Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/LG5rjfqMuZpLnlXisZpV8fuB1Og.roa
File: LG5rjfqMuZpLnlXisZpV8fuB1Og.roa (raw, json)
Hash identifier: 3DJtQ3Qm5pok/7plJtdZaYBVRyo2ZsB5J/cRuTOl+OQ=
Subject key identifier: 2C:6E:6B:8D:FA:8C:B9:9A:4B:9E:55:E2:B1:9A:55:F1:FB:81:D4:E8
Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Certificate serial: CF
Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/LG5rjfqMuZpLnlXisZpV8fuB1Og.roa
Signing time: Mon 27 Jan 2025 01:27:52 +0000
ROA not before: Mon 27 Jan 2025 01:27:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150766
IP address blocks: 157.66.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 03:40:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 207 (0xcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Validity
Not Before: Jan 27 01:27:52 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2C6E6B8DFA8CB99A4B9E55E2B19A55F1FB81D4E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:e8:1b:74:82:81:71:94:df:06:1b:a6:b6:
06:a0:9a:92:4f:20:8d:4c:fa:87:10:ad:b6:ab:f5:
5c:a3:cb:5b:8e:d3:2b:a0:a0:7e:a0:78:2a:e4:6d:
2b:44:4d:56:6c:7b:6f:08:8c:48:f4:1a:54:93:29:
7d:da:a4:c2:03:81:63:96:91:71:f3:dc:4f:dd:a9:
da:9b:fd:3d:1f:2a:d4:30:fb:80:8f:68:5d:61:7d:
95:2f:16:9e:15:e9:46:f3:19:87:71:65:19:9f:44:
04:a4:83:16:ad:52:8e:9b:55:5b:8a:fe:39:6e:4b:
d2:d5:39:5a:43:80:9b:9b:7b:f6:87:ab:53:8f:63:
6e:21:68:d0:a7:9d:c9:ec:7e:5b:3f:9b:0d:52:4c:
64:59:b7:41:04:75:c8:a3:0f:e2:cc:31:1b:ae:21:
70:f2:69:a8:9d:8e:80:9e:b7:71:c5:32:06:44:53:
97:31:36:10:b4:ed:e6:72:59:9f:f5:3c:e4:48:99:
93:59:05:0f:dd:cb:f9:ed:d5:07:18:3c:06:03:7e:
00:b6:fd:de:87:0c:dc:73:c5:3e:38:d2:37:09:1b:
4c:6b:75:6f:d5:86:eb:04:50:14:f4:31:d6:26:13:
f4:b2:07:0c:3b:a9:af:98:a1:a9:42:08:d1:6a:1d:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6E:6B:8D:FA:8C:B9:9A:4B:9E:55:E2:B1:9A:55:F1:FB:81:D4:E8
X509v3 Authority Key Identifier:
keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/LG5rjfqMuZpLnlXisZpV8fuB1Og.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.167.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:3b:d5:d0:4b:6d:50:6d:4d:de:b0:2e:92:12:c8:25:45:da:
23:80:7a:b4:6b:44:aa:59:bd:73:a0:78:30:80:77:ce:3d:9c:
e6:4c:19:37:25:0a:28:97:f6:ea:6d:20:0c:79:7e:2a:7c:d5:
ef:16:51:45:4a:cc:66:5d:1a:47:96:2e:21:53:cd:9b:dc:23:
1e:db:45:d4:c5:af:33:19:d5:c6:86:cd:01:40:0d:2b:41:d6:
64:68:12:6d:51:89:ad:a2:db:20:5a:1c:a7:4d:90:c6:ff:27:
b7:b9:98:cd:79:1e:73:a2:22:72:b0:44:50:56:bf:7c:59:c6:
d5:ac:64:ad:c2:6d:bc:53:50:36:ef:69:79:73:b1:26:0f:8d:
8a:d7:2a:c5:10:11:5a:b6:28:6c:10:98:50:bd:e2:86:43:06:
92:f3:08:d2:97:3a:db:c0:8b:94:d7:f3:0a:27:05:f1:3f:ee:
9f:db:7f:ef:ba:fd:51:80:f1:30:8a:25:5a:d1:4d:15:f2:44:
71:2b:9e:4c:62:36:db:63:de:18:ed:90:0b:6e:56:0a:02:e1:
38:89:dc:f1:07:b4:81:74:48:d0:3a:93:75:e4:0a:3a:93:bc:
d6:ab:92:d5:e2:1d:cf:fb:60:b8:64:07:4f:62:5b:18:f2:e3:
10:88:33:17
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDk2
NkI1NTkwOTMyNDE4MEE4OEE0NUUxRjY4M0NGNEQyRUQ5QkNBNTAeFw0yNTAxMjcw
MTI3NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJDNkU2QjhERkE4Q0I5
OUE0QjlFNTVFMkIxOUE1NUYxRkI4MUQ0RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzOugbdIKBcZTfBhumtgagmpJPII1M+ocQrbar9Vyjy1uO0yug
oH6geCrkbStETVZse28IjEj0GlSTKX3apMIDgWOWkXHz3E/dqdqb/T0fKtQw+4CP
aF1hfZUvFp4V6UbzGYdxZRmfRASkgxatUo6bVVuK/jluS9LVOVpDgJube/aHq1OP
Y24haNCnncnsfls/mw1STGRZt0EEdcijD+LMMRuuIXDyaaidjoCet3HFMgZEU5cx
NhC07eZyWZ/1PORImZNZBQ/dy/nt1QcYPAYDfgC2/d6HDNxzxT440jcJG0xrdW/V
husEUBT0MdYmE/SyBww7qa+YoalCCNFqHQRDAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULG5rjfqMuZpLnlXisZpV8fuB1OgwHwYDVR0jBBgwFoAU2Wa1WQkyQYCoikXh
9oPPTS7ZvKUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v
MldhMVdRa3lRWUNvaWtYaDlvUFBUUzdadktVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8yV2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9MRzVyamZxTXVacExubFhpc1pw
VjhmdUIxT2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnUKn
MA0GCSqGSIb3DQEBCwUAA4IBAQCLO9XQS21QbU3esC6SEsglRdojgHq0a0SqWb1z
oHgwgHfOPZzmTBk3JQool/bqbSAMeX4qfNXvFlFFSsxmXRpHli4hU82b3CMe20XU
xa8zGdXGhs0BQA0rQdZkaBJtUYmtotsgWhynTZDG/ye3uZjNeR5zoiJysERQVr98
WcbVrGStwm28U1A272l5c7EmD42K1yrFEBFatihsEJhQveKGQwaS8wjSlzrbwIuU
1/MKJwXxP+6f23/vuv1RgPEwiiVa0U0V8kRxK55MYjbbY94Y7ZALblYKAuE4idzx
B7SBdEjQOpN15Ao6k7zWq5LV4h3P+2C4ZAdPYlsY8uMQiDMX
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:18:12 2025 by rpki-client