Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/K_Ujvl8bwZ2KHy_nMF4IWz2Rmdo.roa
File: K_Ujvl8bwZ2KHy_nMF4IWz2Rmdo.roa (raw, json)
Hash identifier: KB3FOYITHzMdSqcavJdG6qq6erD6eJZn/P3JlJxPaVQ=
Subject key identifier: 2B:F5:23:BE:5F:1B:C1:9D:8A:1F:2F:E7:30:5E:08:5B:3D:91:99:DA
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0FD8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/K_Ujvl8bwZ2KHy_nMF4IWz2Rmdo.roa
Signing time: Mon 26 Aug 2024 05:15:48 +0000
ROA not before: Mon 26 Aug 2024 05:15:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131591
IP address blocks: 223.22.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4056 (0xfd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:15:48 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2BF523BE5F1BC19D8A1F2FE7305E085B3D9199DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9e:e2:ec:7b:d4:7d:2e:1f:b9:ad:e9:85:34:
16:be:7a:23:5d:ac:4b:f0:ad:3e:28:89:eb:91:79:
d8:a9:d9:59:2e:ba:43:02:cb:6b:13:eb:d7:ad:f9:
84:5c:fe:60:0d:08:92:8a:d6:90:32:49:75:5e:08:
e6:29:67:c2:0f:1a:e1:bc:dc:70:97:58:3a:c9:e3:
ff:dd:10:79:b0:9f:11:6d:a5:0e:18:67:2b:65:af:
71:7e:42:75:2c:fb:c8:30:d5:d2:1e:de:f8:77:52:
b5:a7:06:dd:1b:ce:4f:1f:7b:79:ad:66:c2:37:a5:
2a:d0:2d:f9:1d:c0:00:06:cb:d1:e2:c1:13:34:17:
e9:58:0a:4e:2f:76:85:e8:db:b0:28:b9:48:56:67:
06:59:39:7b:c7:3b:30:c8:ab:07:d9:f4:83:c6:b1:
47:05:74:2f:0e:44:5c:46:37:4d:de:d5:da:cb:15:
6a:ff:1b:d4:28:7d:44:64:52:56:d3:bd:a5:d3:3a:
fa:87:52:67:ac:b1:ed:40:61:4e:d4:4c:26:6d:40:
06:9b:7c:40:6f:9a:fe:24:ef:9d:65:45:a7:9e:54:
a1:ec:5f:71:1b:f4:ea:8a:54:d7:11:65:41:6b:51:
c4:a0:32:79:11:aa:48:0f:85:b2:37:83:e5:9d:2d:
75:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F5:23:BE:5F:1B:C1:9D:8A:1F:2F:E7:30:5E:08:5B:3D:91:99:DA
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/K_Ujvl8bwZ2KHy_nMF4IWz2Rmdo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.32.0/19
Signature Algorithm: sha256WithRSAEncryption
69:78:c9:e2:75:fb:97:db:fc:5f:ea:07:7e:97:ef:62:82:57:
46:24:fb:25:79:1c:aa:1f:33:53:cb:3f:d5:0f:17:51:7a:b0:
42:74:1d:b5:ce:58:73:50:62:e6:a5:01:71:33:f0:11:e3:03:
02:f3:14:2c:97:48:b6:7f:03:56:64:ca:fa:c0:31:51:bc:f0:
37:92:80:68:c0:3e:51:bc:89:b5:49:66:1e:ae:f2:ef:6f:04:
35:70:be:2f:cf:f3:68:59:6a:97:b4:a8:7b:37:f7:53:db:6a:
02:ff:e2:3b:33:d9:ec:1f:d6:36:0b:77:fa:b5:89:03:db:40:
57:48:44:81:86:44:a8:b4:1c:b1:75:c7:ad:05:9b:c3:f8:0d:
78:a3:d0:c2:aa:48:70:0f:28:15:45:e0:74:32:ed:35:26:d8:
68:c9:5a:f3:85:57:e2:4b:b2:60:70:ee:28:dc:0a:0b:8c:94:
c5:48:92:e4:62:e0:f7:28:ac:c8:76:50:41:1e:24:d2:04:34:
73:45:12:c7:3e:6f:37:f1:e5:c3:db:07:d0:e9:52:04:e9:24:
c6:6a:91:ce:d9:15:22:42:26:8a:f7:a4:66:34:99:ad:22:b2:
43:e2:e9:4d:23:5f:ca:49:0f:1f:d3:26:e6:c7:c8:49:5b:93:
82:ae:eb:e8
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE1NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJCRjUyM0JFNUYxQkMx
OUQ4QTFGMkZFNzMwNUUwODVCM0Q5MTk5REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvnuLse9R9Lh+5remFNBa+eiNdrEvwrT4oieuRedip2VkuukMC
y2sT69et+YRc/mANCJKK1pAySXVeCOYpZ8IPGuG83HCXWDrJ4//dEHmwnxFtpQ4Y
Zytlr3F+QnUs+8gw1dIe3vh3UrWnBt0bzk8fe3mtZsI3pSrQLfkdwAAGy9HiwRM0
F+lYCk4vdoXo27AouUhWZwZZOXvHOzDIqwfZ9IPGsUcFdC8ORFxGN03e1drLFWr/
G9QofURkUlbTvaXTOvqHUmesse1AYU7UTCZtQAabfEBvmv4k751lRaeeVKHsX3Eb
9OqKVNcRZUFrUcSgMnkRqkgPhbI3g+WdLXX9AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUK/Ujvl8bwZ2KHy/nMF4IWz2RmdowHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0tfVWp2bDhid1oyS0h5X25NRjRJV3oy
Um1kby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXfFiAwDQYJ
KoZIhvcNAQELBQADggEBAGl4yeJ1+5fb/F/qB36X72KCV0Yk+yV5HKofM1PLP9UP
F1F6sEJ0HbXOWHNQYualAXEz8BHjAwLzFCyXSLZ/A1ZkyvrAMVG88DeSgGjAPlG8
ibVJZh6u8u9vBDVwvi/P82hZape0qHs391PbagL/4jsz2ewf1jYLd/q1iQPbQFdI
RIGGRKi0HLF1x60Fm8P4DXij0MKqSHAPKBVF4HQy7TUm2GjJWvOFV+JLsmBw7ijc
CguMlMVIkuRi4PcorMh2UEEeJNIENHNFEsc+bzfx5cPbB9DpUgTpJMZqkc7ZFSJC
Jor3pGY0ma0iskPi6U0jX8pJDx/TJubHyElbk4Ku6+g=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:08 2025 by rpki-client