Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKH/Tew26Xv4XvGLbN7Qy0jSbpu0oLc.roa
File: Tew26Xv4XvGLbN7Qy0jSbpu0oLc.roa (raw, json)
Hash identifier: tBC9RGuTZNwk4sHfgNtnjMoxNn/XRY/vkxTu5J3ZlNg=
Subject key identifier: 4D:EC:36:E9:7B:F8:5E:F1:8B:6C:DE:D0:CB:48:D2:6E:9B:B4:A0:B7
Certificate issuer: /CN=DD87446D4150D1453C4A142A49EBA107DA5D1999
Certificate serial: 09
Authority key identifier: DD:87:44:6D:41:50:D1:45:3C:4A:14:2A:49:EB:A1:07:DA:5D:19:99
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/Tew26Xv4XvGLbN7Qy0jSbpu0oLc.roa
Signing time: Sat 11 Jan 2025 15:11:45 +0000
ROA not before: Sat 11 Jan 2025 15:11:45 +0000
ROA not after: Fri 09 Jan 2026 15:30:20 +0000
asID: 131645
IP address blocks: 2401:e760::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:24:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DD87446D4150D1453C4A142A49EBA107DA5D1999
Validity
Not Before: Jan 11 15:11:45 2025 GMT
Not After : Jan 9 15:30:20 2026 GMT
Subject: CN=4DEC36E97BF85EF18B6CDED0CB48D26E9BB4A0B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:02:58:d6:cb:54:9e:42:06:88:38:51:b2:
a8:47:67:fb:c1:76:1d:9e:a2:3d:a4:71:f9:68:d7:
34:cd:b2:d5:8e:27:41:8a:14:c1:47:da:8c:a2:0f:
2f:5a:f6:c5:1f:c1:ba:46:5c:5b:a7:12:4e:9a:31:
86:fb:dd:e3:bf:be:d6:46:74:85:1f:64:e5:84:6f:
14:5a:91:39:a9:e0:20:c0:0b:88:d9:77:c8:f8:8a:
7e:dd:37:65:73:f7:97:d0:ea:d6:a9:43:5c:a8:53:
5f:20:19:78:54:25:e0:91:da:26:92:3c:16:f5:cc:
2a:de:08:5e:f0:7f:93:8c:03:94:a0:ce:48:49:42:
4a:7a:51:c4:a7:82:a5:0f:4c:04:37:e9:ac:f6:01:
fc:9a:80:d2:ed:bc:27:27:af:37:fc:02:af:53:1c:
1b:ac:f6:62:f2:69:19:3a:72:ad:48:9e:67:6e:6a:
a2:1c:15:73:d6:17:0d:a1:3c:bd:f3:d2:a3:9c:54:
1a:e1:ed:01:ed:c7:aa:1b:0e:cc:03:4c:93:3b:e7:
8b:a0:56:31:58:48:03:f4:50:05:61:cf:3b:22:be:
37:85:5e:ff:44:a1:63:5d:00:60:85:ba:4b:6c:af:
13:51:26:79:8a:85:df:62:f4:b7:f3:21:ee:34:6f:
a4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:EC:36:E9:7B:F8:5E:F1:8B:6C:DE:D0:CB:48:D2:6E:9B:B4:A0:B7
X509v3 Authority Key Identifier:
keyid:DD:87:44:6D:41:50:D1:45:3C:4A:14:2A:49:EB:A1:07:DA:5D:19:99
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/Tew26Xv4XvGLbN7Qy0jSbpu0oLc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e760::/32
Signature Algorithm: sha256WithRSAEncryption
6e:eb:cb:c0:cd:e9:fe:55:75:15:90:cd:51:8f:ff:dd:21:23:
b5:07:6f:10:3d:82:65:28:d8:43:54:e7:48:c5:d1:37:cf:38:
fd:39:37:4e:a3:d4:4e:eb:10:3a:05:b3:6e:60:37:01:e7:ff:
