Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/BkwmbsR0C-5y6dr1SUH6zHmXuIk.roa
File: BkwmbsR0C-5y6dr1SUH6zHmXuIk.roa (raw, json)
Hash identifier: A7fJoxNiyBVyW8u7PqS9fCg5cP0sY8l+Gprql6lfAeI=
Subject key identifier: 06:4C:26:6E:C4:74:0B:EE:72:E9:DA:F5:49:41:FA:CC:79:97:B8:89
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0D1F
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/BkwmbsR0C-5y6dr1SUH6zHmXuIk.roa
Signing time: Mon 26 Aug 2024 05:19:35 +0000
ROA not before: Mon 26 Aug 2024 05:19:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9416
IP address blocks: 122.99.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3359 (0xd1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Aug 26 05:19:35 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=064C266EC4740BEE72E9DAF54941FACC7997B889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:70:db:24:cf:44:23:3b:67:32:e8:c4:62:89:
5f:7a:98:75:c6:33:83:df:15:d5:c5:03:fd:90:3b:
c8:6d:3c:57:79:b4:36:51:95:ab:57:ba:e7:5e:44:
a1:8b:4d:c8:21:99:df:b2:fe:7d:81:f4:84:c3:2b:
32:a7:e3:1d:05:78:03:59:4e:c2:32:94:ff:7a:49:
db:1c:76:0e:cc:aa:ad:94:b2:19:77:fb:87:37:12:
f0:47:73:b2:52:88:ff:00:a1:41:2b:03:38:53:52:
8d:48:a1:4c:f8:ac:75:44:87:e7:59:54:ee:56:6b:
10:77:ed:b5:27:92:51:3f:d9:f3:e1:d3:37:70:23:
25:83:cf:4f:b0:82:2a:78:72:18:0d:d0:e8:ec:54:
43:73:f9:84:dd:45:08:de:79:b6:0d:cb:81:0f:9e:
b7:2d:3f:ef:b3:54:f0:19:4e:6d:2c:a0:5d:00:23:
ef:05:05:e7:14:9c:5a:8e:97:9d:02:ed:4b:4c:66:
ca:05:99:d3:46:72:06:25:20:be:73:fc:7d:58:fd:
7b:2a:d7:bc:54:c0:4b:2a:0d:66:90:eb:bd:bc:73:
3b:82:b5:36:2c:64:a3:8b:6e:e6:9a:be:8b:4b:17:
9c:96:2f:64:74:e6:2b:69:1f:42:77:f5:6e:7a:61:
2c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4C:26:6E:C4:74:0B:EE:72:E9:DA:F5:49:41:FA:CC:79:97:B8:89
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/BkwmbsR0C-5y6dr1SUH6zHmXuIk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.99.0.0/18
Signature Algorithm: sha256WithRSAEncryption
20:3f:f7:f0:c2:0d:2d:e0:b1:68:10:83:c3:83:0a:29:ac:f4:
1b:c9:40:63:4a:80:22:e5:ec:8f:62:82:39:54:f7:3c:3b:20:
2a:37:a9:5c:22:ee:28:7f:80:23:09:73:10:f0:37:27:e3:3e:
3a:71:e1:00:92:60:79:3a:30:4f:d5:a0:82:78:34:6c:e4:8a:
57:77:a8:1b:7d:79:10:72:6c:cb:d0:f1:bd:96:fb:3c:81:bf:
a0:5b:d7:b5:76:cf:74:5e:9b:b3:9e:16:7c:25:39:5a:87:39:
a8:33:11:90:72:bc:dc:8e:32:60:5a:44:5d:a2:9f:54:6b:8a:
b6:bf:6c:95:5f:d0:b8:54:ed:42:41:e8:23:8a:4b:e7:27:5a:
d1:24:b8:0b:6b:c7:34:33:b4:c0:75:99:d9:de:5e:14:7d:21:
3d:aa:97:d7:0a:56:68:00:38:9c:5a:02:e3:39:e8:f8:41:31:
b3:33:87:23:5a:6f:69:81:41:51:85:5b:fa:28:63:e0:ff:d9:
a3:54:fc:f2:85:f8:92:81:2a:98:ea:37:61:a7:26:39:a8:76:
40:69:d3:b9:c4:ea:1d:cd:01:04:d7:be:ac:4e:4d:a4:ff:dc:
42:2a:8f:bc:ab:d6:55:45:20:c2:22:b8:18:35:21:8b:40:ae:
be:19:e8:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw
NTE5MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA2NEMyNjZFQzQ3NDBC
RUU3MkU5REFGNTQ5NDFGQUNDNzk5N0I4ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPcNskz0QjO2cy6MRiiV96mHXGM4PfFdXFA/2QO8htPFd5tDZR
latXuudeRKGLTcghmd+y/n2B9ITDKzKn4x0FeANZTsIylP96Sdscdg7Mqq2Ushl3
+4c3EvBHc7JSiP8AoUErAzhTUo1IoUz4rHVEh+dZVO5WaxB37bUnklE/2fPh0zdw
IyWDz0+wgip4chgN0OjsVENz+YTdRQjeebYNy4EPnrctP++zVPAZTm0soF0AI+8F
BecUnFqOl50C7UtMZsoFmdNGcgYlIL5z/H1Y/Xsq17xUwEsqDWaQ6728czuCtTYs
ZKOLbuaavotLF5yWL2R05itpH0J39W56YSxfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBkwmbsR0C+5y6dr1SUH6zHmXuIkwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0Jrd21ic1IwQy01eTZkcjFT
VUg2ekhtWHVJay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ6
YwAwDQYJKoZIhvcNAQELBQADggEBACA/9/DCDS3gsWgQg8ODCims9BvJQGNKgCLl
7I9igjlU9zw7ICo3qVwi7ih/gCMJcxDwNyfjPjpx4QCSYHk6ME/VoIJ4NGzkild3
qBt9eRBybMvQ8b2W+zyBv6Bb17V2z3Rem7OeFnwlOVqHOagzEZByvNyOMmBaRF2i
n1Rrira/bJVf0LhU7UJB6COKS+cnWtEkuAtrxzQztMB1mdneXhR9IT2ql9cKVmgA
OJxaAuM56PhBMbMzhyNab2mBQVGFW/ooY+D/2aNU/PKF+JKBKpjqN2GnJjmodkBp
07nE6h3NAQTXvqxOTaT/3EIqj7yr1lVFIMIiuBg1IYtArr4Z6Mc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:21 2025 by rpki-client