Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/D8Zx7PfUbs5zI2yWw7iVmDzm0cE.roa
File: D8Zx7PfUbs5zI2yWw7iVmDzm0cE.roa (raw, json)
Hash identifier: F8uVLuE7J4ph9VTgxTHg2NgC4ozrqIT8hGnLcI41xQ8=
Subject key identifier: 0F:C6:71:EC:F7:D4:6E:CE:73:23:6C:96:C3:B8:95:98:3C:E6:D1:C1
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0AB7
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/D8Zx7PfUbs5zI2yWw7iVmDzm0cE.roa
Signing time: Thu 15 Sep 2022 02:37:45 +0000
ROA not before: Thu 15 Sep 2022 02:37:45 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9244
IP address blocks: 2403:ee00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2743 (0xab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Sep 15 02:37:45 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0FC671ECF7D46ECE73236C96C3B895983CE6D1C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7b:ab:7c:3f:67:65:48:bc:44:07:80:92:c9:
4a:12:80:05:15:11:67:45:09:2a:70:0b:06:90:97:
7f:22:ee:dc:f1:b1:6f:4e:c8:81:a3:17:69:33:29:
8a:3f:cc:d1:c1:f7:8e:00:28:44:bd:ae:38:b0:ab:
d8:ae:8d:47:73:30:7e:2e:47:fb:10:35:2a:4a:c9:
4d:63:4b:7f:24:e6:ff:fb:5b:3b:27:aa:bf:1f:c4:
fa:b5:e3:52:21:76:51:e9:29:80:c7:67:af:fe:bd:
8d:5d:a6:33:1b:d5:9f:ea:c4:f9:0f:d0:95:c7:57:
de:77:ea:63:88:19:fc:fd:4d:d7:eb:e3:09:c5:34:
a0:b8:8d:af:d1:50:87:77:14:03:b0:b4:f4:d1:a6:
78:41:87:f2:c1:7c:bc:b7:14:67:31:7a:2e:6c:9a:
fb:38:9b:59:b2:ed:f3:c4:f2:00:a8:96:d6:ed:84:
bf:9c:4e:aa:50:ad:5b:ec:43:f7:c5:02:01:ea:5e:
4c:03:3b:26:f1:42:42:07:49:1e:83:a4:9c:91:18:
3a:ca:08:99:27:3a:75:e8:ad:ba:ec:2f:ac:2a:61:
e9:44:e2:82:40:52:82:db:e8:2b:26:0e:48:4c:f2:
33:f9:9c:e5:13:3b:6a:e2:ab:0a:40:9b:e5:8e:02:
b0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C6:71:EC:F7:D4:6E:CE:73:23:6C:96:C3:B8:95:98:3C:E6:D1:C1
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/D8Zx7PfUbs5zI2yWw7iVmDzm0cE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
ae:43:42:44:6d:82:dd:58:cb:ed:c9:48:2b:f2:a6:3f:20:3f:
8c:ea:09:c6:04:64:62:19:3a:84:17:d3:82:60:7f:67:e5:2b:
3b:a3:9e:eb:24:fd:cd:19:86:ec:a4:73:79:59:2f:2b:91:db:
fc:67:69:e7:a4:41:cd:7e:d7:8d:a7:d0:b8:12:e6:77:bb:64:
3d:ff:e7:25:e9:a4:92:df:62:b7:41:c1:b0:5d:8b:17:b2:67:
f2:6b:dc:cc:50:1b:70:38:41:6f:a1:a5:96:4a:9f:53:09:1c:
d4:bd:05:67:f8:4a:b7:7b:8d:a9:d9:dc:50:35:a4:94:bb:33:
28:3c:a5:0a:7c:7d:83:b2:e9:4e:16:e0:82:f4:e5:d5:68:b6:
d0:b3:85:21:cf:5c:ea:ba:ae:18:14:6d:cc:a6:37:e8:d9:c5:
e1:a4:fd:68:89:68:7d:b1:58:61:eb:7b:92:e7:fb:6f:9a:f8:
be:34:7a:eb:d2:50:2a:9d:05:61:13:17:d1:cf:45:2b:bb:3e:
4e:29:0c:69:7f:9f:82:b4:85:5e:0c:8c:d6:9e:d9:22:4b:e2:
b7:df:d4:2c:fc:1e:9b:fb:40:c7:bf:95:cb:a1:c6:e5:5d:2d:
85:43:61:c8:7f:6e:90:a4:d9:1c:7b:31:93:61:51:aa:9d:b4:
09:e0:59:99
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMjA5MTUw
MjM3NDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBGQzY3MUVDRjdENDZF
Q0U3MzIzNkM5NkMzQjg5NTk4M0NFNkQxQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDge6t8P2dlSLxEB4CSyUoSgAUVEWdFCSpwCwaQl38i7tzxsW9O
yIGjF2kzKYo/zNHB944AKES9rjiwq9iujUdzMH4uR/sQNSpKyU1jS38k5v/7Wzsn
qr8fxPq141IhdlHpKYDHZ6/+vY1dpjMb1Z/qxPkP0JXHV9536mOIGfz9Tdfr4wnF
NKC4ja/RUId3FAOwtPTRpnhBh/LBfLy3FGcxei5smvs4m1my7fPE8gColtbthL+c
TqpQrVvsQ/fFAgHqXkwDOybxQkIHSR6DpJyRGDrKCJknOnXorbrsL6wqYelE4oJA
UoLb6CsmDkhM8jP5nOUTO2riqwpAm+WOArA7AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUD8Zx7PfUbs5zI2yWw7iVmDzm0cEwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0Q4Wng3UGZVYnM1ekkyeVd3
N2lWbUR6bTBjRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
A+4AMA0GCSqGSIb3DQEBCwUAA4IBAQCuQ0JEbYLdWMvtyUgr8qY/ID+M6gnGBGRi
GTqEF9OCYH9n5Ss7o57rJP3NGYbspHN5WS8rkdv8Z2nnpEHNfteNp9C4EuZ3u2Q9
/+cl6aSS32K3QcGwXYsXsmfya9zMUBtwOEFvoaWWSp9TCRzUvQVn+Eq3e42p2dxQ
NaSUuzMoPKUKfH2DsulOFuCC9OXVaLbQs4Uhz1zquq4YFG3Mpjfo2cXhpP1oiWh9
sVhh63uS5/tvmvi+NHrr0lAqnQVhExfRz0Uruz5OKQxpf5+CtIVeDIzWntkiS+K3
39Qs/B6b+0DHv5XLocblXS2FQ2HIf26QpNkcezGTYVGqnbQJ4FmZ
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:39 2023 by rpki-client on console-ams.rpki-client.org