Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ARCHE/4t41Y9gpzM3kf5xrKWLAx3qCNJ4.roa
File: 4t41Y9gpzM3kf5xrKWLAx3qCNJ4.roa (raw, json)
Hash identifier: odGrcEnIiqqyuiXqAIb7lL237Y3/cPth8mmoiOQfLP8=
Subject key identifier: E2:DE:35:63:D8:29:CC:CD:E4:7F:9C:6B:29:62:C0:C7:7A:82:34:9E
Certificate issuer: /CN=EAB250D058FACBEB3EA0D16B53865061339074B6
Certificate serial: ED
Authority key identifier: EA:B2:50:D0:58:FA:CB:EB:3E:A0:D1:6B:53:86:50:61:33:90:74:B6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/4t41Y9gpzM3kf5xrKWLAx3qCNJ4.roa
Signing time: Thu 09 Jan 2025 15:34:14 +0000
ROA not before: Thu 09 Jan 2025 15:34:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18041
IP address blocks: 157.15.32.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 237 (0xed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EAB250D058FACBEB3EA0D16B53865061339074B6
Validity
Not Before: Jan 9 15:34:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E2DE3563D829CCCDE47F9C6B2962C0C77A82349E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3d:07:22:bc:41:99:59:a1:11:38:e6:b2:61:
d6:ae:ac:da:3d:27:1c:74:a6:00:22:83:2d:53:8f:
e5:b4:20:19:38:b7:29:a8:d1:99:2f:e4:bc:3f:ff:
27:e2:76:5b:c3:8c:e0:be:f1:82:66:0b:aa:ee:e1:
7d:0f:48:a2:d3:da:d6:12:f7:ac:03:5c:f4:8e:d8:
99:c3:df:45:35:c5:84:79:1f:ff:b0:64:4e:16:69:
f6:d0:88:5e:61:23:0b:b8:3c:44:86:78:6d:61:94:
95:2a:65:f1:49:da:b3:2d:88:c6:5b:c8:1c:66:12:
57:fa:2a:2e:01:d3:c2:79:35:be:9c:f1:64:69:f6:
3d:de:0a:f2:8b:fb:0d:a4:07:78:18:9b:2b:57:b5:
85:c4:81:68:d3:30:3e:98:97:57:a2:f3:64:68:51:
78:af:82:89:1c:fa:0a:a2:c4:18:0c:3a:3e:ca:1a:
e5:7d:7e:14:d2:7c:04:25:24:c8:e7:61:9d:23:85:
99:b2:af:5a:9c:8a:66:a2:6e:f5:a3:fc:d3:76:c9:
7e:be:89:40:24:f2:18:60:ef:b3:c7:c0:cf:97:8d:
a6:79:c2:ab:bb:e5:26:d5:68:b1:f6:f3:41:7d:55:
64:c4:5c:bf:84:3c:1d:2c:f6:24:ba:d4:21:c3:aa:
30:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DE:35:63:D8:29:CC:CD:E4:7F:9C:6B:29:62:C0:C7:7A:82:34:9E
X509v3 Authority Key Identifier:
keyid:EA:B2:50:D0:58:FA:CB:EB:3E:A0:D1:6B:53:86:50:61:33:90:74:B6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/6rJQ0Fj6y-s-oNFrU4ZQYTOQdLY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ARCHE/4t41Y9gpzM3kf5xrKWLAx3qCNJ4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.32.0/23
Signature Algorithm: sha256WithRSAEncryption
