Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUCD/aJz6SLKAHB2_mBCbcLut7-Zn5H0.roa
File: aJz6SLKAHB2_mBCbcLut7-Zn5H0.roa (raw, json)
Hash identifier: e5JDDqZNjDsCGgLzbm0Xl1rVg0UUH3ZKEUmxbUDHtQw=
Subject key identifier: 68:9C:FA:48:B2:80:1C:1D:BF:98:10:9B:70:BB:AD:EF:E6:67:E4:7D
Certificate issuer: /CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Certificate serial: EB
Authority key identifier: 35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/aJz6SLKAHB2_mBCbcLut7-Zn5H0.roa
Signing time: Fri 23 Feb 2024 15:31:33 +0000
ROA not before: Fri 23 Feb 2024 15:31:33 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2400:ebe0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 00:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235 (0xeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Validity
Not Before: Feb 23 15:31:33 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=689CFA48B2801C1DBF98109B70BBADEFE667E47D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:31:08:07:dc:6e:8f:bd:0f:57:13:40:63:34:
bb:2d:a6:f9:57:03:db:da:06:17:8e:ce:22:26:60:
c9:31:ef:d2:6b:ec:ba:c0:01:93:12:de:80:25:76:
d7:d0:86:5b:15:f0:99:90:e6:7d:5b:a1:bb:55:3b:
05:7c:df:d4:45:65:5b:53:61:22:df:22:4a:f5:8c:
30:32:9e:0b:7a:af:fd:03:cd:4a:11:85:17:60:f8:
29:83:74:86:2b:a4:40:f1:41:24:e6:7d:1c:30:32:
18:75:ab:fd:3d:09:2b:13:c3:41:df:a1:8d:b5:1b:
77:c6:c1:81:4b:cd:ad:4e:98:3a:86:8b:46:e2:fb:
ef:cb:0d:3a:89:16:aa:5f:d6:26:5f:f6:1d:88:63:
65:e1:1d:42:f4:e0:dd:b6:47:14:b6:99:af:7e:62:
51:03:89:f8:65:cb:03:38:7f:72:b4:87:14:6c:96:
64:39:07:40:6d:44:9e:55:c5:84:7d:cb:be:84:ca:
33:0e:67:3b:3d:24:71:8f:6e:89:ba:ca:07:ca:1c:
e2:9e:59:8b:e3:3d:51:a9:22:00:99:e6:4d:17:76:
e4:39:46:6e:87:2a:45:d7:bd:8c:c8:9b:ef:c1:60:
3e:3f:2d:1b:de:df:3f:78:25:13:27:98:f4:24:73:
cd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9C:FA:48:B2:80:1C:1D:BF:98:10:9B:70:BB:AD:EF:E6:67:E4:7D
X509v3 Authority Key Identifier:
keyid:35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/NdY_KFQm2dVyCdQsRrkSWyOnjsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/aJz6SLKAHB2_mBCbcLut7-Zn5H0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:ebe0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:98:e1:f5:5b:21:94:5b:8f:1a:f1:b0:bf:8d:3b:20:55:b0:
90:8b:b1:fc:aa:2b:2b:72:09:22:a6:ee:f6:e8:f5:20:0b:7b:
fe:62:fa:8c:6b:9b:ac:22:08:46:15:55:61:11:a2:0d:b5:75:
bb:50:7f:cd:ca:bc:b3:f3:84:52:0c:5f:72:ce:7c:c5:b6:37:
d8:54:cf:51:c0:f5:f5:51:55:03:6a:9a:cf:57:c5:47:a9:c3:
5a:01:22:c1:c5:04:d9:41:9c:28:98:0d:a6:3b:19:96:2f:d4:
31:e9:1d:66:fd:82:23:cc:84:5d:8b:73:1a:c8:bf:9a:5e:e0:
96:3e:87:96:12:82:a1:d8:6b:c4:5a:73:3e:0f:a3:ce:ca:6a:
69:d0:57:f0:b5:48:4b:eb:33:02:8f:5a:88:e8:e8:10:d8:d4:
49:f1:0e:bb:6d:67:08:2e:ec:bd:85:f5:9b:ef:e7:05:09:a9:
a4:b3:59:70:ec:95:3b:58:2b:6a:85:49:be:ec:42:08:2a:e7:
ca:60:a6:e5:e3:e2:bf:f2:8d:88:57:f8:30:e6:8d:2c:85:9b:
84:6b:33:46:70:48:c0:89:41:00:fe:f8:a5:2c:6d:af:d4:43:
fd:e5:9f:93:87:ca:25:a1:75:00:70:9d:09:fd:af:ff:78:ee:
08:8e:33:be
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICAOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
NjNGMjg1NDI2RDlENTcyMDlENDJDNDZCOTEyNUIyM0E3OEVDMTAeFw0yNDAyMjMx
NTMxMzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY4OUNGQTQ4QjI4MDFD
MURCRjk4MTA5QjcwQkJBREVGRTY2N0U0N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsMQgH3G6PvQ9XE0BjNLstpvlXA9vaBheOziImYMkx79Jr7LrA
AZMS3oAldtfQhlsV8JmQ5n1bobtVOwV839RFZVtTYSLfIkr1jDAyngt6r/0DzUoR
hRdg+CmDdIYrpEDxQSTmfRwwMhh1q/09CSsTw0HfoY21G3fGwYFLza1OmDqGi0bi
++/LDTqJFqpf1iZf9h2IY2XhHUL04N22RxS2ma9+YlEDifhlywM4f3K0hxRslmQ5
B0BtRJ5VxYR9y76EyjMOZzs9JHGPbom6ygfKHOKeWYvjPVGpIgCZ5k0XduQ5Rm6H
KkXXvYzIm+/BYD4/LRve3z94JRMnmPQkc81jAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUaJz6SLKAHB2/mBCbcLut7+Zn5H0wHwYDVR0jBBgwFoAUNdY/KFQm2dVyCdQs
RrkSWyOnjsEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVDRC9O
ZFlfS0ZRbTJkVnlDZFFzUnJrU1d5T25qc0UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05kWV9LRlFtMmRWeUNkUXNScmtTV3lPbmpzRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RVQ0QvYUp6NlNMS0FIQjJfbUJDYmNMdXQ3
LVpuNUgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQA6+Aw
DQYJKoZIhvcNAQELBQADggEBAJyY4fVbIZRbjxrxsL+NOyBVsJCLsfyqKytyCSKm
7vbo9SALe/5i+oxrm6wiCEYVVWERog21dbtQf83KvLPzhFIMX3LOfMW2N9hUz1HA
9fVRVQNqms9XxUepw1oBIsHFBNlBnCiYDaY7GZYv1DHpHWb9giPMhF2LcxrIv5pe
4JY+h5YSgqHYa8Racz4Po87KamnQV/C1SEvrMwKPWojo6BDY1EnxDrttZwgu7L2F
9Zvv5wUJqaSzWXDslTtYK2qFSb7sQggq58pgpuXj4r/yjYhX+DDmjSyFm4RrM0Zw
SMCJQQD++KUsba/UQ/3ln5OHyiWhdQBwnQn9r/947giOM74=
-----END CERTIFICATE-----
Generated at Tue Mar 12 03:17:34 2024 by rpki-client on console-fra.rpki-client.org