Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ZOm7y4m7qMM6zbv6WJXkFcaDXqA.roa
File: ZOm7y4m7qMM6zbv6WJXkFcaDXqA.roa (raw, json)
Hash identifier: fSKo0XwPOVFVS8JxkRny/OU0fc0OtDLjCE6G0+aYHF8=
Subject key identifier: 64:E9:BB:CB:89:BB:A8:C3:3A:CD:BB:FA:58:95:E4:15:C6:83:5E:A0
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 221A
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ZOm7y4m7qMM6zbv6WJXkFcaDXqA.roa
Signing time: Fri 25 Nov 2022 04:40:46 +0000
ROA not before: Fri 25 Nov 2022 04:40:46 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 106.1.100.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8730 (0x221a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:40:46 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=64E9BBCB89BBA8C33ACDBBFA5895E415C6835EA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c4:86:f2:fc:1d:9d:e9:cd:f4:1e:1b:79:f9:
2a:c8:3a:6d:9c:9f:77:46:22:ed:75:bf:41:0d:24:
84:47:6e:8b:3f:b9:24:42:31:9e:68:ac:ba:7d:a9:
64:58:f9:dc:6a:3d:99:46:9e:9c:94:15:35:cb:b9:
3f:88:53:f8:ad:76:a6:95:e8:38:81:82:35:6d:d6:
47:f5:3b:1c:2e:e1:33:3d:1d:bd:ea:f4:b8:5b:c5:
90:1c:95:83:16:c3:64:4f:74:0f:74:69:23:7f:d9:
e3:47:81:ab:10:d2:ea:eb:dd:81:07:4b:e9:17:c0:
58:06:03:a3:07:13:6c:70:14:61:db:5c:20:2a:b8:
ee:ad:10:26:32:77:0c:12:b6:0a:99:36:f0:cc:19:
5d:5a:f8:51:6d:b1:c8:b8:c4:64:15:dc:9c:06:33:
d9:10:44:ba:3b:55:03:d1:3c:b2:37:f3:eb:e5:ec:
2d:07:db:91:0a:be:42:ae:ac:ec:d3:f0:d2:d5:78:
71:73:6b:2e:36:92:81:b4:ea:d8:d4:79:89:52:88:
a7:50:ab:c1:f9:92:c6:42:97:d7:74:52:74:18:c9:
41:2c:7f:40:f7:33:84:b6:ba:39:d4:f6:50:cc:be:
86:e6:c8:9c:7f:33:56:ab:fa:60:07:e5:3e:0a:11:
55:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E9:BB:CB:89:BB:A8:C3:3A:CD:BB:FA:58:95:E4:15:C6:83:5E:A0
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/ZOm7y4m7qMM6zbv6WJXkFcaDXqA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.1.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:f6:72:9c:6d:9f:be:15:38:fa:73:cb:be:8b:ed:b9:2f:61:
2d:96:8d:d0:19:be:45:de:c0:62:b9:bb:26:5a:74:82:6a:f8:
05:77:23:7f:49:41:a0:e6:1c:27:61:80:31:b5:55:5b:5e:83:
49:8b:54:61:ac:ae:d7:4b:f8:07:af:f8:51:ca:ff:3d:f4:06:
84:15:f9:22:7f:4d:5a:4f:9e:d6:93:59:f5:87:2b:4e:2e:5e:
d9:ab:20:e2:61:d5:0c:31:49:3e:62:98:27:94:6d:cc:6a:70:
f5:3d:25:db:a1:9c:3b:62:11:cc:58:11:3d:5b:a5:3d:69:93:
18:50:03:2f:c9:60:72:8e:fc:52:9f:d9:e8:51:91:68:f4:59:
19:a0:88:ce:0b:1e:37:be:79:58:1d:f5:61:21:8b:ab:e7:c1:
6d:48:b1:ad:42:1e:61:3e:b3:36:89:71:00:d3:bf:d6:b9:66:
b4:3e:f8:f0:6b:f2:9c:c4:94:ab:6c:d5:20:f6:b0:9f:99:56:
2c:d3:88:06:1a:7c:46:99:81:5c:34:78:0d:7d:da:3c:66:14:
91:66:ce:ab:25:e6:c7:71:52:97:28:9d:7e:05:9f:5b:cd:d8:
3d:27:25:dc:39:ca:4f:49:4b:85:90:f9:ad:9c:3f:9a:be:f1:
0e:43:56:fd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQwNDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY0RTlCQkNCODlCQkE4
QzMzQUNEQkJGQTU4OTVFNDE1QzY4MzVFQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYxIby/B2d6c30Hht5+SrIOm2cn3dGIu11v0ENJIRHbos/uSRC
MZ5orLp9qWRY+dxqPZlGnpyUFTXLuT+IU/itdqaV6DiBgjVt1kf1Oxwu4TM9Hb3q
9LhbxZAclYMWw2RPdA90aSN/2eNHgasQ0urr3YEHS+kXwFgGA6MHE2xwFGHbXCAq
uO6tECYydwwStgqZNvDMGV1a+FFtsci4xGQV3JwGM9kQRLo7VQPRPLI38+vl7C0H
25EKvkKurOzT8NLVeHFzay42koG06tjUeYlSiKdQq8H5ksZCl9d0UnQYyUEsf0D3
M4S2ujnU9lDMvobmyJx/M1ar+mAH5T4KEVUFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZOm7y4m7qMM6zbv6WJXkFcaDXqAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1pPbTd5NG03cU1NNnpidjZX
SlhrRmNhRFhxQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJq
AWQwDQYJKoZIhvcNAQELBQADggEBAIv2cpxtn74VOPpzy76L7bkvYS2WjdAZvkXe
wGK5uyZadIJq+AV3I39JQaDmHCdhgDG1VVteg0mLVGGsrtdL+Aev+FHK/z30BoQV
+SJ/TVpPntaTWfWHK04uXtmrIOJh1QwxST5imCeUbcxqcPU9JduhnDtiEcxYET1b
pT1pkxhQAy/JYHKO/FKf2ehRkWj0WRmgiM4LHje+eVgd9WEhi6vnwW1Isa1CHmE+
szaJcQDTv9a5ZrQ++PBr8pzElKts1SD2sJ+ZVizTiAYafEaZgVw0eA192jxmFJFm
zqsl5sdxUpconX4Fn1vN2D0nJdw5yk9JS4WQ+a2cP5q+8Q5DVv0=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:06 2023 by rpki-client on console-fra.rpki-client.org