Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/hmMoUoVKs9cLTrZqvf262XsmGQc.roa
File: hmMoUoVKs9cLTrZqvf262XsmGQc.roa (raw, json)
Hash identifier: KJdPad08HjJJlxtdToFvzng9LwXnu67KfbDimmewbnU=
Subject key identifier: 86:63:28:52:85:4A:B3:D7:0B:4E:B6:6A:BD:FD:BA:D9:7B:26:19:07
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0A54
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/hmMoUoVKs9cLTrZqvf262XsmGQc.roa
Signing time: Thu 15 Sep 2022 02:51:08 +0000
ROA not before: Thu 15 Sep 2022 02:51:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 211622
IP address blocks: 2403:7f40:e000::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2644 (0xa54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 15 02:51:08 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=86632852854AB3D70B4EB66ABDFDBAD97B261907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5c:5b:a3:3d:c9:36:10:38:36:3d:ba:22:80:
c2:16:d1:82:2c:09:6b:7d:1c:28:d9:e1:d4:a5:dd:
06:4e:ff:26:1f:9d:46:d8:c8:df:ad:3f:ca:29:6a:
ab:da:b1:be:ad:25:ab:05:24:96:51:86:36:45:a2:
9d:74:5e:90:90:65:e9:9e:a5:fd:67:00:15:30:47:
25:0b:f9:03:f2:ef:53:19:84:74:0c:7b:e8:37:5a:
72:9c:5b:d3:24:c6:4f:30:b3:3c:c8:98:97:89:6c:
31:54:26:f9:5a:1c:a6:29:e1:35:31:60:76:a9:eb:
be:5e:64:9b:26:64:f0:5a:53:66:d9:35:74:c2:f2:
6e:d1:d1:36:d0:0a:e0:ba:0d:d0:2e:d7:60:06:ca:
7e:25:86:aa:2e:3e:88:1c:8d:21:e1:97:1a:8f:2d:
16:cb:f6:28:76:f5:71:16:65:83:13:ac:da:65:62:
be:b5:18:81:5f:a5:ef:61:f9:e1:ca:9b:70:10:5f:
ed:92:13:26:af:0e:5a:75:be:a6:e8:85:5d:5c:1b:
36:71:80:d5:06:87:f2:01:f1:c3:a2:2b:5d:29:6c:
74:84:2d:03:b5:16:d1:cc:f2:e5:b6:75:4f:e4:de:
f5:ac:47:42:a3:51:db:ab:50:e5:77:06:1e:6b:36:
27:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:63:28:52:85:4A:B3:D7:0B:4E:B6:6A:BD:FD:BA:D9:7B:26:19:07
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/hmMoUoVKs9cLTrZqvf262XsmGQc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e000::/48
Signature Algorithm: sha256WithRSAEncryption
03:5b:4d:89:89:2b:78:75:41:3a:e5:3d:a7:fb:84:fe:fb:23:
65:67:7c:5b:84:53:36:ab:ba:7b:71:5f:32:38:2e:ea:1c:16:
09:14:09:8c:34:e9:c0:48:bc:6d:7c:d6:84:97:b5:10:b8:80:
24:02:0f:b8:f2:97:9e:40:ec:cc:ff:7e:f5:c8:3e:2a:98:62:
d7:2f:c9:e5:d8:ed:ce:7f:60:f5:7e:90:a7:2b:df:65:4c:f9:
a0:6c:16:ee:13:cc:26:5d:f2:90:48:23:a5:62:90:10:7f:15:
67:80:b4:0a:35:02:c9:8f:86:f8:8a:00:8f:60:2c:55:4a:29:
8d:ae:9d:cc:67:26:0c:9e:1d:0f:c6:4a:4d:48:f4:f2:45:5e:
d2:38:66:14:5f:ef:1e:fb:d6:e1:d7:b9:77:d3:15:7a:0f:a6:
35:68:05:6c:23:b4:bb:e7:3c:1d:11:a0:a6:43:ef:bd:f2:14:
c8:57:60:22:01:66:8b:21:54:de:25:45:a2:02:d3:b1:43:d7:
ee:b2:ed:6b:46:fb:2d:a7:6a:68:43:00:61:3e:a2:90:7a:2c:
39:0f:c5:08:9e:08:8d:c4:fe:a4:ea:20:cc:fd:ff:e0:54:c7:
a9:59:bb:57:a1:d4:62:87:c3:4e:d9:58:e7:98:4c:ff:9d:01:
03:15:98:36
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICClQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMjA5MTUw
MjUxMDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg2NjMyODUyODU0QUIz
RDcwQjRFQjY2QUJERkRCQUQ5N0IyNjE5MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiXFujPck2EDg2PboigMIW0YIsCWt9HCjZ4dSl3QZO/yYfnUbY
yN+tP8opaqvasb6tJasFJJZRhjZFop10XpCQZemepf1nABUwRyUL+QPy71MZhHQM
e+g3WnKcW9Mkxk8wszzImJeJbDFUJvlaHKYp4TUxYHap675eZJsmZPBaU2bZNXTC
8m7R0TbQCuC6DdAu12AGyn4lhqouPogcjSHhlxqPLRbL9ih29XEWZYMTrNplYr61
GIFfpe9h+eHKm3AQX+2SEyavDlp1vqbohV1cGzZxgNUGh/IB8cOiK10pbHSELQO1
FtHM8uW2dU/k3vWsR0KjUdurUOV3Bh5rNic1AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUhmMoUoVKs9cLTrZqvf262XsmGQcwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL2htTW9Vb1ZLczljTFRyWnF2ZjI2Mlhz
bUdRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw
DQYJKoZIhvcNAQELBQADggEBAANbTYmJK3h1QTrlPaf7hP77I2VnfFuEUzaruntx
XzI4LuocFgkUCYw06cBIvG181oSXtRC4gCQCD7jyl55A7Mz/fvXIPiqYYtcvyeXY
7c5/YPV+kKcr32VM+aBsFu4TzCZd8pBII6VikBB/FWeAtAo1AsmPhviKAI9gLFVK
KY2uncxnJgyeHQ/GSk1I9PJFXtI4ZhRf7x771uHXuXfTFXoPpjVoBWwjtLvnPB0R
oKZD773yFMhXYCIBZoshVN4lRaIC07FD1+6y7WtG+y2namhDAGE+opB6LDkPxQie
CI3E/qTqIMz9/+BUx6lZu1eh1GKHw07ZWOeYTP+dAQMVmDY=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:53:19 2023 by rpki-client on console-ams.rpki-client.org