Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/VcokvTVqvxGh6THls7HDrepkjzM.roa
File: VcokvTVqvxGh6THls7HDrepkjzM.roa (raw, json)
Hash identifier: rjnrJiA67pRcRw6l/WHNt06r6HWkVxgO8U9isy8Owms=
Subject key identifier: 55:CA:24:BD:35:6A:BF:11:A1:E9:31:E5:B3:B1:C3:AD:EA:64:8F:33
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 0471
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/VcokvTVqvxGh6THls7HDrepkjzM.roa
Signing time: Thu 15 Sep 2022 02:35:02 +0000
ROA not before: Thu 15 Sep 2022 02:35:02 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9678
IP address blocks: 2401:95c0:2000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Sep 15 02:35:02 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=55CA24BD356ABF11A1E931E5B3B1C3ADEA648F33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:61:e6:4c:bf:e7:58:95:51:47:64:79:f6:f1:
75:d9:8c:91:a1:e2:3f:dd:93:c6:13:27:49:fd:ea:
83:a2:36:ac:3d:3a:d1:a6:db:32:d1:45:36:54:0e:
6e:b5:be:e8:ba:f3:36:6a:f2:79:15:8f:1e:9a:6f:
5a:de:8f:8f:ae:83:40:7c:a9:25:92:4a:30:7a:bb:
51:ce:77:52:d3:d3:e9:0e:3d:77:89:6c:86:ea:3f:
86:e5:b2:8e:97:a8:db:2b:d5:7c:50:50:49:a4:2c:
a7:e2:5e:3f:0d:48:a0:a5:f7:47:e1:76:6e:ac:cb:
2f:71:ef:66:db:a9:bc:e4:4e:d8:59:eb:6f:d7:df:
d2:cb:b6:c1:30:8e:e1:96:b9:8a:fb:e1:de:f6:66:
05:8d:84:cd:5c:f1:81:43:79:06:b4:37:28:4e:da:
ed:53:12:85:8f:8e:b4:b5:27:0e:23:b6:92:d6:7c:
64:5a:a2:ab:8a:d5:73:86:71:21:43:56:b3:91:74:
4c:69:16:7a:ce:71:6b:bd:cc:37:86:7f:bd:73:fa:
92:ec:15:1a:4b:2c:9f:d4:3a:4a:b8:e2:01:5d:c9:
05:d2:86:bf:7c:11:d3:d3:8c:bc:c0:42:2b:ad:db:
6b:62:52:bd:bc:8f:b3:4f:9c:14:4a:30:17:1e:02:
80:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:CA:24:BD:35:6A:BF:11:A1:E9:31:E5:B3:B1:C3:AD:EA:64:8F:33
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/VcokvTVqvxGh6THls7HDrepkjzM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0:2000::/36
Signature Algorithm: sha256WithRSAEncryption
3c:03:98:f2:1a:13:b4:83:0c:d3:01:2e:25:1e:fa:e9:16:dc:
1b:3d:a0:69:a3:39:59:76:40:08:2f:17:1b:d2:10:20:a9:51:
08:a4:66:1b:b2:86:74:3c:c0:4e:95:43:45:2a:90:6b:87:35:
49:6f:b8:8a:c4:2e:e6:61:ae:dd:f1:e6:4e:cb:d3:6d:02:8c:
49:cb:dd:26:56:7a:8b:b0:92:7b:0e:69:28:23:e3:7a:db:56:
ce:7d:8b:a0:5c:40:0b:1f:56:98:53:48:56:3a:79:3f:14:f8:
05:da:31:01:03:08:ba:21:9e:28:25:f6:5a:43:a8:26:9a:2f:
ab:0e:93:83:ee:ba:3b:5c:37:b5:9c:b9:59:b9:75:c3:95:76:
f5:05:e4:ce:f2:39:67:97:63:14:90:96:a2:9f:f1:9a:fd:74:
05:e8:44:30:4b:cf:7b:4b:5e:25:ba:dd:79:f3:2b:1e:c9:fd:
e1:ee:0a:90:a1:62:e1:0a:f2:d9:8d:fb:f7:5a:cd:66:67:87:
39:11:3e:a0:2e:e5:7f:b4:e8:5a:e1:7e:d4:05:2f:24:81:be:
9b:b6:2d:a9:33:71:47:91:4b:53:a3:9b:2a:1a:73:a6:82:86:
76:b3:2c:61:75:6a:43:18:f6:bd:64:5b:a2:69:14:26:55:91:
bb:58:b1:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yMjA5MTUw
MjM1MDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU1Q0EyNEJEMzU2QUJG
MTFBMUU5MzFFNUIzQjFDM0FERUE2NDhGMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+YeZMv+dYlVFHZHn28XXZjJGh4j/dk8YTJ0n96oOiNqw9OtGm
2zLRRTZUDm61vui68zZq8nkVjx6ab1rej4+ug0B8qSWSSjB6u1HOd1LT0+kOPXeJ
bIbqP4blso6XqNsr1XxQUEmkLKfiXj8NSKCl90fhdm6syy9x72bbqbzkTthZ62/X
39LLtsEwjuGWuYr74d72ZgWNhM1c8YFDeQa0NyhO2u1TEoWPjrS1Jw4jtpLWfGRa
oquK1XOGcSFDVrORdExpFnrOcWu9zDeGf71z+pLsFRpLLJ/UOkq44gFdyQXShr98
EdPTjLzAQiut22tiUr28j7NPnBRKMBceAoALAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUVcokvTVqvxGh6THls7HDrepkjzMwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL1Zjb2t2VFZxdnhHaDZUSGxz
N0hEcmVwa2p6TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk
AZXAIDANBgkqhkiG9w0BAQsFAAOCAQEAPAOY8hoTtIMM0wEuJR766RbcGz2gaaM5
WXZACC8XG9IQIKlRCKRmG7KGdDzATpVDRSqQa4c1SW+4isQu5mGu3fHmTsvTbQKM
ScvdJlZ6i7CSew5pKCPjettWzn2LoFxACx9WmFNIVjp5PxT4BdoxAQMIuiGeKCX2
WkOoJpovqw6Tg+66O1w3tZy5Wbl1w5V29QXkzvI5Z5djFJCWop/xmv10BehEMEvP
e0teJbrdefMrHsn94e4KkKFi4Qry2Y3791rNZmeHORE+oC7lf7ToWuF+1AUvJIG+
m7YtqTNxR5FLU6ObKhpzpoKGdrMsYXVqQxj2vWRbomkUJlWRu1ix9A==
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:28:15 2023 by rpki-client on console-fra.rpki-client.org