Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/ghin7qeasFX4mzKEs0KIe4q82ts.roa
File: ghin7qeasFX4mzKEs0KIe4q82ts.roa (raw, json)
Hash identifier: gvuv2xmTW3Kyxfr2SVqzQOMTPbT7P3iGIZm37k5ZQ6k=
Subject key identifier: 82:18:A7:EE:A7:9A:B0:55:F8:9B:32:84:B3:42:88:7B:8A:BC:DA:DB
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0D65
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ghin7qeasFX4mzKEs0KIe4q82ts.roa
Signing time: Mon 26 Aug 2024 05:19:46 +0000
ROA not before: Mon 26 Aug 2024 05:19:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.8.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3429 (0xd65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Aug 26 05:19:46 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8218A7EEA79AB055F89B3284B342887B8ABCDADB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:af:03:e8:36:c6:54:e3:4c:4a:a1:9e:d9:
16:77:0b:ec:27:56:ca:8f:5e:ec:05:4b:f8:72:21:
70:57:ad:41:7f:52:cc:46:34:bb:fc:1c:c0:b5:fb:
dd:4c:76:fc:9b:7a:f6:29:92:a0:7b:32:22:5f:b0:
3e:f5:ed:fa:4a:03:fa:f9:a9:ae:0e:dc:8d:08:5c:
64:d7:5b:a4:08:3b:60:a7:b4:39:75:db:6d:6c:33:
19:6f:55:a2:61:b3:84:c0:2f:62:31:c6:61:f5:ab:
6d:24:49:d9:69:29:68:6e:76:89:2c:6f:96:b2:5c:
c9:0b:1c:62:bd:25:98:44:4d:5d:5c:ae:60:7a:73:
08:53:fa:7a:17:be:06:c7:b9:34:f1:57:34:99:ab:
84:2a:fd:3b:f9:92:48:b2:a9:ad:b9:34:db:78:16:
af:ad:4d:e9:40:0d:0a:e9:ba:39:f3:00:12:49:8e:
9e:84:1b:2e:e8:e6:35:3b:75:43:00:dc:1c:c3:30:
c7:91:11:2b:26:ed:1f:44:46:0e:9c:cd:92:b1:df:
e3:29:e4:a6:19:59:28:3d:37:b3:1a:a1:7d:3e:9c:
67:c4:ef:6c:24:b9:b4:a5:b9:51:89:e0:d9:b6:3d:
e1:f7:d9:cb:8f:08:13:bd:12:d5:32:58:50:d8:6b:
54:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:18:A7:EE:A7:9A:B0:55:F8:9B:32:84:B3:42:88:7B:8A:BC:DA:DB
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ghin7qeasFX4mzKEs0KIe4q82ts.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.8.0/21
Signature Algorithm: sha256WithRSAEncryption
63:56:00:21:cc:12:e9:a0:57:a9:c0:04:97:12:cf:59:ba:e3:
e7:ae:96:3b:11:d3:8d:c3:1e:11:3b:77:0b:f3:8c:5d:df:e1:
a4:2f:07:43:56:5a:2e:e6:6a:4b:35:af:8a:74:46:cb:30:51:
66:09:19:31:95:dd:43:77:d5:bb:aa:bb:89:99:12:b9:eb:39:
89:b7:b3:68:8b:bf:ea:0c:1d:90:34:f5:f3:3a:f0:9f:a3:ac:
ee:f2:3d:74:fd:73:0e:b3:4e:4e:bc:5d:e8:1c:6c:5d:42:f1:
fc:00:7c:91:1d:a7:e8:c3:56:58:40:8c:90:10:d2:ab:a5:06:
c9:21:f3:ed:fe:ed:70:51:5c:6a:a7:2e:2b:15:f3:c5:bd:b6:
b5:ee:07:6a:b4:f7:5e:7a:8e:e7:5e:d5:9a:5c:b5:f2:b3:fd:
e5:6b:88:bd:90:31:4c:1f:28:a0:b9:cb:3a:0a:c6:7a:a9:26:
fd:b8:b4:3b:b4:e3:d9:84:3c:54:76:35:71:d3:a9:17:35:88:
18:11:df:7b:c7:57:a7:fc:69:3c:94:35:f9:61:5e:5a:38:47:
1a:56:8e:17:ff:90:f0:60:cd:d9:d2:d0:c1:68:2d:1f:2e:a5:
f7:88:b5:6a:09:73:ed:40:5b:5b:6a:57:f1:1e:79:24:18:d9:
97:fe:3a:a2
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDWUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw
NTE5NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgyMThBN0VFQTc5QUIw
NTVGODlCMzI4NEIzNDI4ODdCOEFCQ0RBREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5X68D6DbGVONMSqGe2RZ3C+wnVsqPXuwFS/hyIXBXrUF/UsxG
NLv8HMC1+91MdvybevYpkqB7MiJfsD717fpKA/r5qa4O3I0IXGTXW6QIO2CntDl1
221sMxlvVaJhs4TAL2IxxmH1q20kSdlpKWhudoksb5ayXMkLHGK9JZhETV1crmB6
cwhT+noXvgbHuTTxVzSZq4Qq/Tv5kkiyqa25NNt4Fq+tTelADQrpujnzABJJjp6E
Gy7o5jU7dUMA3BzDMMeRESsm7R9ERg6czZKx3+Mp5KYZWSg9N7MaoX0+nGfE72wk
ubSluVGJ4Nm2PeH32cuPCBO9EtUyWFDYa1S9AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUghin7qeasFX4mzKEs0KIe4q82tswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2doaW43cWVhc0ZYNG16S0VzMEtJZTRx
ODJ0cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PQgwDQYJ
KoZIhvcNAQELBQADggEBAGNWACHMEumgV6nABJcSz1m64+euljsR043DHhE7dwvz
jF3f4aQvB0NWWi7maks1r4p0RsswUWYJGTGV3UN31buqu4mZErnrOYm3s2iLv+oM
HZA09fM68J+jrO7yPXT9cw6zTk68XegcbF1C8fwAfJEdp+jDVlhAjJAQ0qulBskh
8+3+7XBRXGqnLisV88W9trXuB2q09156jude1ZpctfKz/eVriL2QMUwfKKC5yzoK
xnqpJv24tDu049mEPFR2NXHTqRc1iBgR33vHV6f8aTyUNflhXlo4RxpWjhf/kPBg
zdnS0MFoLR8upfeItWoJc+1AW1tqV/EeeSQY2Zf+OqI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:41 2025 by rpki-client