64:86:43:f3:ca:1b:09:e0:86:ac:5f:f3:d8:4c:a9:43:9a:e9:
35:98:b9:f6:6c:0b:0c:4d:ab:91:ae:e3:94:04:52:80:ae:6a:
f1:69:b9:db:69:11:87:06:9a:fb:0e:30:0b:92:bf:a2:87:a2:
a6:be:b6:dc:0d:a8:3c:c7:c7:b4:7e:8a:95:69:9e:3c:8a:44:
79:ed:2b:be:b4:c4:a0:2c:b9:cd:66:8b:74:66:bc:75:52:26:
9c:a3:e7:63:3f:bc:61:a6:e4:48:37:ff:8e:3a:ba:68:3e:1d:
c5:f6:5c:1e:52:ec:4b:f7:3e:34:da:31:4f:6f:66:b6:87:53:
d1:87:c7:df:20:d9:c8:a9:88:0e:c4:c0:e9:47:bf:1c:01:1e:
da:ec:f3:af:eb:9b:46:8c:3e:94:ba:79:bc:c8:20:e8:e9:41:
f0:da:22:29:96:6e:3f:5a:7d:14:96:20:47:44:d3:81:bc:6c:
db:08:62:44:f5:7b:28:d6:3f:91:07:39:7a:af:8b:b4:79:a7:
61:78:14:4e:81:5c:48:14:0d:fb:98:78:39:e9:be:b7:45:89:
16:4f:ba:56:a7:9c:e7:02:97:15:2a:f5:21:71:ca:b4:47:33:
2f:95:8c:21:8d:06:1c:c9:8b:d3:bb:76:e5:f1:38:25:f5:31:
dc:41:4c:da
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUFC
MjUwRDA1OEZBQ0JFQjNFQTBEMTZCNTM4NjUwNjEzMzkwNzRCNjAeFw0yNTAxMDkx
NTM0MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUyREUzNTYzRDgyOUND
Q0RFNDdGOUM2QjI5NjJDMEM3N0E4MjM0OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAPQcivEGZWaEROOayYdaurNo9Jxx0pgAigy1Tj+W0IBk4tymo
0Zkv5Lw//yfidlvDjOC+8YJmC6ru4X0PSKLT2tYS96wDXPSO2JnD30U1xYR5H/+w
ZE4WafbQiF5hIwu4PESGeG1hlJUqZfFJ2rMtiMZbyBxmElf6Ki4B08J5Nb6c8WRp
9j3eCvKL+w2kB3gYmytXtYXEgWjTMD6Yl1ei82RoUXivgokc+gqixBgMOj7KGuV9
fhTSfAQlJMjnYZ0jhZmyr1qcimaibvWj/NN2yX6+iUAk8hhg77PHwM+XjaZ5wqu7
5SbVaLH280F9VWTEXL+EPB0s9iS61CHDqjCXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU4t41Y9gpzM3kf5xrKWLAx3qCNJ4wHwYDVR0jBBgwFoAU6rJQ0Fj6y+s+oNFr
U4ZQYTOQdLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVJDSEUv
NnJKUTBGajZ5LXMtb05GclU0WlFZVE9RZExZLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS82ckpRMEZqNnktcy1vTkZyVTRaUVlUT1FkTFkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BUkNIRS80dDQxWTlncHpNM2tmNXhyS1dM
QXgzcUNOSjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnQ8g
MA0GCSqGSIb3DQEBCwUAA4IBAQBkhkPzyhsJ4IasX/PYTKlDmuk1mLn2bAsMTauR
ruOUBFKArmrxabnbaRGHBpr7DjALkr+ih6KmvrbcDag8x8e0foqVaZ48ikR57Su+
tMSgLLnNZot0Zrx1Uiaco+djP7xhpuRIN/+OOrpoPh3F9lweUuxL9z402jFPb2a2
h1PRh8ffINnIqYgOxMDpR78cAR7a7POv65tGjD6Uunm8yCDo6UHw2iIplm4/Wn0U
liBHRNOBvGzbCGJE9Xso1j+RBzl6r4u0eadheBROgVxIFA37mHg56b63RYkWT7pW
p5znApcVKvUhccq0RzMvlYwhjQYcyYvTu3bl8Tgl9THcQUza
-----END CERTIFICATE-----
Generated at Wed Mar 12 04:26:45 2025 by rpki-client