Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ZzKF2AHdSLyVzSIwVrw4P6vM1qk.roa
File: ZzKF2AHdSLyVzSIwVrw4P6vM1qk.roa (raw, json)
Hash identifier: jSi1dByO+ZHvPNyOdgCs0LLKowtX92o5ZwP2yA2GSzE=
Subject key identifier: 67:32:85:D8:01:DD:48:BC:95:CD:22:30:56:BC:38:3F:AB:CC:D6:A9
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 12E2
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ZzKF2AHdSLyVzSIwVrw4P6vM1qk.roa
Signing time: Fri 30 Aug 2024 01:57:00 +0000
ROA not before: Fri 30 Aug 2024 01:57:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131644
IP address blocks: 182.173.12.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4834 (0x12e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Aug 30 01:57:00 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=673285D801DD48BC95CD223056BC383FABCCD6A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fa:6f:ad:3b:ef:4d:53:0d:ba:e0:e6:5a:f8:
25:53:9e:cd:31:74:ef:ab:66:f3:07:5d:01:85:ce:
2b:1d:dc:91:47:76:5a:04:09:93:5c:cb:dc:e3:61:
ba:f6:08:c9:5a:81:94:9a:5c:c8:83:be:64:30:f8:
38:f9:65:85:30:22:04:64:12:f5:f8:53:51:0a:b8:
12:86:6b:03:2f:ed:da:d8:a1:8c:79:c6:d0:c7:f2:
02:16:a2:9e:39:c7:be:67:c4:44:f6:c6:84:e3:62:
3b:ed:d6:c9:75:f9:9f:4e:29:ab:30:f0:9f:b2:eb:
5b:4d:f9:8b:d0:8b:14:f0:d1:0c:ab:44:81:76:8c:
ec:04:b0:0c:29:94:c2:31:a7:02:6e:45:b0:a9:af:
09:0c:dc:08:dc:ac:c8:a1:b3:20:ba:a8:67:a4:c3:
39:6b:8e:bf:4c:34:aa:c9:69:74:07:3c:80:69:3c:
c6:a4:40:57:94:bb:d0:36:71:a7:75:09:38:20:c4:
8a:4f:99:c0:04:80:bc:46:8b:1d:36:75:5b:c5:2e:
aa:bd:e4:6c:46:d7:c5:fd:b2:6d:90:1e:38:79:6e:
25:62:5f:f6:b8:cc:87:32:73:25:66:f5:4a:e3:f0:
a0:bd:79:5e:03:04:ae:32:eb:b4:a9:fd:b3:bb:b2:
30:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:32:85:D8:01:DD:48:BC:95:CD:22:30:56:BC:38:3F:AB:CC:D6:A9
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/ZzKF2AHdSLyVzSIwVrw4P6vM1qk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
182.173.12.0/23
Signature Algorithm: sha256WithRSAEncryption
07:94:40:26:24:e2:b7:b2:6d:7e:2f:8e:a6:ee:6e:87:5f:6a:
27:23:38:57:19:3d:ac:b1:0d:9c:ac:0b:64:94:6d:8c:b2:1b:
71:a3:e6:ee:fa:54:43:15:c3:4b:44:d5:6e:2d:7b:1c:e5:f8:
16:67:c5:f6:b2:f9:12:0f:b7:dc:56:f1:4c:dd:2c:15:e9:1b:
5a:5c:c6:c8:a5:ed:c9:03:fc:17:16:cf:2e:4a:05:c1:86:a6:
92:8e:5e:ad:12:a8:81:13:7d:32:1d:7a:04:26:aa:6a:ff:41:
5a:be:9f:0f:85:64:a2:fa:19:19:7b:65:0b:37:66:74:d5:35:
6f:cb:49:f1:93:7d:16:94:70:ae:58:91:3b:e8:25:77:c5:fa:
b9:b5:cb:73:7c:7c:df:3e:63:8a:d0:46:d5:ff:55:0f:98:33:
68:e9:d1:d0:d5:33:82:0f:0c:3d:5f:e4:2a:2b:6b:be:bb:68:
6a:6a:d9:e9:3d:fe:32:eb:20:7a:32:cb:64:01:60:24:dc:50:
91:1d:12:7e:fd:56:0e:92:c8:74:6e:06:11:09:2e:79:df:0d:
84:af:2a:d9:58:85:8e:e2:11:cd:4d:89:8c:6a:40:c0:3e:71:
da:7d:17:54:97:1a:ed:6e:64:f5:e3:69:a5:47:b6:33:21:b9:
6a:f8:f6:ab
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MzAw
MTU3MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY3MzI4NUQ4MDFERDQ4
QkM5NUNEMjIzMDU2QkMzODNGQUJDQ0Q2QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/+m+tO+9NUw264OZa+CVTns0xdO+rZvMHXQGFzisd3JFHdloE
CZNcy9zjYbr2CMlagZSaXMiDvmQw+Dj5ZYUwIgRkEvX4U1EKuBKGawMv7drYoYx5
xtDH8gIWop45x75nxET2xoTjYjvt1sl1+Z9OKasw8J+y61tN+YvQixTw0QyrRIF2
jOwEsAwplMIxpwJuRbCprwkM3AjcrMihsyC6qGekwzlrjr9MNKrJaXQHPIBpPMak
QFeUu9A2cad1CTggxIpPmcAEgLxGix02dVvFLqq95GxG18X9sm2QHjh5biViX/a4
zIcycyVm9Urj8KC9eV4DBK4y67Sp/bO7sjBhAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZzKF2AHdSLyVzSIwVrw4P6vM1qkwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9aektGMkFIZFNMeVZ6U0l3VnJ3
NFA2dk0xcWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBtq0M
MA0GCSqGSIb3DQEBCwUAA4IBAQAHlEAmJOK3sm1+L46m7m6HX2onIzhXGT2ssQ2c
rAtklG2Mshtxo+bu+lRDFcNLRNVuLXsc5fgWZ8X2svkSD7fcVvFM3SwV6RtaXMbI
pe3JA/wXFs8uSgXBhqaSjl6tEqiBE30yHXoEJqpq/0Favp8PhWSi+hkZe2ULN2Z0
1TVvy0nxk30WlHCuWJE76CV3xfq5tctzfHzfPmOK0EbV/1UPmDNo6dHQ1TOCDww9
X+QqK2u+u2hqatnpPf4y6yB6MstkAWAk3FCRHRJ+/VYOksh0bgYRCS553w2EryrZ
WIWO4hHNTYmMakDAPnHafRdUlxrtbmT142mlR7YzIblq+Par
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:21 2025 by rpki-client