Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/tlC8Ijhjf9D8QFOiqhNYeo8LXDA.roa
File: tlC8Ijhjf9D8QFOiqhNYeo8LXDA.roa (raw, json)
Hash identifier: rav/+y3/+pZ7Rugvyj3SI/UEHIuxdQ5aquiVGu8WC4Y=
Subject key identifier: B6:50:BC:22:38:63:7F:D0:FC:40:53:A2:AA:13:58:7A:8F:0B:5C:30
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0D2A
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/tlC8Ijhjf9D8QFOiqhNYeo8LXDA.roa
Signing time: Mon 26 Aug 2024 05:19:37 +0000
ROA not before: Mon 26 Aug 2024 05:19:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 123.252.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:06:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3370 (0xd2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Aug 26 05:19:37 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B650BC2238637FD0FC4053A2AA13587A8F0B5C30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9a:1f:19:b2:f1:07:95:97:8d:a9:57:5d:a3:
2f:fc:d5:50:fa:94:9f:3a:3d:37:eb:6c:4d:47:9d:
34:fe:95:33:29:88:6c:9b:16:a1:97:ff:85:05:60:
f5:a8:96:cc:9d:2c:c7:81:c9:5a:39:72:70:9c:39:
ad:d0:ca:f0:4f:a2:26:fb:4b:d4:61:1e:d1:53:af:
2e:63:34:5d:2a:8f:04:82:fb:1a:4f:fa:bc:a1:79:
e0:bb:2b:ad:ad:9b:0d:07:3c:f9:28:0f:9b:8f:81:
5e:6c:4d:de:f7:cd:97:19:ff:0f:e1:14:84:86:eb:
47:06:a9:87:35:6d:7b:ac:f4:3f:3b:eb:64:16:4b:
18:46:18:30:52:bb:17:69:24:ae:4c:02:70:3d:6b:
63:77:e1:bc:1e:1a:fe:25:6f:5a:78:1d:1d:ff:5c:
84:1a:37:83:80:23:9e:93:c4:0c:2f:d6:7c:85:f0:
3d:61:ec:36:ac:68:1f:61:2d:69:bd:35:04:fa:1d:
f7:9e:01:0c:80:ec:62:91:24:2e:e8:1a:e6:ea:50:
2c:73:bc:e3:6e:53:96:fc:1a:5c:df:63:2c:ad:f8:
e0:1b:d9:6b:eb:c8:b7:b7:a7:25:69:d0:ab:6b:d3:
f9:a4:05:fa:7e:76:5b:41:27:89:1f:3c:3b:cd:49:
57:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:50:BC:22:38:63:7F:D0:FC:40:53:A2:AA:13:58:7A:8F:0B:5C:30
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/tlC8Ijhjf9D8QFOiqhNYeo8LXDA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.252.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:86:b5:31:2a:81:4d:0e:5a:8e:a2:89:e4:ba:f5:15:a8:25:
af:04:9e:37:6e:27:7f:df:d2:28:e1:0b:0d:d8:59:39:01:2d:
90:2c:c6:9d:7f:d1:6b:57:72:7f:df:a1:d1:07:db:f0:09:b5:
05:20:1d:bc:75:50:b4:ef:da:c2:56:63:af:15:ef:e2:3a:63:
6e:57:e6:38:3c:34:83:79:37:55:7c:97:49:6a:10:e3:52:a3:
00:4c:6c:32:28:34:0e:af:98:49:1a:97:25:e8:e0:df:a5:92:
10:cc:f7:61:58:94:ac:5c:1f:fe:98:c7:f2:1b:cb:ea:90:0d:
20:b5:36:80:88:b9:49:5d:3e:64:dd:3f:69:d6:c4:7e:3b:df:
8b:f6:96:7e:3c:ff:46:6c:1f:6b:97:38:d1:48:e5:8d:03:02:
c8:27:e0:27:30:ca:f4:27:e3:15:a1:80:7d:a6:a5:7e:41:a0:
9e:cb:a0:db:75:ab:96:54:32:89:0c:87:3d:76:bb:30:c6:6c:
52:98:86:1d:86:dd:3e:d6:52:e9:df:29:9f:18:1d:cb:f3:0e:
db:a8:84:92:e1:bb:a7:df:47:5f:f7:99:2e:a2:02:09:3e:d8:
4f:19:57:01:5d:44:2c:ad:6f:14:fd:30:4c:0c:a5:89:6d:87:
20:b1:0d:6f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw
NTE5MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI2NTBCQzIyMzg2MzdG
RDBGQzQwNTNBMkFBMTM1ODdBOEYwQjVDMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvmh8ZsvEHlZeNqVddoy/81VD6lJ86PTfrbE1HnTT+lTMpiGyb
FqGX/4UFYPWolsydLMeByVo5cnCcOa3QyvBPoib7S9RhHtFTry5jNF0qjwSC+xpP
+ryheeC7K62tmw0HPPkoD5uPgV5sTd73zZcZ/w/hFISG60cGqYc1bXus9D8762QW
SxhGGDBSuxdpJK5MAnA9a2N34bweGv4lb1p4HR3/XIQaN4OAI56TxAwv1nyF8D1h
7DasaB9hLWm9NQT6HfeeAQyA7GKRJC7oGubqUCxzvONuU5b8GlzfYyyt+OAb2Wvr
yLe3pyVp0Ktr0/mkBfp+dltBJ4kfPDvNSVe7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtlC8Ijhjf9D8QFOiqhNYeo8LXDAwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL3RsQzhJamhqZjlEOFFGT2lx
aE5ZZW84TFhEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ7
/EAwDQYJKoZIhvcNAQELBQADggEBAESGtTEqgU0OWo6iieS69RWoJa8EnjduJ3/f
0ijhCw3YWTkBLZAsxp1/0WtXcn/fodEH2/AJtQUgHbx1ULTv2sJWY68V7+I6Y25X
5jg8NIN5N1V8l0lqEONSowBMbDIoNA6vmEkalyXo4N+lkhDM92FYlKxcH/6Yx/Ib
y+qQDSC1NoCIuUldPmTdP2nWxH4734v2ln48/0ZsH2uXONFI5Y0DAsgn4CcwyvQn
4xWhgH2mpX5BoJ7LoNt1q5ZUMokMhz12uzDGbFKYhh2G3T7WUunfKZ8YHcvzDtuo
hJLhu6ffR1/3mS6iAgk+2E8ZVwFdRCytbxT9MEwMpYlthyCxDW8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:33 2025 by rpki-client