Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/TNlOMmoM4ul2zFUZOxQUtcCO860.roa
File: TNlOMmoM4ul2zFUZOxQUtcCO860.roa (raw, json)
Hash identifier: XI//HXs3DCl/psab8phR4w6YyOmM9Co046SViGPW1gw=
Subject key identifier: 4C:D9:4E:32:6A:0C:E2:E9:76:CC:55:19:3B:14:14:B5:C0:8E:F3:AD
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 22CE
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/TNlOMmoM4ul2zFUZOxQUtcCO860.roa
Signing time: Fri 25 Nov 2022 04:41:40 +0000
ROA not before: Fri 25 Nov 2022 04:41:40 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9924
IP address blocks: 123.195.224.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8910 (0x22ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:41:40 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4CD94E326A0CE2E976CC55193B1414B5C08EF3AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:48:b1:28:9f:50:53:db:c6:cb:c6:2b:92:
ea:6c:60:76:65:c1:5a:48:7f:2a:07:3b:95:05:b9:
b0:f9:f8:1e:90:8a:66:63:ce:0c:bc:75:cc:b3:be:
90:51:d0:fb:a4:f9:36:aa:e2:09:e8:4d:39:4a:ac:
81:8a:8a:b8:f3:83:19:5b:4e:9b:42:ac:b0:ea:a4:
9c:2a:7c:70:03:8d:07:7c:c7:13:a9:52:b0:d1:db:
b7:fc:6a:2a:9e:dd:7f:a5:80:d7:a0:4c:83:03:bd:
1a:09:9c:8b:3f:fc:d0:2a:0f:fe:90:49:a4:48:05:
00:f3:2c:f8:8a:25:d0:2e:dc:13:2c:38:bd:da:3b:
9d:55:b5:4c:74:11:5f:f1:6a:ff:e2:0a:e7:65:42:
5a:15:44:41:24:76:a0:ea:ec:a0:78:a6:7d:1f:cf:
2d:68:79:c0:39:51:d0:9c:db:85:80:3a:3e:d0:df:
54:b0:d3:83:22:3b:fa:e4:b2:6a:99:95:a1:79:3b:
17:2d:48:80:56:19:b5:cd:52:19:ff:23:e6:92:62:
1e:d6:d3:61:1f:64:aa:29:52:7d:8c:9d:2d:ab:1f:
6d:fa:85:6a:5c:98:35:17:10:f5:34:d9:f0:51:3a:
81:91:03:29:80:ec:e8:78:a9:1c:ac:10:dd:50:c9:
e5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D9:4E:32:6A:0C:E2:E9:76:CC:55:19:3B:14:14:B5:C0:8E:F3:AD
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/TNlOMmoM4ul2zFUZOxQUtcCO860.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.224.0/20
Signature Algorithm: sha256WithRSAEncryption
34:85:df:6e:7c:13:aa:50:a2:f0:0a:eb:ef:b0:cb:c8:6d:94:
6e:d4:5c:53:50:ee:27:ee:a0:b5:2d:c6:6b:a2:15:33:39:96:
48:2f:d9:c3:f9:1a:e7:b8:f2:49:df:8e:b8:8b:f2:f2:dc:28:
bb:da:df:ec:86:1e:b6:fb:85:3e:5e:a5:3f:0e:73:fe:bf:4e:
51:70:f7:f4:b8:63:23:16:58:7a:86:83:83:e3:3b:69:09:d6:
87:0b:d2:75:ca:fe:df:5e:0c:4f:7d:63:6c:22:75:ea:22:4c:
16:b9:a2:a3:67:ed:5c:c0:93:03:9a:25:87:ff:b7:11:b9:ed:
2a:92:5a:3c:89:f9:12:f1:3d:75:61:48:2c:62:0c:49:48:c8:
cd:d3:fa:1c:a0:5e:6a:a6:2a:bd:87:0a:94:fc:80:9b:09:33:
1d:6d:98:19:4a:c1:5a:12:f7:e4:b7:d4:86:70:47:30:3b:c2:
a7:63:ff:5f:01:ac:58:68:c5:cf:77:55:c2:43:23:3c:88:a4:
40:50:76:6e:a4:54:f7:4d:78:5d:af:c4:86:fe:4a:3e:fb:9e:
71:04:04:b9:af:82:6d:ff:8b:4b:48:0d:5b:38:0b:ae:3c:e4:
24:db:df:03:8d:70:0c:8e:30:1f:a7:62:7c:4f:2b:a3:4b:44:
c9:a5:f1:da
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQxNDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRDRDk0RTMyNkEwQ0Uy
RTk3NkNDNTUxOTNCMTQxNEI1QzA4RUYzQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDECEixKJ9QU9vGy8YrkupsYHZlwVpIfyoHO5UFubD5+B6QimZj
zgy8dcyzvpBR0Puk+Taq4gnoTTlKrIGKirjzgxlbTptCrLDqpJwqfHADjQd8xxOp
UrDR27f8aiqe3X+lgNegTIMDvRoJnIs//NAqD/6QSaRIBQDzLPiKJdAu3BMsOL3a
O51VtUx0EV/xav/iCudlQloVREEkdqDq7KB4pn0fzy1oecA5UdCc24WAOj7Q31Sw
04MiO/rksmqZlaF5OxctSIBWGbXNUhn/I+aSYh7W02EfZKopUn2MnS2rH236hWpc
mDUXEPU02fBROoGRAymA7Oh4qRysEN1QyeW3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTNlOMmoM4ul2zFUZOxQUtcCO860wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1RObE9NbW9NNHVsMnpGVVpP
eFFVdGNDTzg2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
w+AwDQYJKoZIhvcNAQELBQADggEBADSF3258E6pQovAK6++wy8htlG7UXFNQ7ifu
oLUtxmuiFTM5lkgv2cP5Gue48knfjriL8vLcKLva3+yGHrb7hT5epT8Oc/6/TlFw
9/S4YyMWWHqGg4PjO2kJ1ocL0nXK/t9eDE99Y2wideoiTBa5oqNn7VzAkwOaJYf/
txG57SqSWjyJ+RLxPXVhSCxiDElIyM3T+hygXmqmKr2HCpT8gJsJMx1tmBlKwVoS
9+S31IZwRzA7wqdj/18BrFhoxc93VcJDIzyIpEBQdm6kVPdNeF2vxIb+Sj77nnEE
BLmvgm3/i0tIDVs4C6485CTb3wONcAyOMB+nYnxPK6NLRMml8do=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:28 2023 by rpki-client on console-ams.rpki-client.org