Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/GebKH2ycaNB1-sNyKG_vXW44iGg.roa
File: GebKH2ycaNB1-sNyKG_vXW44iGg.roa (raw, json)
Hash identifier: Jh2d4xU1wgovIPBkPbe9w/hydHCkQ3b5GzbZZDrCbZg=
Subject key identifier: 19:E6:CA:1F:6C:9C:68:D0:75:FA:C3:72:28:6F:EF:5D:6E:38:88:68
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0A54
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/GebKH2ycaNB1-sNyKG_vXW44iGg.roa
Signing time: Thu 15 Sep 2022 02:51:09 +0000
ROA not before: Thu 15 Sep 2022 02:51:09 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131639
IP address blocks: 2403:7f40:f000::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2644 (0xa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 15 02:51:09 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=19E6CA1F6C9C68D075FAC372286FEF5D6E388868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:91:7d:4f:e9:f7:83:18:aa:46:eb:3c:3a:6d:
fa:d1:2d:2d:df:d6:21:8d:fa:c8:41:33:48:2d:50:
18:45:27:c0:f4:40:22:03:df:f9:d2:87:37:bb:30:
bb:91:08:01:a4:f1:39:63:85:1c:68:0d:b9:4f:a3:
67:cb:c5:2d:0d:a9:12:5e:21:17:0c:84:32:fc:94:
84:ba:9e:7d:63:db:54:a1:cb:16:ce:1c:5f:60:89:
8b:ad:94:0c:de:a6:04:54:12:d8:d8:95:3f:90:6e:
5e:b7:09:03:58:c3:f7:39:df:95:35:ac:4d:04:63:
83:ea:64:a4:8d:0e:5e:49:61:34:d7:85:0d:44:f6:
67:65:99:7a:2d:d5:2d:01:ac:ac:46:f7:5c:ee:bf:
8d:e4:f6:f5:75:3f:65:09:ea:7e:c8:0f:b1:38:d7:
c9:d3:41:20:f9:53:c4:6f:70:7e:f2:25:a0:59:91:
94:f1:56:78:68:ac:11:67:92:61:70:d5:6e:9e:04:
4b:54:08:17:12:fa:60:04:82:6d:06:fa:3c:eb:99:
01:fd:25:69:03:51:14:0f:17:b9:f5:ba:a1:8e:02:
ee:a3:a6:05:50:26:14:a2:97:bb:d2:af:4e:64:81:
6f:87:cb:c7:89:6b:39:3b:05:21:01:42:c8:dc:76:
e9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E6:CA:1F:6C:9C:68:D0:75:FA:C3:72:28:6F:EF:5D:6E:38:88:68
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/GebKH2ycaNB1-sNyKG_vXW44iGg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:f000::/48
Signature Algorithm: sha256WithRSAEncryption
5c:0c:77:3b:39:90:50:40:bd:7b:d4:da:6b:01:be:7c:86:8e:
60:bb:c5:0c:bf:80:34:e2:8b:f2:18:a2:aa:2f:b1:8a:18:f0:
90:7d:6f:73:c6:ed:da:85:70:ce:60:5b:80:af:51:85:1b:ff:
9e:55:da:b3:c1:9f:0a:8e:af:de:90:5d:af:bd:b7:ab:48:36:
ec:e6:b0:cc:f0:82:f0:50:b0:1b:7b:d1:b6:c7:42:6e:ae:5e:
90:48:a9:ed:81:a8:c0:b0:cf:c8:54:a9:92:f9:c5:f3:e9:c1:
48:36:bf:b4:f2:73:f0:72:fc:10:48:cc:00:31:76:7d:ff:3f:
1e:4b:b6:25:45:67:48:32:24:db:c9:da:8c:26:2a:01:9b:75:
7a:ee:b5:7b:40:62:e6:c9:5a:55:7a:a0:fe:5f:ed:1f:f9:15:
d3:d9:5f:81:49:dd:e7:48:b2:86:71:fa:8a:09:86:18:8d:9d:
54:7f:97:67:f6:e9:78:10:af:f1:a2:3f:27:c3:96:25:4b:2f:
18:66:13:76:b2:a7:8a:4f:4b:d1:5f:d2:9c:2c:5a:e5:ff:d7:
ea:e1:cc:09:e3:aa:d5:e6:13:59:62:1e:68:88:20:2b:59:5c:
71:7d:10:fb:bb:1e:ad:36:0d:6f:ce:8c:cc:39:cb:51:9d:48:
9e:f5:e1:7f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICClQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMjA5MTUw
MjUxMDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDE5RTZDQTFGNkM5QzY4
RDA3NUZBQzM3MjI4NkZFRjVENkUzODg4NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUkX1P6feDGKpG6zw6bfrRLS3f1iGN+shBM0gtUBhFJ8D0QCID
3/nShze7MLuRCAGk8TljhRxoDblPo2fLxS0NqRJeIRcMhDL8lIS6nn1j21ShyxbO
HF9giYutlAzepgRUEtjYlT+Qbl63CQNYw/c535U1rE0EY4PqZKSNDl5JYTTXhQ1E
9mdlmXot1S0BrKxG91zuv43k9vV1P2UJ6n7ID7E418nTQSD5U8RvcH7yJaBZkZTx
VnhorBFnkmFw1W6eBEtUCBcS+mAEgm0G+jzrmQH9JWkDURQPF7n1uqGOAu6jpgVQ
JhSil7vSr05kgW+Hy8eJazk7BSEBQsjcdunVAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUGebKH2ycaNB1+sNyKG/vXW44iGgwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0dlYktIMnljYU5CMS1zTnlLR192WFc0
NGlHZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw
DQYJKoZIhvcNAQELBQADggEBAFwMdzs5kFBAvXvU2msBvnyGjmC7xQy/gDTii/IY
oqovsYoY8JB9b3PG7dqFcM5gW4CvUYUb/55V2rPBnwqOr96QXa+9t6tINuzmsMzw
gvBQsBt70bbHQm6uXpBIqe2BqMCwz8hUqZL5xfPpwUg2v7Tyc/By/BBIzAAxdn3/
Px5LtiVFZ0gyJNvJ2owmKgGbdXrutXtAYubJWlV6oP5f7R/5FdPZX4FJ3edIsoZx
+ooJhhiNnVR/l2f26XgQr/GiPyfDliVLLxhmE3ayp4pPS9Ff0pwsWuX/1+rhzAnj
qtXmE1liHmiIICtZXHF9EPu7Hq02DW/OjMw5y1GdSJ714X8=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:19 2023 by rpki-client on console-ams.rpki-client.org