Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/mUHldt19UjWok-JIPO65yAxw3yA.roa
File: mUHldt19UjWok-JIPO65yAxw3yA.roa (raw, json)
Hash identifier: NM6aiTKD8+V4sNs6mPRgtkNn2IZf6kNkxp0sMNfuPo8=
Subject key identifier: 99:41:E5:76:DD:7D:52:35:A8:93:E2:48:3C:EE:B9:C8:0C:70:DF:20
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0A61
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/mUHldt19UjWok-JIPO65yAxw3yA.roa
Signing time: Thu 15 Sep 2022 02:38:33 +0000
ROA not before: Thu 15 Sep 2022 02:38:33 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131590
IP address blocks: 2400:c780:fffe:1d03::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2657 (0xa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Sep 15 02:38:33 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9941E576DD7D5235A893E2483CEEB9C80C70DF20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:84:a5:86:03:28:f1:42:62:26:fd:af:eb:be:
29:18:2a:42:ad:75:f4:62:71:55:55:a7:8f:de:0e:
00:03:69:6a:b9:80:90:af:4c:52:9d:4d:90:eb:69:
0e:be:2b:ed:97:a8:95:4d:22:05:2e:2f:a8:78:71:
16:5e:25:fc:b1:7c:09:82:17:fa:bc:cd:a3:42:7f:
8c:08:fc:88:09:9a:3e:88:66:d9:88:43:42:07:9e:
6e:bd:55:d4:10:0d:49:b9:6a:df:2e:08:90:ef:65:
7f:f5:b0:dd:a7:31:8c:0f:48:38:11:83:a9:e4:de:
2e:6d:64:6a:e3:9b:aa:71:4b:0b:d5:79:d4:3c:56:
77:5f:72:de:3f:d2:1e:a8:1f:46:50:f1:ed:c9:c4:
4c:7e:46:b8:d2:43:99:02:48:8c:97:cf:0d:cc:ac:
95:7c:80:cd:c1:89:4a:dc:9d:00:52:84:9e:3f:ff:
27:8c:30:e8:f7:02:ae:67:76:27:e0:8b:cf:b1:a1:
d3:d6:fc:bb:3e:81:ff:66:dd:06:83:6c:ec:b3:9f:
2f:27:48:4c:ad:7b:d5:cd:49:93:51:34:6e:b3:62:
d3:05:b7:07:21:3a:61:e7:c9:b4:c6:f1:69:38:61:
da:bb:00:8d:42:6e:43:e3:e3:bf:64:25:1c:13:8a:
27:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:41:E5:76:DD:7D:52:35:A8:93:E2:48:3C:EE:B9:C8:0C:70:DF:20
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/mUHldt19UjWok-JIPO65yAxw3yA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:c780:fffe:1d03::/64
Signature Algorithm: sha256WithRSAEncryption
5f:70:06:6a:83:58:3a:d2:b7:67:e6:76:a0:92:df:6c:92:1e:
06:c0:fa:e0:72:4f:d4:aa:58:89:c3:f8:ca:e6:57:2c:dd:e5:
ec:1c:d7:d6:12:f2:97:9a:b0:a6:61:90:c4:e7:2d:bf:21:90:
17:3e:de:40:1b:3c:ad:be:d9:f4:d4:26:0f:fd:37:20:2d:39:
69:da:90:9f:0a:74:57:2e:ca:05:04:13:5b:de:59:5a:18:28:
95:c1:f9:68:9a:2e:86:1a:fb:27:51:90:3b:d8:d0:8d:cb:36:
38:4d:0c:02:4e:e9:91:f4:09:b9:bf:ac:8c:87:e9:1a:5c:1e:
ba:a2:8b:c8:fd:f7:4c:5f:b8:20:67:4c:9e:3f:ae:32:de:6d:
f6:d1:c5:9d:50:3b:4d:cb:e3:25:c4:27:f0:14:9f:41:eb:21:
db:95:88:1d:1d:bd:a5:16:e1:88:b7:f0:7d:91:18:ba:b1:ef:
72:c9:ad:2a:55:c2:fc:b7:47:76:be:96:82:a2:9b:ef:78:e3:
92:54:ca:36:c2:32:2e:b0:d2:06:44:c1:50:97:17:db:12:85:
d5:ac:ce:0c:60:dc:85:07:9a:00:71:da:e6:e1:f2:c3:91:33:
e0:a6:c4:88:ab:48:1a:f8:e6:2b:4b:4a:11:a5:a0:92:a5:6b:
03:96:4f:8d
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yMjA5MTUw
MjM4MzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDk5NDFFNTc2REQ3RDUy
MzVBODkzRTI0ODNDRUVCOUM4MEM3MERGMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqhKWGAyjxQmIm/a/rvikYKkKtdfRicVVVp4/eDgADaWq5gJCv
TFKdTZDraQ6+K+2XqJVNIgUuL6h4cRZeJfyxfAmCF/q8zaNCf4wI/IgJmj6IZtmI
Q0IHnm69VdQQDUm5at8uCJDvZX/1sN2nMYwPSDgRg6nk3i5tZGrjm6pxSwvVedQ8
Vndfct4/0h6oH0ZQ8e3JxEx+RrjSQ5kCSIyXzw3MrJV8gM3BiUrcnQBShJ4//yeM
MOj3Aq5ndifgi8+xodPW/Ls+gf9m3QaDbOyzny8nSEyte9XNSZNRNG6zYtMFtwch
OmHnybTG8Wk4Ydq7AI1CbkPj479kJRwTiic1AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUmUHldt19UjWok+JIPO65yAxw3yAwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL21VSGxkdDE5VWpXb2stSklQTzY1eUF4
dzN5QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgACMAsDCQAkAMeA//4d
AzANBgkqhkiG9w0BAQsFAAOCAQEAX3AGaoNYOtK3Z+Z2oJLfbJIeBsD64HJP1KpY
icP4yuZXLN3l7BzX1hLyl5qwpmGQxOctvyGQFz7eQBs8rb7Z9NQmD/03IC05adqQ
nwp0Vy7KBQQTW95ZWhgolcH5aJouhhr7J1GQO9jQjcs2OE0MAk7pkfQJub+sjIfp
GlweuqKLyP33TF+4IGdMnj+uMt5t9tHFnVA7TcvjJcQn8BSfQesh25WIHR29pRbh
iLfwfZEYurHvcsmtKlXC/LdHdr6WgqKb73jjklTKNsIyLrDSBkTBUJcX2xKF1azO
DGDchQeaAHHa5uHyw5Ez4KbEiKtIGvjmK0tKEaWgkqVrA5ZPjQ==
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:18 2023 by rpki-client on console-ams.rpki-client.org