Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XINYUN/2Xc3gnDMK3eg6RXhVLs2SD9Vgi0.roa
File: 2Xc3gnDMK3eg6RXhVLs2SD9Vgi0.roa (raw, json)
Hash identifier: 8Xa6ARduOPjD+kuNwhtSOHe1ggOwadHZTJWcDjRUI/o=
Subject key identifier: D9:77:37:82:70:CC:2B:77:A0:E9:15:E1:54:BB:36:48:3F:55:82:2D
Certificate issuer: /CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
Certificate serial: 0DA4
Authority key identifier: 84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/2Xc3gnDMK3eg6RXhVLs2SD9Vgi0.roa
Signing time: Thu 15 Sep 2022 02:41:40 +0000
ROA not before: Thu 15 Sep 2022 02:41:40 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 138145
IP address blocks: 2404:4fc0:a022::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3492 (0xda4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
Validity
Not Before: Sep 15 02:41:40 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D977378270CC2B77A0E915E154BB36483F55822D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a5:54:74:cb:a6:ee:0e:41:87:d1:1a:9d:9a:
2b:05:65:8e:ba:b0:8e:85:0b:64:8b:bb:74:32:74:
13:5c:ab:39:bc:f6:85:bc:8b:c9:7d:cb:6f:cf:c1:
94:66:62:71:6b:95:25:e1:07:e2:9a:e5:1a:4d:74:
27:f0:12:87:c6:22:97:22:c8:77:63:41:ec:f6:44:
da:80:68:1a:fa:7f:3b:62:86:34:e3:1e:53:76:ab:
2e:52:13:19:66:a9:b7:6c:3b:a8:96:57:fa:bc:30:
24:ad:9b:18:9b:9a:7d:22:89:02:35:b3:db:cf:68:
25:87:c0:c2:3b:51:bd:26:89:a0:ea:b0:03:84:c2:
64:51:da:16:42:59:cd:15:0b:2f:d5:90:65:78:9b:
75:7e:15:ad:1a:d8:01:11:3b:64:2e:bc:3d:0a:eb:
dd:58:c1:f4:64:e0:59:66:05:7d:7d:c4:ac:59:d5:
d7:5b:91:2f:e5:94:cf:ce:ec:c6:4d:79:c8:ce:f0:
ec:4a:3f:59:f4:97:4f:6c:4b:27:d8:2b:98:55:75:
e6:42:32:60:b8:b0:b6:6b:06:8c:82:ef:57:fe:71:
ee:38:67:5b:4f:18:9e:26:26:7a:47:59:2e:df:a1:
1f:6d:95:a6:28:a7:5d:ab:f0:6b:c3:14:6a:d8:bf:
d4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:77:37:82:70:CC:2B:77:A0:E9:15:E1:54:BB:36:48:3F:55:82:2D
X509v3 Authority Key Identifier:
keyid:84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/2Xc3gnDMK3eg6RXhVLs2SD9Vgi0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:4fc0:a022::/48
Signature Algorithm: sha256WithRSAEncryption
22:30:06:33:53:97:8c:51:de:83:56:51:bf:65:72:19:c4:97:
96:24:7c:c4:9c:db:c1:9c:d9:ee:46:95:f7:c9:24:96:1a:90:
2b:15:38:2d:ab:03:1b:72:cc:53:5b:a4:e7:05:ed:7f:d8:e8:
9a:b7:b2:51:51:ca:e6:ea:89:d6:d1:f5:ed:5c:6b:23:a1:9f:
79:1c:c6:a4:58:d7:7a:dc:cb:6b:0a:d2:0c:cf:0b:a0:b8:9b:
c0:16:56:72:f6:01:49:bb:86:5f:88:c3:8d:dc:b1:f0:81:68:
7d:c4:bc:f8:bd:93:eb:63:7d:5a:ab:1b:ea:e2:4e:b5:f2:3f:
89:83:d8:bd:c7:86:6b:f2:4d:0e:90:b1:d9:a6:3f:ad:f0:b9:
c9:da:5b:83:3b:7c:90:c9:f9:33:db:55:47:b9:c2:e9:51:52:
47:86:e8:a5:90:9b:08:9f:d8:64:95:e4:77:bb:d0:fb:fa:40:
d4:0c:26:b2:d1:6b:7f:2c:d0:cd:4a:5c:9e:b7:b9:eb:4f:13:
5d:ee:79:75:3f:20:4e:75:bf:20:60:d7:4b:43:fd:25:17:cf:
66:2c:fb:31:32:61:99:37:9f:24:cb:7b:a1:41:bb:bd:85:7e:
6d:14:f6:96:e1:a2:24:07:58:0b:d5:15:f6:f0:b7:ec:99:d4:
91:5a:3d:60
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODRG
ODUwQzA2NTFCNjk5RTE5MERDOUQ5N0NEMURFMzI2QzE2NEVDNTAeFw0yMjA5MTUw
MjQxNDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ5NzczNzgyNzBDQzJC
NzdBMEU5MTVFMTU0QkIzNjQ4M0Y1NTgyMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnpVR0y6buDkGH0RqdmisFZY66sI6FC2SLu3QydBNcqzm89oW8
i8l9y2/PwZRmYnFrlSXhB+Ka5RpNdCfwEofGIpciyHdjQez2RNqAaBr6fztihjTj
HlN2qy5SExlmqbdsO6iWV/q8MCStmxibmn0iiQI1s9vPaCWHwMI7Ub0miaDqsAOE
wmRR2hZCWc0VCy/VkGV4m3V+Fa0a2AERO2QuvD0K691YwfRk4FlmBX19xKxZ1ddb
kS/llM/O7MZNecjO8OxKP1n0l09sSyfYK5hVdeZCMmC4sLZrBoyC71f+ce44Z1tP
GJ4mJnpHWS7foR9tlaYop12r8GvDFGrYv9TrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2Xc3gnDMK3eg6RXhVLs2SD9Vgi0wHwYDVR0jBBgwFoAUhPhQwGUbaZ4ZDcnZ
fNHeMmwWTsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVO
L2hQaFF3R1ViYVo0WkRjblpmTkhlTW13V1RzVS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvaFBoUXdHVWJhWjRaRGNuWmZOSGVNbXdXVHNVLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVOLzJYYzNnbkRNSzNlZzZSWGhW
THMyU0Q5VmdpMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
BE/AoCIwDQYJKoZIhvcNAQELBQADggEBACIwBjNTl4xR3oNWUb9lchnEl5YkfMSc
28Gc2e5GlffJJJYakCsVOC2rAxtyzFNbpOcF7X/Y6Jq3slFRyubqidbR9e1cayOh
n3kcxqRY13rcy2sK0gzPC6C4m8AWVnL2AUm7hl+Iw43csfCBaH3EvPi9k+tjfVqr
G+riTrXyP4mD2L3HhmvyTQ6QsdmmP63wucnaW4M7fJDJ+TPbVUe5wulRUkeG6KWQ
mwif2GSV5He70Pv6QNQMJrLRa38s0M1KXJ63uetPE13ueXU/IE51vyBg10tD/SUX
z2Ys+zEyYZk3nyTLe6FBu72Ffm0U9pbhoiQHWAvVFfbwt+yZ1JFaPWA=
-----END CERTIFICATE-----
Generated at Fri Sep 1 10:47:16 2023 by rpki-client on console-fra.rpki-client.org