Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/LJ_1VrZIQlWBpuD7jEZlRrChlFo.roa
File: LJ_1VrZIQlWBpuD7jEZlRrChlFo.roa (raw, json)
Hash identifier: h+Tov41pvqApNnmRovnXhjjIZVBxpd+ARMHSYUr4/1Y=
Subject key identifier: 2C:9F:F5:56:B6:48:42:55:81:A6:E0:FB:8C:46:65:46:B0:A1:94:5A
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0D55
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/LJ_1VrZIQlWBpuD7jEZlRrChlFo.roa
Signing time: Mon 26 Aug 2024 05:19:42 +0000
ROA not before: Mon 26 Aug 2024 05:19:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3413 (0xd55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Aug 26 05:19:42 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2C9FF556B648425581A6E0FB8C466546B0A1945A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:87:2c:11:e1:51:f7:9f:4e:e3:d3:bf:77:fe:
ba:96:a4:69:ce:aa:c3:06:aa:9c:5d:90:97:fc:c5:
e3:dd:a0:47:73:a3:57:6a:33:52:90:93:9b:07:72:
6a:1e:13:ba:dc:87:1a:33:65:06:64:50:da:2a:fc:
ef:e1:32:9b:a9:12:ac:69:4d:cd:2a:b8:0c:fa:ba:
81:81:ef:10:25:b8:33:77:3a:f2:09:0a:f5:58:55:
18:51:fa:77:6f:40:9f:d6:48:d2:b3:62:dc:83:93:
37:92:96:54:f8:3c:51:dd:bc:39:c5:09:18:f5:a8:
d4:a7:d0:a2:45:a4:4e:27:bc:7e:57:7a:b4:43:40:
21:c6:6c:40:51:9d:83:ec:66:0c:c4:fd:52:22:4d:
0f:ff:a4:c9:35:f9:e7:25:8a:d9:a5:c1:e3:21:60:
06:0a:b4:dc:74:29:12:bc:8b:39:0e:2d:7e:16:b8:
99:80:6e:85:26:49:f6:30:ca:d0:7b:86:ed:cc:cc:
d4:89:23:15:fb:9b:6c:bf:ad:85:c7:37:3a:14:e8:
b2:db:a5:b3:12:c2:02:a2:8e:10:f8:37:f3:1e:27:
3d:fb:59:52:d3:f0:01:6f:a1:e4:25:11:16:3e:4c:
2d:c5:52:36:81:eb:83:e9:11:1c:b6:3d:9f:fa:90:
c1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9F:F5:56:B6:48:42:55:81:A6:E0:FB:8C:46:65:46:B0:A1:94:5A
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/LJ_1VrZIQlWBpuD7jEZlRrChlFo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.72.0/22
Signature Algorithm: sha256WithRSAEncryption
98:d7:0a:3d:75:3e:48:2d:a9:20:3d:01:38:cd:b1:54:8a:c0:
cb:16:e6:91:db:f0:47:3c:39:ea:06:2a:a7:a5:02:a3:59:bb:
47:76:94:48:1d:cb:ac:49:2e:26:01:d4:76:b0:fe:79:d9:25:
ff:d3:8d:c6:15:27:9f:d2:d8:09:15:34:05:26:67:25:3c:f8:
fd:4a:4f:ad:49:d4:ce:27:eb:2d:4a:ba:d9:6d:0e:76:7b:86:
92:1e:86:83:7f:a5:66:28:52:e6:3d:12:4c:9c:74:08:eb:16:
ee:b9:e2:dc:77:e3:a4:52:58:a6:59:a3:61:1c:da:84:00:cf:
64:a3:94:47:7f:e0:c5:e7:98:35:36:89:d8:34:20:2e:3a:a1:
cd:6c:18:8d:1b:fe:4a:d9:d2:1b:35:8e:b4:a0:fa:4f:a4:bf:
20:cb:5f:f0:b1:cc:7c:a7:11:84:db:5b:4d:2b:86:9c:31:10:
24:43:05:bb:3f:ac:a7:15:ca:20:e5:77:21:bf:ba:98:aa:e8:
9a:2d:d3:3b:5b:84:e2:aa:09:cc:23:65:4f:5d:b8:b8:da:72:
69:b0:b6:e1:f4:04:eb:50:80:54:3d:06:da:8d:73:18:42:b9:
fa:29:5a:71:76:4c:a8:fe:93:78:75:c8:92:03:c6:57:6a:89:
d0:33:cf:ee
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw
NTE5NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJDOUZGNTU2QjY0ODQy
NTU4MUE2RTBGQjhDNDY2NTQ2QjBBMTk0NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAhywR4VH3n07j0793/rqWpGnOqsMGqpxdkJf8xePdoEdzo1dq
M1KQk5sHcmoeE7rchxozZQZkUNoq/O/hMpupEqxpTc0quAz6uoGB7xAluDN3OvIJ
CvVYVRhR+ndvQJ/WSNKzYtyDkzeSllT4PFHdvDnFCRj1qNSn0KJFpE4nvH5XerRD
QCHGbEBRnYPsZgzE/VIiTQ//pMk1+eclitmlweMhYAYKtNx0KRK8izkOLX4WuJmA
boUmSfYwytB7hu3MzNSJIxX7m2y/rYXHNzoU6LLbpbMSwgKijhD4N/MeJz37WVLT
8AFvoeQlERY+TC3FUjaB64PpERy2PZ/6kMFRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQULJ/1VrZIQlWBpuD7jEZlRrChlFowHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0xKXzFWclpJUWxXQnB1RDdqRVpsUnJD
aGxGby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUgwDQYJ
KoZIhvcNAQELBQADggEBAJjXCj11PkgtqSA9ATjNsVSKwMsW5pHb8Ec8OeoGKqel
AqNZu0d2lEgdy6xJLiYB1Haw/nnZJf/TjcYVJ5/S2AkVNAUmZyU8+P1KT61J1M4n
6y1KutltDnZ7hpIehoN/pWYoUuY9EkycdAjrFu654tx346RSWKZZo2Ec2oQAz2Sj
lEd/4MXnmDU2idg0IC46oc1sGI0b/krZ0hs1jrSg+k+kvyDLX/CxzHynEYTbW00r
hpwxECRDBbs/rKcVyiDldyG/upiq6Jot0ztbhOKqCcwjZU9duLjacmmwtuH0BOtQ
gFQ9BtqNcxhCufopWnF2TKj+k3h1yJIDxldqidAzz+4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:43 2025 by rpki-client