Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ksIXHf8HYfYDfGqxo5x5NzqcR6k.roa
File: ksIXHf8HYfYDfGqxo5x5NzqcR6k.roa (raw, json)
Hash identifier: R/QmmaQ7QLZ+tBN9M+ysW9zMU3QbPzytTa1QjVJBMYo=
Subject key identifier: 92:C2:17:1D:FF:07:61:F6:03:7C:6A:B1:A3:9C:79:37:3A:9C:47:A9
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 2188
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ksIXHf8HYfYDfGqxo5x5NzqcR6k.roa
Signing time: Mon 26 Aug 2024 05:33:04 +0000
ROA not before: Mon 26 Aug 2024 05:33:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24164
IP address blocks: 45.64.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8584 (0x2188)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Aug 26 05:33:04 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=92C2171DFF0761F6037C6AB1A39C79373A9C47A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:81:04:28:d2:16:fa:ad:21:39:cf:32:86:
1a:f4:f4:e2:5a:20:cc:a5:5f:5c:50:df:bb:ca:c3:
b5:5a:8b:65:e9:52:0d:03:8b:6c:0d:82:a2:9e:b1:
93:b0:23:4e:8a:52:23:35:91:56:ea:43:9a:0c:4b:
13:84:af:a0:2b:50:c7:b5:8b:71:bb:fc:20:72:7a:
43:f0:62:1c:c7:82:3f:f8:61:44:84:e3:a5:c2:ca:
ff:19:73:d1:d4:38:f0:73:1e:de:dc:57:ba:c6:49:
24:d6:fa:79:85:bf:d6:9e:0b:33:67:b1:23:67:cc:
79:cc:3f:e2:04:97:df:f1:a4:07:3e:46:e6:f0:ca:
87:f2:dc:93:b4:13:5f:2f:94:e5:d2:12:09:64:7f:
d2:de:11:86:9b:26:c0:19:76:70:1b:92:2f:96:dc:
f2:34:9c:e2:1e:fd:20:6b:d5:85:e9:1a:b2:a6:6f:
cc:c2:c7:d4:3a:0f:6d:4c:26:a6:41:a3:a1:7e:1c:
00:1c:40:29:56:d0:5e:aa:30:f3:ff:f3:b1:91:6b:
e5:b5:7d:c1:19:6f:93:70:54:14:bd:93:a3:8e:66:
04:d8:23:79:47:c9:42:04:9f:c5:64:f5:2d:8c:eb:
2e:07:9f:ee:ea:5d:4c:93:a0:f9:19:37:cb:25:83:
84:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C2:17:1D:FF:07:61:F6:03:7C:6A:B1:A3:9C:79:37:3A:9C:47:A9
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/ksIXHf8HYfYDfGqxo5x5NzqcR6k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.32.0/22
Signature Algorithm: sha256WithRSAEncryption
29:a7:5e:d8:94:76:5b:c7:da:f8:aa:51:55:a0:ec:a0:e6:54:
2c:e8:f2:84:bc:92:3e:a1:b7:30:7a:9f:e0:d3:0e:34:63:1a:
24:0e:ad:9e:33:38:ea:45:69:c5:23:a2:58:4f:20:69:25:4c:
10:59:02:ba:62:91:ff:75:c1:3c:71:df:4d:cc:7a:5c:0c:89:
82:7d:d1:0a:4c:38:08:e4:7e:eb:b0:2a:a9:41:1d:a0:49:5c:
d7:67:ac:a6:bc:3a:7c:84:fc:84:d6:27:6e:2b:52:af:1e:ff:
eb:10:c8:75:15:0a:27:65:a6:0f:38:66:68:99:c5:eb:89:91:
fd:26:12:45:46:ba:6a:8c:be:95:4a:4a:f1:31:0f:14:c5:ea:
e8:44:de:72:4d:1a:41:e1:50:29:df:cd:9f:3f:3c:b0:85:d9:
d5:61:23:fd:8e:bc:e7:49:6d:48:a9:7c:4b:9c:28:4e:98:97:
f0:01:c0:fb:44:1a:ea:41:17:3c:d7:35:f7:73:a9:d3:bc:23:
87:79:31:b3:b5:5a:01:74:97:26:48:3c:b2:5b:fa:42:1a:8b:
d4:38:2a:f7:44:0e:9c:2a:38:a7:fc:ac:35:89:3b:7a:63:e8:
f4:0d:35:f4:60:9b:88:87:5f:84:0a:fa:aa:a1:49:e5:7f:c8:
ca:b2:04:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw
NTMzMDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkyQzIxNzFERkYwNzYx
RjYwMzdDNkFCMUEzOUM3OTM3M0E5QzQ3QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChs4EEKNIW+q0hOc8yhhr09OJaIMylX1xQ37vKw7Vai2XpUg0D
i2wNgqKesZOwI06KUiM1kVbqQ5oMSxOEr6ArUMe1i3G7/CByekPwYhzHgj/4YUSE
46XCyv8Zc9HUOPBzHt7cV7rGSSTW+nmFv9aeCzNnsSNnzHnMP+IEl9/xpAc+Rubw
yofy3JO0E18vlOXSEglkf9LeEYabJsAZdnAbki+W3PI0nOIe/SBr1YXpGrKmb8zC
x9Q6D21MJqZBo6F+HAAcQClW0F6qMPP/87GRa+W1fcEZb5NwVBS9k6OOZgTYI3lH
yUIEn8Vk9S2M6y4Hn+7qXUyToPkZN8slg4Q7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUksIXHf8HYfYDfGqxo5x5NzqcR6kwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL2tzSVhIZjhIWWZZRGZHcXhv
NXg1TnpxY1I2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIt
QCAwDQYJKoZIhvcNAQELBQADggEBACmnXtiUdlvH2viqUVWg7KDmVCzo8oS8kj6h
tzB6n+DTDjRjGiQOrZ4zOOpFacUjolhPIGklTBBZArpikf91wTxx303MelwMiYJ9
0QpMOAjkfuuwKqlBHaBJXNdnrKa8OnyE/ITWJ24rUq8e/+sQyHUVCidlpg84ZmiZ
xeuJkf0mEkVGumqMvpVKSvExDxTF6uhE3nJNGkHhUCnfzZ8/PLCF2dVhI/2OvOdJ
bUipfEucKE6Yl/ABwPtEGupBFzzXNfdzqdO8I4d5MbO1WgF0lyZIPLJb+kIai9Q4
KvdEDpwqOKf8rDWJO3pj6PQNNfRgm4iHX4QK+qqhSeV/yMqyBJ8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:03:11 2025 by rpki-client