Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCB/RKr4vHOFMMRi_CLBsEWg0pBw9-g.roa
File: RKr4vHOFMMRi_CLBsEWg0pBw9-g.roa (raw, json)
Hash identifier: 0tnojoDiwYiWes11Mfjk2aE7MUYDLd3VWJhqClfNAho=
Subject key identifier: 44:AA:F8:BC:73:85:30:C4:62:FC:22:C1:B0:45:A0:D2:90:70:F7:E8
Certificate issuer: /CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Certificate serial: 0C5F
Authority key identifier: BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/RKr4vHOFMMRi_CLBsEWg0pBw9-g.roa
Signing time: Mon 26 Aug 2024 05:27:42 +0000
ROA not before: Mon 26 Aug 2024 05:27:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131590
IP address blocks: 103.227.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 01:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3167 (0xc5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BF82A3AC11455030743C0A743711F8A0D8EBAE28
Validity
Not Before: Aug 26 05:27:42 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=44AAF8BC738530C462FC22C1B045A0D29070F7E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:84:0b:21:70:d8:a3:f1:c8:32:7c:59:74:
8b:b0:21:41:98:51:3a:5f:5a:d5:ac:81:e5:66:62:
13:41:dc:96:09:0a:02:6d:7b:40:65:e5:f9:d0:1f:
44:75:88:5a:b9:23:99:f2:38:aa:3f:15:65:69:c0:
31:94:6a:c4:9f:47:8d:4c:3e:5c:62:21:b7:20:7c:
e3:93:a2:b1:7b:48:94:4d:91:6c:ec:49:55:2c:86:
ed:57:d6:d0:b3:fe:1a:9b:96:0c:a6:89:ae:d0:53:
d3:44:7f:b6:01:c9:86:54:16:cb:a5:39:a2:40:34:
4e:fb:c7:91:34:29:a1:84:4b:79:c9:a2:2c:fb:27:
2d:14:13:f6:6f:82:c1:ae:c9:88:d1:ee:72:92:23:
6a:23:2d:3c:9a:d4:86:fe:b1:7d:72:78:b7:f5:43:
b0:80:3f:54:a4:fc:71:d5:27:80:11:68:d3:ad:32:
89:23:24:be:6f:c0:c5:40:f6:f4:3f:02:e3:c7:0f:
a7:0c:1c:02:f6:ef:b3:3e:d6:de:f3:d7:3a:a9:75:
4c:2a:08:13:a9:40:4d:ef:18:1e:ac:45:c4:47:2f:
66:c3:60:cd:0c:bc:dd:7a:2f:84:52:7b:03:36:ff:
ce:e9:a4:92:54:f9:ca:66:4d:f8:c1:46:7a:35:f2:
46:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AA:F8:BC:73:85:30:C4:62:FC:22:C1:B0:45:A0:D2:90:70:F7:E8
X509v3 Authority Key Identifier:
keyid:BF:82:A3:AC:11:45:50:30:74:3C:0A:74:37:11:F8:A0:D8:EB:AE:28
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/v4KjrBFFUDB0PAp0NxH4oNjrrig.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v4KjrBFFUDB0PAp0NxH4oNjrrig.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCB/RKr4vHOFMMRi_CLBsEWg0pBw9-g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.227.227.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:e9:f7:ef:23:d8:d8:fa:f9:ba:be:41:17:91:fa:48:6a:75:
b7:a1:d1:d2:08:d5:52:e0:98:0b:88:cc:f2:d0:a8:1a:ac:f0:
28:8d:84:0d:69:33:d0:e4:1e:37:f7:84:8f:c1:1f:12:18:21:
f2:2d:81:dd:d0:1f:35:3e:4c:8f:eb:df:42:4f:36:0a:9a:bd:
ce:3d:46:55:02:a1:73:16:13:f3:30:25:13:74:44:c0:82:d3:
0b:8b:86:14:17:2a:76:11:e6:3a:c1:6e:4f:80:81:d6:11:0a:
89:ab:6f:4c:e3:02:04:f2:2c:d9:57:d6:09:50:67:fd:ca:ba:
a3:51:ae:d2:d7:bf:82:01:5a:de:a5:e8:1f:3e:41:fb:34:fd:
67:6c:6a:2f:e9:2d:50:5e:d6:6b:f4:9d:1d:c9:94:9b:d1:93:
03:04:54:7b:67:c7:0d:4f:6c:8f:d2:b2:5f:78:13:fd:bf:99:
b4:14:43:91:19:bc:6b:44:3e:a1:e4:f9:e2:b0:d1:e3:69:63:
6f:b3:82:ec:39:e3:9f:aa:9e:47:e9:72:84:f5:14:b1:e0:88:
71:89:45:58:ce:73:f9:19:ef:90:50:4d:47:ae:e0:a6:0d:75:
f9:9d:e8:fe:bb:d0:38:2c:8c:33:18:a9:f9:18:ec:55:da:bb:
f2:82:09:bb
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDF8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkY4
MkEzQUMxMTQ1NTAzMDc0M0MwQTc0MzcxMUY4QTBEOEVCQUUyODAeFw0yNDA4MjYw
NTI3NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ0QUFGOEJDNzM4NTMw
QzQ2MkZDMjJDMUIwNDVBMEQyOTA3MEY3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkxoQLIXDYo/HIMnxZdIuwIUGYUTpfWtWsgeVmYhNB3JYJCgJt
e0Bl5fnQH0R1iFq5I5nyOKo/FWVpwDGUasSfR41MPlxiIbcgfOOTorF7SJRNkWzs
SVUshu1X1tCz/hqblgymia7QU9NEf7YByYZUFsulOaJANE77x5E0KaGES3nJoiz7
Jy0UE/ZvgsGuyYjR7nKSI2ojLTya1Ib+sX1yeLf1Q7CAP1Sk/HHVJ4ARaNOtMokj
JL5vwMVA9vQ/AuPHD6cMHAL277M+1t7z1zqpdUwqCBOpQE3vGB6sRcRHL2bDYM0M
vN16L4RSewM2/87ppJJU+cpmTfjBRno18kaHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQURKr4vHOFMMRi/CLBsEWg0pBw9+gwHwYDVR0jBBgwFoAUv4KjrBFFUDB0PAp0
NxH4oNjrrigwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL3Y0
S2pyQkZGVURCMFBBcDBOeEg0b05qcnJpZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djRLanJCRkZVREIwUEFwME54SDRvTmpycmlnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVENCL1JLcjR2SE9GTU1SaV9DTEJzRVdnMHBC
dzktZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn4+MwDQYJ
KoZIhvcNAQELBQADggEBALTp9+8j2Nj6+bq+QReR+khqdbeh0dII1VLgmAuIzPLQ
qBqs8CiNhA1pM9DkHjf3hI/BHxIYIfItgd3QHzU+TI/r30JPNgqavc49RlUCoXMW
E/MwJRN0RMCC0wuLhhQXKnYR5jrBbk+AgdYRComrb0zjAgTyLNlX1glQZ/3KuqNR
rtLXv4IBWt6l6B8+Qfs0/Wdsai/pLVBe1mv0nR3JlJvRkwMEVHtnxw1PbI/Ssl94
E/2/mbQUQ5EZvGtEPqHk+eKw0eNpY2+zguw545+qnkfpcoT1FLHgiHGJRVjOc/kZ
75BQTUeu4KYNdfmd6P670DgsjDMYqfkY7FXau/KCCbs=
-----END CERTIFICATE-----
Generated at Fri Apr 18 22:31:36 2025 by rpki-client