Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/JFa38ewj-YTttscrt3_9g6aow-4.roa
File: JFa38ewj-YTttscrt3_9g6aow-4.roa (raw, json)
Hash identifier: xoVlqpVA5TchnOTD2WWjxd6gaF6CG3B6J8xu6Ik/zqE=
Subject key identifier: 24:56:B7:F1:EC:23:F9:84:ED:B6:C7:2B:B7:7F:FD:83:A6:A8:C3:EE
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 067A
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/JFa38ewj-YTttscrt3_9g6aow-4.roa
Signing time: Mon 26 Aug 2024 05:18:40 +0000
ROA not before: Mon 26 Aug 2024 05:18:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2401:95c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1658 (0x67a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Aug 26 05:18:40 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2456B7F1EC23F984EDB6C72BB77FFD83A6A8C3EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3b:48:51:b1:95:0b:42:c2:0d:3e:f1:21:4c:
a3:18:1c:55:90:80:12:a6:3c:5b:7c:5b:87:f3:98:
8e:59:46:7e:7d:3a:02:20:86:6f:6d:d0:2b:0c:b3:
69:7a:61:b4:33:21:17:d0:c7:a2:4d:22:e5:6c:21:
ae:44:ca:90:27:7e:bc:92:0b:72:9f:a9:c3:27:08:
68:30:b2:c3:3b:ce:88:57:b1:5b:01:df:cb:1a:9e:
c7:c8:33:77:f6:1e:10:36:fb:80:92:8a:15:75:37:
82:3f:72:96:7c:6f:9b:21:cd:54:53:96:cd:b0:75:
40:ed:09:64:26:32:ea:44:51:98:ef:1c:44:fc:b6:
3d:b1:81:0b:8a:7d:d5:ec:7a:34:ff:ff:4c:32:e4:
a9:52:28:bc:87:63:e9:bd:0e:48:25:9d:1b:8f:01:
f6:5d:0a:60:64:e1:54:f1:00:07:41:0f:be:4a:d2:
97:88:47:11:c3:20:ba:c1:d0:a2:3a:1e:b5:be:9c:
93:5c:06:06:22:81:ff:fe:87:6c:75:03:e1:61:ea:
6a:4a:de:d2:d9:65:50:df:b1:93:70:03:cf:da:3c:
f3:3a:3e:07:b7:16:73:fb:25:1e:13:d5:16:f4:4a:
e4:1b:d8:12:5b:97:0e:56:fc:7f:2c:fb:46:4b:36:
73:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:56:B7:F1:EC:23:F9:84:ED:B6:C7:2B:B7:7F:FD:83:A6:A8:C3:EE
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/JFa38ewj-YTttscrt3_9g6aow-4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0::/32
Signature Algorithm: sha256WithRSAEncryption
92:17:00:69:a2:04:aa:0c:89:d8:6c:36:06:cd:2c:05:59:71:
85:e2:53:69:2e:91:9e:98:1d:37:d6:22:2b:c6:65:ae:4b:37:
60:aa:b0:40:c3:6c:c7:de:09:31:b6:d4:12:6a:17:23:1a:73:
da:d1:36:8a:85:64:9b:1d:6d:39:95:2e:b9:53:92:69:75:59:
80:c5:8f:5d:8e:20:2e:3c:c0:19:5c:3e:22:da:2a:0a:cd:bd:
02:34:f0:ba:90:29:a8:92:d7:5c:79:6b:c0:f7:87:f8:76:01:
5e:2b:bd:bc:d2:95:2f:94:e7:c2:cd:ab:2a:a3:be:2f:17:58:
ee:a0:34:b9:7f:6e:d1:93:4d:25:4e:fd:77:52:64:26:4a:3f:
ce:8d:e6:57:a0:e2:2e:0a:5e:3d:79:56:9b:25:40:bb:43:e3:
91:f4:ee:e1:a7:ad:20:d5:f0:aa:f9:ca:20:d0:10:7e:4a:cf:
bd:e3:f2:b1:09:d6:1e:21:ca:fd:5e:99:1f:73:7c:14:93:7a:
6c:f2:8a:31:50:e5:e0:51:46:44:4b:97:ea:77:10:fe:de:1b:
51:4a:0d:78:a8:f0:44:bc:b7:7c:ea:e5:4d:62:80:b3:ee:d1:
08:3e:b3:23:4a:10:59:7d:76:2b:08:6a:da:69:77:de:85:f0:
08:63:66:97
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yNDA4MjYw
NTE4NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI0NTZCN0YxRUMyM0Y5
ODRFREI2QzcyQkI3N0ZGRDgzQTZBOEMzRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVO0hRsZULQsINPvEhTKMYHFWQgBKmPFt8W4fzmI5ZRn59OgIg
hm9t0CsMs2l6YbQzIRfQx6JNIuVsIa5EypAnfrySC3KfqcMnCGgwssM7zohXsVsB
38sansfIM3f2HhA2+4CSihV1N4I/cpZ8b5shzVRTls2wdUDtCWQmMupEUZjvHET8
tj2xgQuKfdXsejT//0wy5KlSKLyHY+m9DkglnRuPAfZdCmBk4VTxAAdBD75K0peI
RxHDILrB0KI6HrW+nJNcBgYigf/+h2x1A+Fh6mpK3tLZZVDfsZNwA8/aPPM6Pge3
FnP7JR4T1Rb0SuQb2BJblw5W/H8s+0ZLNnOXAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUJFa38ewj+YTttscrt3/9g6aow+4wHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0pGYTM4ZXdqLVlUdHRzY3J0
M185ZzZhb3ctNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
AZXAMA0GCSqGSIb3DQEBCwUAA4IBAQCSFwBpogSqDInYbDYGzSwFWXGF4lNpLpGe
mB031iIrxmWuSzdgqrBAw2zH3gkxttQSahcjGnPa0TaKhWSbHW05lS65U5JpdVmA
xY9djiAuPMAZXD4i2ioKzb0CNPC6kCmoktdceWvA94f4dgFeK7280pUvlOfCzasq
o74vF1juoDS5f27Rk00lTv13UmQmSj/OjeZXoOIuCl49eVabJUC7Q+OR9O7hp60g
1fCq+cog0BB+Ss+94/KxCdYeIcr9Xpkfc3wUk3ps8ooxUOXgUUZES5fqdxD+3htR
Sg14qPBEvLd86uVNYoCz7tEIPrMjShBZfXYrCGraaXfehfAIY2aX
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:12:13 2025 by rpki-client