Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ZAT/YEnL2520YDUl6jIxCfnrudOVmto.roa
File: YEnL2520YDUl6jIxCfnrudOVmto.roa (raw, json)
Hash identifier: 8x2qE3Y+gjEkcZFrJbvCkkMBObXRQTMeecZOKPNL2AM=
Subject key identifier: 60:49:CB:DB:9D:B4:60:35:25:EA:32:31:09:F9:EB:B9:D3:95:9A:DA
Certificate issuer: /CN=41D608336CCF0EDFEA4A24614F1D7234884E8991
Certificate serial: F0
Authority key identifier: 41:D6:08:33:6C:CF:0E:DF:EA:4A:24:61:4F:1D:72:34:88:4E:89:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/QdYIM2zPDt_qSiRhTx1yNIhOiZE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/YEnL2520YDUl6jIxCfnrudOVmto.roa
Signing time: Fri 15 Nov 2024 15:52:57 +0000
ROA not before: Fri 15 Nov 2024 15:52:57 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18041
IP address blocks: 2401:55a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41D608336CCF0EDFEA4A24614F1D7234884E8991
Validity
Not Before: Nov 15 15:52:57 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=6049CBDB9DB4603525EA323109F9EBB9D3959ADA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:d1:ef:3f:88:38:9b:7d:e0:2c:fc:21:da:
bf:a3:4b:24:df:54:5b:0a:f6:9f:3e:c6:40:1a:c4:
72:a7:96:32:54:80:c0:bc:13:48:be:0b:f3:f6:35:
8d:7c:a0:04:8d:4d:d9:a0:4b:7e:a4:62:dd:7f:bb:
3b:08:d1:dc:17:6f:70:f1:be:2f:ce:87:1e:cb:3d:
42:18:18:4a:89:4a:b6:70:30:52:c1:32:12:9b:b2:
9e:21:5c:4d:ed:ca:88:64:10:42:34:36:d7:83:3b:
64:4e:27:08:c2:7a:c3:67:73:4a:f4:9a:d4:a1:ea:
f7:2e:e5:72:6d:4a:ee:3f:94:fe:14:7b:42:d3:ee:
f8:03:8f:d0:03:35:aa:dd:5a:06:59:9f:27:f7:84:
33:0c:8b:4e:9f:59:ee:35:35:9b:fc:89:b6:68:c0:
d5:e8:30:bb:28:46:ed:2b:1b:4c:f7:49:b2:c1:d7:
9c:0b:3e:4b:a8:19:d8:64:82:93:5f:2b:4c:b9:39:
aa:c2:ef:81:96:86:f3:ac:8a:7c:e5:c0:6a:e2:e3:
a0:63:de:6a:e7:b1:e3:82:a3:40:d8:62:23:86:60:
15:02:c4:5f:6f:2b:86:ff:6a:3d:f0:3e:02:b1:47:
08:e2:93:a8:56:4f:95:b5:db:48:25:22:ed:9b:8b:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:49:CB:DB:9D:B4:60:35:25:EA:32:31:09:F9:EB:B9:D3:95:9A:DA
X509v3 Authority Key Identifier:
keyid:41:D6:08:33:6C:CF:0E:DF:EA:4A:24:61:4F:1D:72:34:88:4E:89:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/QdYIM2zPDt_qSiRhTx1yNIhOiZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/QdYIM2zPDt_qSiRhTx1yNIhOiZE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZAT/YEnL2520YDUl6jIxCfnrudOVmto.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:55a0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:8b:ee:f0:6e:21:6a:8a:d7:51:5f:d3:c7:1a:b9:eb:d0:ce:
