Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h2ZOBXw0JPqGfBzZ8ZcDhogqbW0.roa
File: h2ZOBXw0JPqGfBzZ8ZcDhogqbW0.roa (raw, json)
Hash identifier: IMtrdCe2AlBejCsldsxii4mBSfrV4OuodPtZD0U3znA=
Subject key identifier: 87:66:4E:05:7C:34:24:FA:86:7C:1C:D9:F1:97:03:86:88:2A:6D:6D
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 229A
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h2ZOBXw0JPqGfBzZ8ZcDhogqbW0.roa
Signing time: Fri 25 Nov 2022 04:41:23 +0000
ROA not before: Fri 25 Nov 2022 04:41:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 38841
IP address blocks: 123.195.160.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8858 (0x229a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Nov 25 04:41:23 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=87664E057C3424FA867C1CD9F1970386882A6D6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:27:c7:46:bd:cc:4e:4b:e8:58:ef:3f:96:36:
5d:26:b2:6e:ce:06:51:46:b4:18:95:56:2a:18:5f:
bd:c4:06:eb:bd:25:da:b7:a2:a7:57:79:15:02:09:
b0:5b:ae:19:4d:b0:cb:3b:6f:67:57:e9:c1:26:3d:
82:d6:73:7e:fe:c1:39:8b:82:6e:e9:e2:a6:1e:7d:
a8:31:f2:da:20:56:c6:be:6b:a1:48:b5:07:4a:08:
2b:00:98:46:6d:81:47:2d:5e:0a:4f:86:f1:67:c4:
5f:fb:61:9d:ed:19:92:8b:72:99:29:a9:83:24:43:
60:9a:3c:73:fd:b8:3e:94:4f:7f:8e:d7:eb:a5:be:
9e:c7:59:02:a4:03:0d:d0:19:a8:7d:f5:4b:e3:6d:
70:b2:4f:79:fd:60:be:55:8e:2a:a0:35:45:7d:32:
b6:9a:ed:d1:73:80:8e:c5:a2:0b:75:01:e7:d7:df:
55:55:f3:d5:37:95:c3:c3:d9:1f:53:88:f6:0e:ef:
b8:c4:49:30:b9:ba:df:a2:ec:7f:ca:ed:32:4d:2e:
02:70:10:d9:75:39:51:37:21:0a:b9:23:af:6c:c7:
64:d8:0d:e3:41:2c:ea:7d:c0:50:da:53:ab:22:d3:
d7:8d:9f:13:b3:d2:67:06:02:74:55:9e:6f:f9:e2:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:66:4E:05:7C:34:24:FA:86:7C:1C:D9:F1:97:03:86:88:2A:6D:6D
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/h2ZOBXw0JPqGfBzZ8ZcDhogqbW0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.160.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:b8:18:78:15:7f:f1:0f:8c:31:99:5e:04:da:10:45:7b:5b:
63:27:14:79:de:5c:67:ea:cd:59:de:f3:7f:bb:05:9d:b9:f8:
c6:fb:03:d0:6d:7d:6b:6b:25:ee:86:0c:e8:60:a7:ba:8a:f9:
09:1e:64:ee:37:12:dd:a4:93:32:bc:c9:de:9b:87:2c:55:23:
13:37:8d:57:66:f4:ab:57:64:d7:68:9a:1a:e3:78:7f:3b:f5:
39:02:c1:37:ce:51:58:99:0e:8b:bd:5e:4a:f6:96:b8:01:2f:
5b:6c:8d:6e:70:d4:64:30:d1:15:f5:26:ac:01:73:92:a7:60:
d4:4d:9d:d9:7f:e8:bb:cb:5f:5f:e7:68:99:15:57:4b:0f:11:
50:00:f5:5d:ad:fa:5d:5a:f5:d2:43:eb:e9:4b:2f:38:12:c3:
31:cd:be:8b:c0:e3:88:f2:d2:44:be:01:38:70:3d:64:b2:26:
a1:9f:8b:ad:48:26:ee:d2:6c:55:d1:5d:c5:4e:bf:08:64:18:
fb:b3:e6:0d:7d:eb:66:54:2b:fc:da:02:ee:8e:cc:66:e1:77:
b8:0c:fa:92:0a:97:60:22:67:cf:54:be:86:66:c9:77:69:9d:
6a:0f:6b:ba:95:3a:41:8a:4a:9f:99:db:9b:12:9c:24:1a:fd:
40:56:e4:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMjExMjUw
NDQxMjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg3NjY0RTA1N0MzNDI0
RkE4NjdDMUNEOUYxOTcwMzg2ODgyQTZENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOJ8dGvcxOS+hY7z+WNl0msm7OBlFGtBiVVioYX73EBuu9Jdq3
oqdXeRUCCbBbrhlNsMs7b2dX6cEmPYLWc37+wTmLgm7p4qYefagx8togVsa+a6FI
tQdKCCsAmEZtgUctXgpPhvFnxF/7YZ3tGZKLcpkpqYMkQ2CaPHP9uD6UT3+O1+ul
vp7HWQKkAw3QGah99UvjbXCyT3n9YL5VjiqgNUV9Mraa7dFzgI7Fogt1AefX31VV
89U3lcPD2R9TiPYO77jESTC5ut+i7H/K7TJNLgJwENl1OVE3IQq5I69sx2TYDeNB
LOp9wFDaU6si09eNnxOz0mcGAnRVnm/54p+5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh2ZOBXw0JPqGfBzZ8ZcDhogqbW0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2gyWk9CWHcwSlBxR2ZCelo4
WmNEaG9ncWJXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
w6AwDQYJKoZIhvcNAQELBQADggEBAJu4GHgVf/EPjDGZXgTaEEV7W2MnFHneXGfq
zVne83+7BZ25+Mb7A9BtfWtrJe6GDOhgp7qK+QkeZO43Et2kkzK8yd6bhyxVIxM3
jVdm9KtXZNdomhrjeH879TkCwTfOUViZDou9Xkr2lrgBL1tsjW5w1GQw0RX1JqwB
c5KnYNRNndl/6LvLX1/naJkVV0sPEVAA9V2t+l1a9dJD6+lLLzgSwzHNvovA44jy
0kS+AThwPWSyJqGfi61IJu7SbFXRXcVOvwhkGPuz5g1962ZUK/zaAu6OzGbhd7gM
+pIKl2AiZ89UvoZmyXdpnWoPa7qVOkGKSp+Z25sSnCQa/UBW5NU=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:32 2023 by rpki-client on console-ams.rpki-client.org