Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
File: _341pcy2DC-JGK4FABQTP5hs5r4.roa (raw, json)
Hash identifier: QF5nhMVcobQbdq7O1T18JCu1JX8BAFisvyJJTDNCUf0=
Subject key identifier: FF:7E:35:A5:CC:B6:0C:2F:89:18:AE:05:00:14:13:3F:98:6C:E6:BE
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0862
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
Signing time: Mon 26 Aug 2024 05:24:10 +0000
ROA not before: Mon 26 Aug 2024 05:24:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 2405:cdc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 21 Sep 2024 19:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2146 (0x862)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Aug 26 05:24:10 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FF7E35A5CCB60C2F8918AE050014133F986CE6BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ee:5f:a0:b5:90:c9:b1:02:1b:da:54:86:ce:
00:2f:48:43:d8:79:ef:ea:c0:ee:d2:6a:97:13:14:
c4:26:2d:0e:23:e3:f6:92:5f:8e:95:ed:8c:04:e0:
ec:0c:62:4a:c6:a3:7e:6d:90:57:1e:63:09:37:63:
03:71:d3:41:69:08:6a:f9:49:63:f8:22:5a:4c:f0:
96:93:cb:08:9c:98:81:95:28:e8:fe:00:d5:87:0a:
e1:24:7e:c5:9f:f6:aa:c0:ad:0d:68:92:69:c1:b0:
c9:8f:91:57:d1:e7:84:14:ec:e3:9e:82:c9:ce:00:
3a:af:db:51:73:39:8c:ff:29:9a:e5:18:6c:ab:74:
83:07:77:9f:32:b1:03:34:66:4b:f8:ad:75:94:d2:
59:5b:4c:f9:cd:a5:f8:70:eb:ab:9a:d0:a8:7b:94:
32:5b:22:df:5b:64:1f:b7:54:37:99:4c:c6:69:40:
6b:9b:67:14:f7:83:60:43:7b:b2:7b:4b:50:e7:c5:
1b:7f:4f:a2:74:00:a9:95:60:52:ac:b7:27:8a:06:
01:86:63:b6:62:9e:f4:31:54:5f:8c:33:53:20:52:
7d:3f:73:fc:66:59:df:f7:e3:28:26:3e:3f:76:0d:
20:15:fa:67:40:28:45:e8:b0:5a:30:cb:12:96:b3:
fb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7E:35:A5:CC:B6:0C:2F:89:18:AE:05:00:14:13:3F:98:6C:E6:BE
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/_341pcy2DC-JGK4FABQTP5hs5r4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:77:c7:3c:60:83:0e:4e:7f:73:b0:30:0f:3e:b0:51:95:bf:
fe:14:a2:94:ae:b5:f9:14:df:17:cb:64:95:7b:e5:96:ea:d8:
fc:45:f5:46:95:bc:41:12:99:d0:88:d3:ae:8f:1a:06:32:d3:
8a:87:c7:98:a6:8e:9e:5e:ed:e1:02:b5:b6:8d:d5:3e:6a:20:
fa:91:a7:52:2b:7d:a1:02:89:bb:b9:0e:59:8b:88:e9:da:9a:
7a:ae:d6:67:5c:27:98:c4:ac:3f:f1:f7:97:9b:bf:70:2b:7e:
a2:1c:0c:ee:e5:15:8a:75:7e:d0:8d:70:58:b0:3f:e1:62:4e:
47:45:a8:39:35:68:57:b0:50:b2:cd:fe:91:1d:1a:8e:f8:48:
31:31:2e:b1:3d:a9:0e:dc:8c:3f:a7:02:e6:8e:a5:1a:b9:18:
e3:7a:bf:3d:42:23:57:b1:60:ec:6d:49:85:6a:09:b0:f0:1d:
2d:8c:81:4a:f5:03:9b:c0:da:a9:2d:32:06:d9:3b:c5:83:a5:
ab:16:f7:36:59:b1:02:2b:11:9d:11:b5:85:e1:cc:cd:76:50:
1d:76:fb:fc:67:12:49:ec:f9:79:53:64:44:d3:48:f8:54:78:
15:36:63:d9:78:b9:55:dd:fb:28:60:9d:2c:19:fa:0d:c8:6a:
f9:bf:34:a5
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNDA4MjYw
NTI0MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZGN0UzNUE1Q0NCNjBD
MkY4OTE4QUUwNTAwMTQxMzNGOTg2Q0U2QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi7l+gtZDJsQIb2lSGzgAvSEPYee/qwO7SapcTFMQmLQ4j4/aS
X46V7YwE4OwMYkrGo35tkFceYwk3YwNx00FpCGr5SWP4IlpM8JaTywicmIGVKOj+
ANWHCuEkfsWf9qrArQ1okmnBsMmPkVfR54QU7OOegsnOADqv21FzOYz/KZrlGGyr
dIMHd58ysQM0Zkv4rXWU0llbTPnNpfhw66ua0Kh7lDJbIt9bZB+3VDeZTMZpQGub
ZxT3g2BDe7J7S1DnxRt/T6J0AKmVYFKstyeKBgGGY7ZinvQxVF+MM1MgUn0/c/xm
Wd/34ygmPj92DSAV+mdAKEXosFowyxKWs/ulAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU/341pcy2DC+JGK4FABQTP5hs5r4wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL18zNDFwY3kyREMtSkdLNEZBQlFUUDVo
czVyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBc3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCpd8c8YIMOTn9zsDAPPrBRlb/+FKKUrrX5FN8Xy2SV
e+WW6tj8RfVGlbxBEpnQiNOujxoGMtOKh8eYpo6eXu3hArW2jdU+aiD6kadSK32h
Aom7uQ5Zi4jp2pp6rtZnXCeYxKw/8feXm79wK36iHAzu5RWKdX7QjXBYsD/hYk5H
Rag5NWhXsFCyzf6RHRqO+EgxMS6xPakO3Iw/pwLmjqUauRjjer89QiNXsWDsbUmF
agmw8B0tjIFK9QObwNqpLTIG2TvFg6WrFvc2WbECKxGdEbWF4czNdlAddvv8ZxJJ
7Pl5U2RE00j4VHgVNmPZeLlV3fsoYJ0sGfoNyGr5vzSl
-----END CERTIFICATE-----
Generated at Sat Sep 21 21:00:10 2024 by rpki-client on console-ams.rpki-client.org