87:3b:c0:9e:e9:e8:ce:2e:57:24:53:1e:18:8e:31:51:2e:0f:
a2:a0:e7:15:05:3a:1d:a1:d7:42:8e:29:3b:50:28:2e:7a:49:
21:8c:21:cf:95:e0:21:77:d2:d3:f5:4e:ef:a3:3e:ce:90:ab:
94:dc:25:6e:06:fb:bd:e6:3b:36:7a:42:73:25:6e:81:61:55:
35:2f:34:02:e5:26:ba:52:61:db:b2:24:99:dd:98:cb:64:b5:
ec:81:f6:a1:66:06:27:f1:9a:1f:d5:39:3f:21:62:30:6b:c8:
ac:31:82:a6:c1:41:75:d9:73:36:c5:5c:01:3f:aa:5d:44:5c:
7e:6a:80:47:17:f4:d0:8b:a2:66:f0:08:d6:3e:65:50:af:f2:
71:3d:85:c2:e6:64:6b:77:3a:b9:69:f6:23:4f:a2:5b:22:88:
40:8a:44:73:1f:e0:f6:98:34:db:d8:5c:57:5a:c0:92:b8:f2:
b5:11:85:00:37:b4:de:1d:53:69:d1:35:bc:38:52:a4:54:d5:
14:11:17:25:17:a8:7b:5a:71:ac:2f:35:c3:14:67:b0:ac:d2:
7e:c2:d8:df:b2:56:cd:ff:4c:71:25:a7:8a:ac:4b:1d:a8:26:
dd:96:c1:6a
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDFE
NjA4MzM2Q0NGMEVERkVBNEEyNDYxNEYxRDcyMzQ4ODRFODk5MTAeFw0yNDExMTUx
NTUyNTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwNDlDQkRCOURCNDYw
MzUyNUVBMzIzMTA5RjlFQkI5RDM5NTlBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHGNHvP4g4m33gLPwh2r+jSyTfVFsK9p8+xkAaxHKnljJUgMC8
E0i+C/P2NY18oASNTdmgS36kYt1/uzsI0dwXb3Dxvi/Ohx7LPUIYGEqJSrZwMFLB
MhKbsp4hXE3tyohkEEI0NteDO2ROJwjCesNnc0r0mtSh6vcu5XJtSu4/lP4Ue0LT
7vgDj9ADNardWgZZnyf3hDMMi06fWe41NZv8ibZowNXoMLsoRu0rG0z3SbLB15wL
PkuoGdhkgpNfK0y5OarC74GWhvOsinzlwGri46Bj3mrnseOCo0DYYiOGYBUCxF9v
K4b/aj3wPgKxRwjik6hWT5W120glIu2bi56DAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUYEnL2520YDUl6jIxCfnrudOVmtowHwYDVR0jBBgwFoAUQdYIM2zPDt/qSiRh
Tx1yNIhOiZEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWkFUL1Fk
WUlNMnpQRHRfcVNpUmhUeDF5TkloT2laRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UWRZSU0yelBEdF9xU2lSaFR4MXlOSWhPaVpFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvWkFUL1lFbkwyNTIwWURVbDZqSXhDZm5ydWRP
Vm10by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAVWgMA0G
CSqGSIb3DQEBCwUAA4IBAQBKi+7wbiFqitdRX9PHGrnr0M6HO8Ce6ejOLlckUx4Y
jjFRLg+ioOcVBTododdCjik7UCguekkhjCHPleAhd9LT9U7voz7OkKuU3CVuBvu9
5js2ekJzJW6BYVU1LzQC5Sa6UmHbsiSZ3ZjLZLXsgfahZgYn8Zof1Tk/IWIwa8is
MYKmwUF12XM2xVwBP6pdRFx+aoBHF/TQi6Jm8AjWPmVQr/JxPYXC5mRrdzq5afYj
T6JbIohAikRzH+D2mDTb2FxXWsCSuPK1EYUAN7TeHVNp0TW8OFKkVNUUERclF6h7
WnGsLzXDFGewrNJ+wtjfslbN/0xxJaeKrEsdqCbdlsFq
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:47 2025 by rpki-client