Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/BGMqRnwGhx-shZpCGDWE3_h4i7g.roa
File: BGMqRnwGhx-shZpCGDWE3_h4i7g.roa (raw, json)
Hash identifier: rAtviyXIQkDOHUGv50GhYOPwz7CcSlm9Yg4LBPYej9M=
Subject key identifier: 04:63:2A:46:7C:06:87:1F:AC:85:9A:42:18:35:84:DF:F8:78:8B:B8
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 0469
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/BGMqRnwGhx-shZpCGDWE3_h4i7g.roa
Signing time: Thu 15 Sep 2022 02:34:58 +0000
ROA not before: Thu 15 Sep 2022 02:34:58 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131657
IP address blocks: 2406:48c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1129 (0x469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Sep 15 02:34:58 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=04632A467C06871FAC859A42183584DFF8788BB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2c:27:a9:80:e2:ea:c8:17:9d:d0:e6:ef:76:
34:37:59:d8:37:11:36:94:7e:06:f5:04:ce:f7:e4:
14:f1:20:49:0b:0c:99:74:ea:e4:ed:40:84:34:eb:
bf:a5:d0:43:cd:ad:f8:f1:20:ea:19:a9:83:f3:cc:
d7:d3:3f:5f:07:24:4c:f0:7e:8a:dd:3f:ac:d3:48:
60:5c:8a:53:d8:cf:7c:5b:00:cb:39:cc:6f:34:f4:
b2:51:4c:09:74:fb:8b:1c:a4:40:78:bb:c4:bb:a8:
c5:20:4e:41:7a:b2:dc:2d:37:b3:05:3d:85:35:fa:
00:0e:2a:67:9d:fc:99:a4:29:8a:bc:b0:0e:71:d8:
88:43:c3:93:36:40:6c:40:ed:37:a5:67:3b:26:ec:
bc:66:b3:cc:85:10:01:af:bb:fe:bb:8b:67:82:68:
16:d0:eb:b1:21:8f:09:39:62:12:05:67:20:b9:2d:
c9:0d:ce:f0:5d:bb:df:66:e6:5e:1a:7f:2c:45:21:
79:c2:fd:30:27:34:db:82:d4:d9:97:60:a2:cb:34:
d1:b0:0c:74:30:22:c0:9d:bc:c0:14:c0:ba:d5:ea:
7c:ac:12:23:0c:9b:1c:2c:9e:9a:e5:3d:13:45:cc:
52:34:5a:78:05:60:6b:ae:70:77:e7:15:a4:0a:40:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:63:2A:46:7C:06:87:1F:AC:85:9A:42:18:35:84:DF:F8:78:8B:B8
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/BGMqRnwGhx-shZpCGDWE3_h4i7g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:48c0::/48
Signature Algorithm: sha256WithRSAEncryption
84:79:d3:6e:f4:ed:e7:3f:85:56:4b:69:75:8c:58:2b:53:5d:
62:3c:56:55:7f:ae:ff:7f:11:bb:4c:e3:07:bd:3b:96:7e:22:
c9:9e:9c:be:85:da:9d:a6:12:81:73:28:3f:d6:14:d2:d9:47:
f8:1a:ad:08:5c:34:e5:6b:61:c2:16:a6:39:c5:51:6d:55:f1:
80:63:72:49:1e:a6:b3:e2:d1:ad:23:e0:5e:09:f3:df:ba:0e:
3a:d5:6b:25:4b:fd:36:53:1c:59:c2:99:9c:08:09:96:74:ab:
ce:2f:d8:9c:2c:bc:3b:4d:60:a9:ad:71:3f:ad:8a:80:4f:75:
99:75:f4:92:da:0f:1d:9a:43:68:e3:ff:0c:03:02:97:8f:e0:
c5:b6:f9:3e:98:03:d8:46:01:7b:2a:4e:e4:cc:fd:b2:e1:61:
73:10:41:0c:3e:93:04:49:39:28:75:10:7d:96:91:1b:ce:08:
fb:8e:69:32:5d:31:d2:21:c8:82:fc:8e:8d:af:08:2c:7d:3c:
f8:a0:c8:9b:29:f4:98:79:7f:ea:fc:72:d4:7a:ca:05:ed:a6:
1a:00:dc:6a:1b:a5:bd:59:b4:22:c2:1c:d5:72:94:14:0f:66:
a8:38:a7:d5:42:55:64:cc:bf:dd:a0:fe:e4:42:d6:df:08:0e:
8e:98:5f:cf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMjA5MTUw
MjM0NThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA0NjMyQTQ2N0MwNjg3
MUZBQzg1OUE0MjE4MzU4NERGRjg3ODhCQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChLCepgOLqyBed0ObvdjQ3Wdg3ETaUfgb1BM735BTxIEkLDJl0
6uTtQIQ067+l0EPNrfjxIOoZqYPzzNfTP18HJEzwfordP6zTSGBcilPYz3xbAMs5
zG809LJRTAl0+4scpEB4u8S7qMUgTkF6stwtN7MFPYU1+gAOKmed/JmkKYq8sA5x
2IhDw5M2QGxA7TelZzsm7Lxms8yFEAGvu/67i2eCaBbQ67Ehjwk5YhIFZyC5LckN
zvBdu99m5l4afyxFIXnC/TAnNNuC1NmXYKLLNNGwDHQwIsCdvMAUwLrV6nysEiMM
mxwsnprlPRNFzFI0WngFYGuucHfnFaQKQEgdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBGMqRnwGhx+shZpCGDWE3/h4i7gwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL0JHTXFSbndHaHgtc2hacENH
RFdFM19oNGk3Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
BkjAAAAwDQYJKoZIhvcNAQELBQADggEBAIR502707ec/hVZLaXWMWCtTXWI8VlV/
rv9/EbtM4we9O5Z+IsmenL6F2p2mEoFzKD/WFNLZR/garQhcNOVrYcIWpjnFUW1V
8YBjckkeprPi0a0j4F4J89+6DjrVayVL/TZTHFnCmZwICZZ0q84v2JwsvDtNYKmt
cT+tioBPdZl19JLaDx2aQ2jj/wwDApeP4MW2+T6YA9hGAXsqTuTM/bLhYXMQQQw+
kwRJOSh1EH2WkRvOCPuOaTJdMdIhyIL8jo2vCCx9PPigyJsp9Jh5f+r8ctR6ygXt
phoA3Gobpb1ZtCLCHNVylBQPZqg4p9VCVWTMv92g/uRC1t8IDo6YX88=
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:41 2023 by rpki-client on console-ams.rpki-client.org