Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/KiP4_2Fb5m8Rq-C7UoEj7kBrnBQ.roa
File: KiP4_2Fb5m8Rq-C7UoEj7kBrnBQ.roa (raw, json)
Hash identifier: RphapuLtp6ridYuKT0mVSErBO1JO1V1AzZTwQChzMZY=
Subject key identifier: 2A:23:F8:FF:61:5B:E6:6F:11:AB:E0:BB:52:81:23:EE:40:6B:9C:14
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1156
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KiP4_2Fb5m8Rq-C7UoEj7kBrnBQ.roa
Signing time: Fri 10 Jan 2025 05:51:06 +0000
ROA not before: Fri 10 Jan 2025 05:51:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 223.22.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4438 (0x1156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 10 05:51:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2A23F8FF615BE66F11ABE0BB528123EE406B9C14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ec:a6:c9:9f:8e:0d:c6:95:16:8b:98:fb:b3:
22:a7:77:bf:02:f2:9c:96:b7:93:a4:57:f2:41:7f:
a6:27:78:f3:ba:08:e5:b3:ef:0a:d7:e9:cd:23:ca:
96:8b:70:6e:d2:ff:78:b1:c9:e6:51:f7:61:f8:28:
f2:ac:bd:e2:cb:04:8a:dc:87:9c:ed:38:f4:d2:38:
d9:96:99:15:14:f5:f1:61:d9:84:0f:88:a5:eb:6c:
b6:c5:8b:f3:66:85:b9:31:ca:3d:7d:9b:62:32:e4:
82:0d:95:86:df:14:f8:b4:cf:75:c8:05:d0:93:b6:
bf:61:94:a0:31:35:a8:15:91:cd:71:c0:93:e5:cc:
0c:87:42:2e:38:f8:17:12:2d:0a:fb:09:24:8c:cd:
07:30:9e:2d:7d:fe:2c:61:8e:d3:99:54:79:14:5e:
5c:75:ac:23:11:66:28:25:4a:c4:92:99:81:d3:03:
a8:ec:0a:5a:0e:db:ee:b6:09:37:11:2c:2a:fb:09:
cf:99:a8:b9:ea:84:0e:c3:71:d7:a7:99:00:ae:db:
39:09:c7:f2:ff:84:38:08:b2:71:e6:4b:f7:c0:bc:
f0:49:09:a1:a8:14:3f:92:8c:e9:62:4f:dc:e3:3c:
71:2f:79:8d:68:c3:a9:28:1d:05:24:7c:09:ea:3c:
01:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:23:F8:FF:61:5B:E6:6F:11:AB:E0:BB:52:81:23:EE:40:6B:9C:14
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KiP4_2Fb5m8Rq-C7UoEj7kBrnBQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.66.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:3c:0d:07:fd:9c:cd:aa:59:0b:32:06:8e:a3:f8:70:8d:6b:
52:bc:9c:3d:d2:45:82:ea:6a:a9:16:aa:9e:00:ed:d1:6d:ed:
94:2b:4a:80:e5:56:c1:5e:55:32:f6:a7:37:32:94:15:a5:7c:
e8:f5:87:d1:48:05:b6:a5:08:17:d8:7f:2b:6c:cd:e6:23:17:
66:6b:b9:c0:dd:96:93:45:e1:23:e4:f2:78:5a:70:5c:63:57:
d3:af:e9:be:d3:2e:a7:0e:3c:68:dc:a5:d0:b3:d6:b8:d9:78:
a5:80:47:25:73:0d:09:a0:0c:ce:f4:f8:e2:ef:fb:52:74:2b:
2d:1a:28:de:8c:54:1e:eb:89:58:04:67:06:37:49:31:4e:d3:
02:30:3e:a2:db:c2:83:32:fe:77:e5:8a:2a:cd:88:af:52:20:
9a:3e:45:18:89:64:02:4e:9d:0d:5d:59:41:78:a9:ee:b5:53:
d4:05:cf:61:7b:21:f0:02:c9:6d:76:39:c4:10:e6:4a:08:8d:
76:ca:0d:d5:d2:19:78:9f:b5:75:44:70:4e:2e:91:75:2e:31:
e7:6f:0b:4e:e7:40:80:67:58:63:4e:c0:6b:b0:90:5c:2f:cb:
25:12:40:d0:7a:93:5c:f6:61:d9:8a:20:4f:7f:b4:eb:09:bc:
aa:c8:ea:e9
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAxMTAw
NTUxMDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJBMjNGOEZGNjE1QkU2
NkYxMUFCRTBCQjUyODEyM0VFNDA2QjlDMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl7KbJn44NxpUWi5j7syKnd78C8pyWt5OkV/JBf6YnePO6COWz
7wrX6c0jypaLcG7S/3ixyeZR92H4KPKsveLLBIrch5ztOPTSONmWmRUU9fFh2YQP
iKXrbLbFi/Nmhbkxyj19m2Iy5IINlYbfFPi0z3XIBdCTtr9hlKAxNagVkc1xwJPl
zAyHQi44+BcSLQr7CSSMzQcwni19/ixhjtOZVHkUXlx1rCMRZiglSsSSmYHTA6js
CloO2+62CTcRLCr7Cc+ZqLnqhA7DcdenmQCu2zkJx/L/hDgIsnHmS/fAvPBJCaGo
FD+SjOliT9zjPHEveY1ow6koHQUkfAnqPAE/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUKiP4/2Fb5m8Rq+C7UoEj7kBrnBQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0tpUDRfMkZiNW04UnEtQzdVb0VqN2tC
cm5CUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfFkIwDQYJ
KoZIhvcNAQELBQADggEBAD48DQf9nM2qWQsyBo6j+HCNa1K8nD3SRYLqaqkWqp4A
7dFt7ZQrSoDlVsFeVTL2pzcylBWlfOj1h9FIBbalCBfYfytszeYjF2ZrucDdlpNF
4SPk8nhacFxjV9Ov6b7TLqcOPGjcpdCz1rjZeKWARyVzDQmgDM70+OLv+1J0Ky0a
KN6MVB7riVgEZwY3STFO0wIwPqLbwoMy/nfliirNiK9SIJo+RRiJZAJOnQ1dWUF4
qe61U9QFz2F7IfACyW12OcQQ5koIjXbKDdXSGXiftXVEcE4ukXUuMedvC07nQIBn
WGNOwGuwkFwvyyUSQNB6k1z2YdmKIE9/tOsJvKrI6uk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:53 2025 by rpki-client