Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa
File: nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa (raw, json)
Hash identifier: 3BvwES0d6jWYvrF0dDYGY8TvK7/vXGGgg+taSbLfZMg=
Subject key identifier: 9E:EF:6E:57:E6:7E:A1:F7:9E:81:CD:4C:5E:BA:E9:41:4F:32:02:47
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1099
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa
Signing time: Mon 26 Aug 2024 05:16:36 +0000
ROA not before: Mon 26 Aug 2024 05:16:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131591
IP address blocks: 223.22.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4249 (0x1099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:36 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9EEF6E57E67EA1F79E81CD4C5EBAE9414F320247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5e:b6:61:00:fc:7c:a8:23:c8:2d:04:fc:d7:
1a:99:5e:c6:7a:18:ed:f5:2c:1c:a5:4f:33:c9:2c:
a7:25:b2:d0:32:ed:76:21:f0:05:fa:1b:4e:ef:db:
b2:48:78:c6:b1:25:d7:da:69:7e:1b:6c:45:3b:0f:
94:5e:bc:92:fd:17:b3:22:70:fb:1a:04:b9:85:23:
1d:dc:96:17:94:4b:d3:12:3c:0c:b6:28:7f:12:d4:
dd:f6:5c:71:5b:ed:a7:53:45:c7:1e:4b:3f:11:7d:
d7:2a:be:e8:d5:88:85:33:bf:bb:86:06:3c:73:90:
1f:af:be:a5:8d:3f:dd:4a:25:1f:21:37:c5:8b:ce:
40:52:59:c1:47:a7:3d:ab:5c:5d:e3:66:be:79:3d:
fa:e4:3b:b4:e4:15:c6:7f:7b:82:b9:d5:f1:b1:57:
be:ca:1b:c5:94:c1:e2:74:cc:41:59:43:d9:a9:cc:
37:54:65:a2:4c:f2:ab:75:55:b9:2e:16:7f:68:1b:
a6:2d:97:37:a6:8e:1b:6d:9e:da:58:1e:4a:00:b3:
ee:ec:a5:a4:48:df:c0:65:be:c5:b2:2e:14:cd:1f:
f9:6d:16:66:15:d7:4d:48:5e:1c:d5:80:f0:88:41:
31:f1:dd:5c:d8:70:3f:39:87:67:67:9c:d4:3f:e0:
04:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EF:6E:57:E6:7E:A1:F7:9E:81:CD:4C:5E:BA:E9:41:4F:32:02:47
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nu9uV-Z-ofeegc1MXrrpQU8yAkc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:2d:09:1b:23:7b:a1:d7:96:22:dd:a8:b6:0c:db:ba:15:0b:
ae:da:a7:f0:9d:28:58:f4:2a:30:e6:f3:e5:a0:6b:45:b2:13:
a4:33:09:c0:eb:d1:70:e4:7e:c8:70:ee:01:a8:24:82:bb:bf:
c2:42:88:68:b4:e5:fe:8c:5e:9c:9f:11:ec:fa:60:a5:b5:e5:
94:b0:68:d1:ac:b7:e6:12:f4:66:25:80:5d:fb:52:20:bc:57:
23:23:63:b5:e1:df:66:22:a5:44:8b:b7:2c:41:82:4e:cb:d6:
f5:fc:bb:04:ac:18:53:44:e4:9a:35:fe:e9:a7:80:ad:51:b5:
54:f5:a6:6c:e5:02:06:c3:52:83:cf:1b:a6:e3:96:b2:f6:95:
bc:ed:53:da:0c:19:9b:e0:28:9f:8b:fa:da:8c:c3:e2:8d:df:
07:d0:27:b1:e6:76:6f:3b:ac:31:17:fe:1a:2b:b8:b5:bb:79:
d5:07:16:30:14:34:ae:ab:7f:80:55:5c:d5:b8:77:62:07:40:
ff:54:db:3f:89:b6:cd:c1:84:10:2d:fc:bb:1f:e2:49:39:4e:
7c:5b:68:5a:ee:62:db:5b:ae:6b:5a:13:8e:38:37:f0:1a:26:
b8:b3:ed:c0:f9:e7:d0:13:cf:ea:47:5c:e5:be:45:aa:32:5e:
08:ed:7f:7b
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFRUY2RTU3RTY3RUEx
Rjc5RTgxQ0Q0QzVFQkFFOTQxNEYzMjAyNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2XrZhAPx8qCPILQT81xqZXsZ6GO31LBylTzPJLKclstAy7XYh
8AX6G07v27JIeMaxJdfaaX4bbEU7D5RevJL9F7MicPsaBLmFIx3clheUS9MSPAy2
KH8S1N32XHFb7adTRcceSz8RfdcqvujViIUzv7uGBjxzkB+vvqWNP91KJR8hN8WL
zkBSWcFHpz2rXF3jZr55PfrkO7TkFcZ/e4K51fGxV77KG8WUweJ0zEFZQ9mpzDdU
ZaJM8qt1VbkuFn9oG6YtlzemjhttntpYHkoAs+7spaRI38BlvsWyLhTNH/ltFmYV
101IXhzVgPCIQTHx3VzYcD85h2dnnNQ/4AT5AgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUnu9uV+Z+ofeegc1MXrrpQU8yAkcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL251OXVWLVotb2ZlZWdjMU1YcnJwUVU4
eUFrYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDfFjANBgkq
hkiG9w0BAQsFAAOCAQEAUC0JGyN7odeWIt2otgzbuhULrtqn8J0oWPQqMObz5aBr
RbITpDMJwOvRcOR+yHDuAagkgru/wkKIaLTl/oxenJ8R7PpgpbXllLBo0ay35hL0
ZiWAXftSILxXIyNjteHfZiKlRIu3LEGCTsvW9fy7BKwYU0TkmjX+6aeArVG1VPWm
bOUCBsNSg88bpuOWsvaVvO1T2gwZm+Aon4v62ozD4o3fB9AnseZ2bzusMRf+Giu4
tbt51QcWMBQ0rqt/gFVc1bh3YgdA/1TbP4m2zcGEEC38ux/iSTlOfFtoWu5i21uu
a1oTjjg38BomuLPtwPnn0BPP6kdc5b5FqjJeCO1/ew==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:49:19 2025 by rpki-client