9kDyuxDqK1oGXE6i
0vcaoXPliIwkkGRxS1xQSfkJmnUe+ONsvgDNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCXhhUcpBixLotDDe3enJ1tGedHwwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0NYaGhVY3BCaXhMb3RERGUz
ZW5KMXRHZWRIdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6ZAwDQYJKoZIhvcNAQELBQADggEBACnMzRAoEo7MeXglJumWnU2ifvnayqOMkNh7
Jh9X+dt1c3fFKMSTa1aKX0SiCGa8x+zPiuFvMFDTzlkHljRGu6heo96Hcx7pCvlC
qIdtFb+oyysqa/QsFoMD1dVeAo7FmYfuziH69pQcF9gY3QdXU+cMQyri4+/oOkAu
pPLXzwAokdG5hrvygi/lA6pkPrZwJdSzp+QfSr0k+eA3nrI8oQrXYgIGOCbASAo6
uDDayZoUUlgEZ4sb9m9BBUFdGVzxpc+0b69HvZOhm2R77xh/rVfzXIHEsjkEx5wK
h2v8KBrqb2dvogf/VslO4sxWVe4rn/JAj6mB8AZ9llGwdKw0BrY=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:22 2023 by rpki-client on console-ams.rpki-client.org