Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/u33mW8tRPACv_zCHJbC4KW6M_5s.roa
File: u33mW8tRPACv_zCHJbC4KW6M_5s.roa (raw, json)
Hash identifier: d+7UTc+vENefGkjUpIekwW/IbxNw4pc8z3FzmNYhhkk=
Subject key identifier: BB:7D:E6:5B:CB:51:3C:00:AF:FF:30:87:25:B0:B8:29:6E:8C:FF:9B
Certificate issuer: /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial: 0A77
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/u33mW8tRPACv_zCHJbC4KW6M_5s.roa
Signing time: Thu 06 Mar 2025 02:11:59 +0000
ROA not before: Thu 06 Mar 2025 02:11:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 15263
IP address blocks: 103.144.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2679 (0xa77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
Validity
Not Before: Mar 6 02:11:59 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BB7DE65BCB513C00AFFF308725B0B8296E8CFF9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:13:6e:ac:44:c9:38:d5:28:f6:0a:95:95:fe:
09:73:68:b8:65:42:a9:bc:75:0b:ad:3f:06:ff:a6:
3f:4b:2d:73:7b:1f:94:49:df:0a:6f:9c:f7:51:8f:
8d:f2:91:3d:33:30:d6:34:1d:1f:16:0a:16:71:fc:
f8:b8:aa:69:05:89:1c:1a:0f:be:d4:18:62:7d:93:
5b:9b:18:fc:55:f1:3b:74:21:b0:9e:87:d2:d4:29:
94:99:57:5c:57:5f:f8:e9:a9:58:f2:a8:41:1f:8e:
d5:f4:58:42:67:72:93:36:8b:37:68:ad:97:fb:bb:
44:04:46:a5:b1:f9:f1:86:d1:f3:b8:56:ed:c0:dc:
dd:cc:32:df:c1:9b:db:36:0d:92:3d:9e:3a:77:11:
ca:93:71:e6:bc:c6:56:c7:d2:ad:a4:83:0a:3c:76:
4b:d0:8b:d2:70:18:f6:d3:14:dd:93:73:4a:bf:ed:
93:16:f0:2a:7e:95:08:8c:21:83:36:9b:2f:64:e6:
d4:c4:9f:ec:61:32:13:08:cd:20:03:0b:94:8a:e9:
bb:5e:16:c3:42:cb:51:8b:29:9f:0d:20:ad:a6:39:
74:ee:50:72:f8:aa:29:3d:73:6a:b5:6c:64:f2:42:
b2:25:29:32:31:cc:e8:9e:78:83:b1:26:7a:df:f8:
f4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7D:E6:5B:CB:51:3C:00:AF:FF:30:87:25:B0:B8:29:6E:8C:FF:9B
X509v3 Authority Key Identifier:
keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/u33mW8tRPACv_zCHJbC4KW6M_5s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.34.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:1f:01:72:1c:31:1e:29:8e:a6:e5:69:90:03:7d:dd:3b:56:
f8:c9:dd:3d:04:ec:0e:6d:85:a6:45:80:88:8d:a2:bf:19:36:
7d:67:c2:04:78:13:2f:24:30:3f:9c:10:3c:12:22:40:43:23:
2a:66:02:d1:55:f8:d6:33:cf:27:15:5f:e0:92:52:18:e4:ba:
40:43:40:e5:7f:ee:e8:f8:1a:24:f0:86:a9:31:cd:ae:93:43:
83:e1:27:c3:ab:e1:5c:bb:c3:ce:36:e4:53:60:2a:34:c1:4f:
14:e4:81:6a:99:1b:ea:2b:8b:98:f1:16:87:27:21:f7:01:7c:
f6:c7:fe:21:df:7d:8e:86:ae:e1:4f:b3:83:a4:f8:95:41:1a:
3f:c7:9d:39:11:73:a3:56:cd:55:9b:0c:6b:22:04:46:7d:7d:
e8:c8:d9:93:26:8a:8a:2f:ea:e8:c8:81:65:93:53:20:3e:2e:
d8:67:b7:96:12:61:c6:14:8b:8f:05:34:a8:3f:9a:e9:c2:60:
06:9b:e1:e7:a9:1c:da:e9:21:ed:8c:8e:30:8a:97:59:ed:06:
a3:2a:28:18:48:7f:8f:94:8f:60:bd:2e:7f:c6:3d:25:e5:38:
30:49:66:bd:3c:67:c5:c2:12:7c:0c:c7:a7:9a:fc:1c:e7:75:
bb:e9:96:67
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yNTAzMDYw
MjExNTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJCN0RFNjVCQ0I1MTND
MDBBRkZGMzA4NzI1QjBCODI5NkU4Q0ZGOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFE26sRMk41Sj2CpWV/glzaLhlQqm8dQutPwb/pj9LLXN7H5RJ
3wpvnPdRj43ykT0zMNY0HR8WChZx/Pi4qmkFiRwaD77UGGJ9k1ubGPxV8Tt0IbCe
h9LUKZSZV1xXX/jpqVjyqEEfjtX0WEJncpM2izdorZf7u0QERqWx+fGG0fO4Vu3A
3N3MMt/Bm9s2DZI9njp3EcqTcea8xlbH0q2kgwo8dkvQi9JwGPbTFN2Tc0q/7ZMW
8Cp+lQiMIYM2my9k5tTEn+xhMhMIzSADC5SK6bteFsNCy1GLKZ8NIK2mOXTuUHL4
qik9c2q1bGTyQrIlKTIxzOieeIOxJnrf+PThAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUu33mW8tRPACv/zCHJbC4KW6M/5swHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL3UzM21XOHRSUEFDdl96Q0hKYkM0S1c2
TV81cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnkCIwDQYJ
KoZIhvcNAQELBQADggEBAB8fAXIcMR4pjqblaZADfd07VvjJ3T0E7A5thaZFgIiN
or8ZNn1nwgR4Ey8kMD+cEDwSIkBDIypmAtFV+NYzzycVX+CSUhjkukBDQOV/7uj4
GiTwhqkxza6TQ4PhJ8Or4Vy7w8425FNgKjTBTxTkgWqZG+ori5jxFocnIfcBfPbH
/iHffY6GruFPs4Ok+JVBGj/HnTkRc6NWzVWbDGsiBEZ9fejI2ZMmioov6ujIgWWT
UyA+Lthnt5YSYcYUi48FNKg/munCYAab4eepHNrpIe2MjjCKl1ntBqMqKBhIf4+U
j2C9Ln/GPSXlODBJZr08Z8XCEnwMx6ea/Bzndbvplmc=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:52:46 2025 by rpki-client