Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa
File: KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa (raw, json)
Hash identifier: 892Cm3n0iksl1YphuiUPU8nlwz6TaVfvIlaAKTbkvi4=
Subject key identifier: 29:53:3D:59:80:58:63:B9:40:93:CA:5F:AE:3C:21:97:C5:F6:BA:E0
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 0678
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa
Signing time: Mon 26 Aug 2024 05:18:40 +0000
ROA not before: Mon 26 Aug 2024 05:18:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2401:95c0::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1656 (0x678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Aug 26 05:18:40 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=29533D59805863B94093CA5FAE3C2197C5F6BAE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:65:e3:f8:46:2b:d4:c5:7b:4e:96:49:07:
77:67:f3:4e:82:8b:e7:ee:23:2b:b5:28:68:10:25:
12:cd:75:f6:2a:52:d2:07:76:ac:cb:4a:a2:41:99:
bd:3c:f1:ea:a4:87:e4:49:43:91:13:fb:02:b7:5b:
13:cf:76:68:19:0b:70:8f:ad:d0:f6:63:99:0c:55:
f7:c9:29:7c:0d:f5:ee:2a:42:f2:0c:2a:2c:b6:7a:
0e:c7:bf:8d:a1:a2:48:47:c9:1a:e1:6b:3a:8b:9e:
72:e5:28:b5:50:e3:c4:d9:bd:36:c3:a1:e0:d3:05:
16:94:47:3f:36:09:f2:bf:49:5c:4b:f9:ed:3c:3e:
fd:1b:e8:e1:e8:c3:06:8b:80:a8:fe:20:3a:1c:cb:
6b:f5:48:7d:60:59:54:a2:bd:3f:23:7a:df:96:b8:
74:40:87:55:a5:70:6f:f8:3a:2f:9d:97:ea:c0:37:
73:e3:df:39:87:95:af:79:d9:9b:ae:26:48:5a:f3:
eb:77:c2:ec:27:89:99:d7:00:b9:f3:b9:1f:fc:82:
5d:cc:70:93:a4:3d:d4:4f:09:33:14:b3:59:32:77:
4a:04:2e:77:aa:b4:94:c1:cb:46:34:85:ca:7d:ea:
f7:66:54:e4:dd:dd:97:e4:75:14:4b:54:e2:d2:c1:
70:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:53:3D:59:80:58:63:B9:40:93:CA:5F:AE:3C:21:97:C5:F6:BA:E0
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/KVM9WYBYY7lAk8pfrjwhl8X2uuA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0::/36
Signature Algorithm: sha256WithRSAEncryption
b5:3a:da:79:9b:56:f8:b5:17:25:e6:55:90:00:a2:8d:70:ec:
c9:68:5c:4c:f2:a7:80:16:49:60:7d:f6:5e:f1:a8:ac:a3:46:
db:9d:fc:b8:31:5f:49:c2:91:57:6d:c5:ab:a4:fd:ec:40:b4:
8c:3e:28:a2:ff:01:46:04:85:03:af:cb:35:af:da:13:b3:f0:
61:f5:8a:7d:db:2b:c3:5b:f7:e1:3b:aa:e4:cb:2d:c5:9d:2a:
f6:09:62:17:6d:28:43:b6:29:bd:a2:d7:f3:8d:10:84:6e:0b:
13:53:79:61:9c:1b:37:44:dc:bb:98:25:ea:b2:b4:2d:d1:be:
44:5c:4f:91:c0:48:37:fb:8c:aa:eb:b1:a4:b6:17:26:42:00:
31:b4:a3:f1:7b:85:7f:6c:3e:d3:5e:9f:49:b4:cd:1e:e7:9d:
24:83:c3:b6:49:d3:ad:7e:38:3b:cf:f8:3d:9a:e1:c7:b4:e1:
8a:b0:5d:4c:54:0a:3a:95:e5:3b:b9:da:fb:1b:e3:b0:a1:c3:
d3:59:fd:51:1d:ba:eb:14:10:92:25:c0:d3:57:37:b4:ae:49:
4a:66:61:53:cc:fd:e3:ba:90:1d:b2:8a:22:a8:0c:25:5a:b2:
b9:a5:e2:4d:b4:a2:a4:70:85:c9:89:ea:84:4c:7d:d4:b5:e3:
66:b7:10:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yNDA4MjYw
NTE4NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5NTMzRDU5ODA1ODYz
Qjk0MDkzQ0E1RkFFM0MyMTk3QzVGNkJBRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr4mXj+EYr1MV7TpZJB3dn806Ci+fuIyu1KGgQJRLNdfYqUtIH
dqzLSqJBmb088eqkh+RJQ5ET+wK3WxPPdmgZC3CPrdD2Y5kMVffJKXwN9e4qQvIM
Kiy2eg7Hv42hokhHyRrhazqLnnLlKLVQ48TZvTbDoeDTBRaURz82CfK/SVxL+e08
Pv0b6OHowwaLgKj+IDocy2v1SH1gWVSivT8jet+WuHRAh1WlcG/4Oi+dl+rAN3Pj
3zmHla952ZuuJkha8+t3wuwniZnXALnzuR/8gl3McJOkPdRPCTMUs1kyd0oELneq
tJTBy0Y0hcp96vdmVOTd3ZfkdRRLVOLSwXABAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKVM9WYBYY7lAk8pfrjwhl8X2uuAwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL0tWTTlXWUJZWTdsQWs4cGZy
andobDhYMnV1QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk
AZXAADANBgkqhkiG9w0BAQsFAAOCAQEAtTraeZtW+LUXJeZVkACijXDsyWhcTPKn
gBZJYH32XvGorKNG2538uDFfScKRV23Fq6T97EC0jD4oov8BRgSFA6/LNa/aE7Pw
YfWKfdsrw1v34Tuq5MstxZ0q9gliF20oQ7YpvaLX840QhG4LE1N5YZwbN0Tcu5gl
6rK0LdG+RFxPkcBIN/uMquuxpLYXJkIAMbSj8XuFf2w+016fSbTNHuedJIPDtknT
rX44O8/4PZrhx7ThirBdTFQKOpXlO7na+xvjsKHD01n9UR266xQQkiXA01c3tK5J
SmZhU8z947qQHbKKIqgMJVqyuaXiTbSipHCFyYnqhEx91LXjZrcQTA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:59:30 2025 by rpki-client