Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/csDj5l-VmgAmk13Ur8oFX0hlP1k.roa
File: csDj5l-VmgAmk13Ur8oFX0hlP1k.roa (raw, json)
Hash identifier: t+bJMcoxtR66GBfYAUtieoGd3REcGP4KAX2uTBDxSx8=
Subject key identifier: 72:C0:E3:E6:5F:95:9A:00:26:93:5D:D4:AF:CA:05:5F:48:65:3F:59
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 228D
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/csDj5l-VmgAmk13Ur8oFX0hlP1k.roa
Signing time: Fri 25 Nov 2022 04:41:20 +0000
ROA not before: Fri 25 Nov 2022 04:41:20 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 118.232.96.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8845 (0x228d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:41:20 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=72C0E3E65F959A0026935DD4AFCA055F48653F59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:53:22:f5:93:75:0e:d3:9a:0c:3e:59:13:26:
f6:a4:c5:9a:0f:26:7f:39:64:b8:74:d4:bf:22:68:
f9:07:e0:18:e1:13:e8:32:44:63:15:99:3a:b3:b8:
bb:81:30:4e:e2:2f:0e:89:01:ca:01:dc:a2:71:bd:
67:8a:91:0e:96:23:20:b1:88:03:71:4c:34:85:31:
01:b0:d2:39:13:fa:72:25:c4:bb:e4:1d:fa:fb:4e:
f3:1f:4e:a1:38:31:d8:93:8d:61:c1:4b:98:36:14:
b5:bb:97:78:c3:73:44:04:15:86:0e:b6:68:dc:04:
dc:53:88:13:16:8e:b3:64:6f:46:db:9c:c0:f7:30:
f9:89:52:38:d6:33:c2:bd:80:eb:41:68:b9:74:e9:
e7:dd:1f:85:dd:45:17:7e:d3:f0:0f:d1:b1:e9:03:
e0:32:87:ad:ea:2f:15:ac:ac:de:9c:eb:c0:a0:9b:
a7:54:7f:ad:fb:d6:5c:76:76:2f:14:39:73:48:8c:
69:23:dd:ad:a4:47:32:26:e6:03:06:43:40:f7:06:
d6:48:22:6b:a0:89:d1:a6:c3:37:54:7c:92:52:ff:
b3:c8:63:b1:a8:7a:cb:86:a0:b0:44:79:52:f1:4a:
bf:3f:6b:b3:06:32:ec:5a:bb:9f:3c:22:69:f6:f7:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C0:E3:E6:5F:95:9A:00:26:93:5D:D4:AF:CA:05:5F:48:65:3F:59
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/csDj5l-VmgAmk13Ur8oFX0hlP1k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.232.96.0/21
Signature Algorithm: sha256WithRSAEncryption
28:6a:fd:cf:c5:e9:af:d1:6d:e5:61:af:4e:ab:72:d4:27:be:
a0:96:ac:88:9c:e3:55:11:03:e6:ed:d6:ff:ca:5c:05:a0:50:
47:9d:51:3a:46:f3:11:c2:61:ea:ba:ad:eb:09:71:73:89:dd:
00:3b:29:c0:3f:41:f8:f9:2c:23:6d:41:66:e2:fe:3f:f5:25:
35:72:4d:22:b3:ea:7b:a2:0e:f9:88:a9:9f:9b:12:cd:3d:ec:
fd:4c:83:e4:82:bc:64:dd:12:ad:5d:b7:00:01:f2:25:df:30:
24:11:22:3e:cd:b9:ec:07:76:20:2e:24:74:30:1a:b7:68:55:
3c:7a:d1:f3:c6:4e:40:89:ec:d9:09:61:47:40:93:30:13:2d:
5a:2c:8d:47:27:35:19:6b:8b:7b:8a:05:63:05:4b:25:ab:73:
c7:29:cd:81:b0:b0:c6:8c:b5:92:2f:03:c0:50:86:98:c3:20:
ad:a4:7a:dd:08:e5:84:f7:a7:90:c4:25:f6:fb:74:9b:a7:7c:
7c:11:7a:09:be:92:15:16:6f:58:66:39:9a:9d:03:53:64:f3:
e7:6f:06:fc:8f:fd:28:3e:4c:83:a1:24:e7:a3:9d:92:7c:b5:
e2:8c:75:85:df:6d:b0:14:da:b2:e1:24:d6:04:73:c0:95:fc:
f0:78:53:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQxMjBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDcyQzBFM0U2NUY5NTlB
MDAyNjkzNURENEFGQ0EwNTVGNDg2NTNGNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcUyL1k3UO05oMPlkTJvakxZoPJn85ZLh01L8iaPkH4BjhE+gy
RGMVmTqzuLuBME7iLw6JAcoB3KJxvWeKkQ6WIyCxiANxTDSFMQGw0jkT+nIlxLvk
Hfr7TvMfTqE4MdiTjWHBS5g2FLW7l3jDc0QEFYYOtmjcBNxTiBMWjrNkb0bbnMD3
MPmJUjjWM8K9gOtBaLl06efdH4XdRRd+0/AP0bHpA+Ayh63qLxWsrN6c68Cgm6dU
f6371lx2di8UOXNIjGkj3a2kRzIm5gMGQ0D3BtZIImugidGmwzdUfJJS/7PIY7Go
esuGoLBEeVLxSr8/a7MGMuxau588Imn29/GdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcsDj5l+VmgAmk13Ur8oFX0hlP1kwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2NzRGo1bC1WbWdBbWsxM1Vy
OG9GWDBobFAxay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6GAwDQYJKoZIhvcNAQELBQADggEBAChq/c/F6a/RbeVhr06rctQnvqCWrIic41UR
A+bt1v/KXAWgUEedUTpG8xHCYeq6resJcXOJ3QA7KcA/Qfj5LCNtQWbi/j/1JTVy
TSKz6nuiDvmIqZ+bEs097P1Mg+SCvGTdEq1dtwAB8iXfMCQRIj7NuewHdiAuJHQw
GrdoVTx60fPGTkCJ7NkJYUdAkzATLVosjUcnNRlri3uKBWMFSyWrc8cpzYGwsMaM
tZIvA8BQhpjDIK2ket0I5YT3p5DEJfb7dJunfHwRegm+khUWb1hmOZqdA1Nk8+dv
BvyP/Sg+TIOhJOejnZJ8teKMdYXfbbAU2rLhJNYEc8CV/PB4U7Y=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:30 2023 by rpki-client on console-ams.rpki-client.org