15:ee:d4:ee:ac:1e:ee:5e:af:ff:db:6b:f9:e5:7e:0b:01:e2:
98:3e:08:a6:18:4f:f8:a2:03:a1:a7:d6:a4:e2:39:08:7c:3d:
c5:2b:1b:78:ba:cc:e0:ee:54:19:f5:e7:0d:24:6e:83:4e:37:
b4:13:25:1c:e6:55:b7:bc:3e:5e:83:85:ae:2f:ab:1a:95:87:
a2:99:cc:be:53:6f:2b:23:36:fa:c9:68:3c:e6:2c:de:dd:76:
d4:c6:3f:49:c5:a1:45:3c:96:7b:7a:2d:e5:62:d1:b0:3b:89:
32:ab:1d:2d:ef:a3:91:40:b1:ff:99:18:ab:34:73:68:17:c9:
c2:81:01:e5:07:70:ab:1c:88:1c:82:d4:d8:de:5f:cf:c6:e5:
df:02:00:31:1a:93:38:90:93:b4:be:50:6b:89:18:5e:5e:02:
bd:57:09:39:a7:1c:52:43:f8:c5:bf:8b:04:63:22:6e:97:92:
c6:0b:7e:9c:26:03:e5:ff:5a:1b:e5:43:de:1e:c9:50:c2:5c:
48:35:4c:51
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERDg3
NDQ2RDQxNTBEMTQ1M0M0QTE0MkE0OUVCQTEwN0RBNUQxOTk5MB4XDTI1MDExMTE1
MTE0NVoXDTI2MDEwOTE1MzAyMFowMzExMC8GA1UEAxMoNERFQzM2RTk3QkY4NUVG
MThCNkNERUQwQ0I0OEQyNkU5QkI0QTBCNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKS8AljWy1SeQgaIOFGyqEdn+8F2HZ6iPaRx+WjXNM2y1Y4nQYoU
wUfajKIPL1r2xR/BukZcW6cSTpoxhvvd47++1kZ0hR9k5YRvFFqROangIMALiNl3
yPiKft03ZXP3l9Dq1qlDXKhTXyAZeFQl4JHaJpI8FvXMKt4IXvB/k4wDlKDOSElC
SnpRxKeCpQ9MBDfprPYB/JqA0u28JyevN/wCr1McG6z2YvJpGTpyrUieZ25qohwV
c9YXDaE8vfPSo5xUGuHtAe3HqhsOzANMkzvni6BWMVhIA/RQBWHPOyK+N4Ve/0Sh
Y10AYIW6S2yvE1EmeYqF32L0t/Mh7jRvpLMCAwEAAaOCAekwggHlMB0GA1UdDgQW
BBRN7Dbpe/he8Yts3tDLSNJum7SgtzAfBgNVHSMEGDAWgBTdh0RtQVDRRTxKFCpJ
66EH2l0ZmTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGA1UdHwRSMFAwTqBM
oEqGSHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0gvM1lk
RWJVRlEwVVU4U2hRcVNldWhCOXBkR1prLmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS8z
WWRFYlVGUTBVVThTaFFxU2V1aEI5cGRHWmsuY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mQYIKwYBBQUHAQsEgYwwgYkwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0gvVGV3MjZYdjRYdkdMYk43UXkwalNicHUw
b0xjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv
bm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQB52AwDQYJ
KoZIhvcNAQELBQADggEBAG7ry8DN6f5VdRWQzVGP/90hI7UHbxA9gmUo2ENU50jF
0TfPOP05N06j1E7rEDoFs25gNwHn/xXu1O6sHu5er//ba/nlfgsB4pg+CKYYT/ii
A6Gn1qTiOQh8PcUrG3i6zODuVBn15w0kboNON7QTJRzmVbe8Pl6Dha4vqxqVh6KZ
zL5TbysjNvrJaDzmLN7ddtTGP0nFoUU8lnt6LeVi0bA7iTKrHS3vo5FAsf+ZGKs0
c2gXycKBAeUHcKsciByC1NjeX8/G5d8CADEakziQk7S+UGuJGF5eAr1XCTmnHFJD
+MW/iwRjIm6XksYLfpwmA+X/WhvlQ94eyVDCXEg1TFE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:56:52 2025 by rpki-client