Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/3KJyi0WV3hu0ARh5m4_2ghjFKW4.roa
File: 3KJyi0WV3hu0ARh5m4_2ghjFKW4.roa (raw, json)
Hash identifier: tpx6G+AOYpKpgy8psHTF9VRP18c0pSVDwB3WUfchi6k=
Subject key identifier: DC:A2:72:8B:45:95:DE:1B:B4:01:18:79:9B:8F:F6:82:18:C5:29:6E
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 0556
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/3KJyi0WV3hu0ARh5m4_2ghjFKW4.roa
Signing time: Mon 26 Aug 2024 05:09:30 +0000
ROA not before: Mon 26 Aug 2024 05:09:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38136
IP address blocks: 103.156.184.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:57:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1366 (0x556)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Aug 26 05:09:30 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DCA2728B4595DE1BB40118799B8FF68218C5296E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5b:b9:4a:c4:ba:9f:34:d5:84:f5:98:e3:f5:
bb:fa:24:86:e0:f6:ef:fb:0e:11:19:8e:9c:5b:ed:
cc:7f:c9:57:a8:0e:61:89:01:41:e0:c4:d9:f9:ad:
f9:a0:ed:fc:36:da:55:5c:7c:b1:99:00:8f:5f:49:
c5:e2:59:58:60:8a:42:f8:ed:3c:27:91:89:4b:68:
c1:86:8d:be:00:05:90:ee:ea:2a:d6:f2:ec:6e:50:
7d:c7:74:5c:5f:9f:68:46:57:77:84:4d:f6:fe:ff:
81:dc:76:09:d8:d2:4f:0c:b0:c2:7f:e9:d8:26:33:
ac:70:88:f5:d5:8c:b5:83:73:b7:7d:16:21:d5:1f:
bb:61:0c:65:bc:b3:f4:89:73:52:06:39:64:76:0b:
9c:30:c2:bb:a1:3a:43:2a:a6:46:b8:29:a6:c3:e4:
a2:c2:42:9f:1a:de:e4:6e:4a:9b:aa:49:fb:97:14:
37:64:58:d1:7c:04:b2:df:6b:18:ef:69:ca:6e:e2:
72:df:33:81:d9:1b:28:07:fb:f7:20:c0:f7:f4:db:
2f:07:a9:1a:d0:6b:93:3c:9b:3b:f0:21:69:72:7f:
b8:47:53:d2:ee:57:09:61:0c:c1:5c:b1:f5:cd:2d:
8d:11:1a:85:5e:39:6a:c1:b2:03:25:89:2d:ec:4c:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A2:72:8B:45:95:DE:1B:B4:01:18:79:9B:8F:F6:82:18:C5:29:6E
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/3KJyi0WV3hu0ARh5m4_2ghjFKW4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.184.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8d:23:16:5d:d6:c7:26:cf:cf:61:b5:57:6d:18:52:8d:66:
67:a1:3e:b5:a0:9b:53:1c:65:b3:52:fe:1e:fe:15:38:c4:09:
a1:f8:5c:bc:d3:cf:1e:5d:6e:5d:02:80:6d:2a:1f:b2:d1:89:
eb:04:e3:a4:75:a6:d0:67:91:9b:81:21:22:70:53:6f:4f:cf:
ea:2d:84:be:5c:f3:95:7e:6e:5b:03:1a:97:24:8f:02:3c:8f:
6c:e5:c5:f2:b1:a3:cd:50:e8:de:5d:81:a9:6c:d9:c9:8e:a0:
4b:1a:09:54:9b:c4:f2:ac:09:81:f7:fc:b7:50:59:64:5b:d0:
d0:ed:c1:1d:7d:a5:da:17:0c:af:91:18:29:0b:8d:f1:05:d3:
a1:96:54:0e:ce:21:5b:44:f5:74:7a:0e:13:30:05:c6:9e:dc:
4c:c0:3c:df:33:b9:9b:f3:b5:2e:b8:1d:d1:3c:0e:68:7c:fe:
32:08:bf:9e:26:0d:d5:b0:80:85:de:8b:cf:28:cb:27:4d:6e:
f9:d1:61:20:ab:7b:5a:e4:bb:00:a0:9c:b7:48:99:6a:97:19:
e9:60:48:be:b5:8e:c8:16:8c:f6:08:7e:bd:9d:75:6e:cb:3d:
1f:15:c3:d0:2d:8c:1b:d4:e0:b0:31:6e:21:37:9d:7e:1f:3b:
4e:9a:a9:6a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yNDA4MjYw
NTA5MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDQTI3MjhCNDU5NURF
MUJCNDAxMTg3OTlCOEZGNjgyMThDNTI5NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9W7lKxLqfNNWE9Zjj9bv6JIbg9u/7DhEZjpxb7cx/yVeoDmGJ
AUHgxNn5rfmg7fw22lVcfLGZAI9fScXiWVhgikL47TwnkYlLaMGGjb4ABZDu6irW
8uxuUH3HdFxfn2hGV3eETfb+/4HcdgnY0k8MsMJ/6dgmM6xwiPXVjLWDc7d9FiHV
H7thDGW8s/SJc1IGOWR2C5wwwruhOkMqpka4KabD5KLCQp8a3uRuSpuqSfuXFDdk
WNF8BLLfaxjvacpu4nLfM4HZGygH+/cgwPf02y8HqRrQa5M8mzvwIWlyf7hHU9Lu
VwlhDMFcsfXNLY0RGoVeOWrBsgMliS3sTLqVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3KJyi0WV3hu0ARh5m4/2ghjFKW4wHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvM0tKeWkwV1YzaHUwQVJo
NW00XzJnaGpGS1c0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuDANBgkqhkiG9w0BAQsFAAOCAQEAYY0jFl3WxybPz2G1V20YUo1mZ6E+taCb
Uxxls1L+Hv4VOMQJofhcvNPPHl1uXQKAbSofstGJ6wTjpHWm0GeRm4EhInBTb0/P
6i2EvlzzlX5uWwMalySPAjyPbOXF8rGjzVDo3l2BqWzZyY6gSxoJVJvE8qwJgff8
t1BZZFvQ0O3BHX2l2hcMr5EYKQuN8QXToZZUDs4hW0T1dHoOEzAFxp7cTMA83zO5
m/O1Lrgd0TwOaHz+Mgi/niYN1bCAhd6LzyjLJ01u+dFhIKt7WuS7AKCct0iZapcZ
6WBIvrWOyBaM9gh+vZ11bss9HxXD0C2MG9TgsDFuITedfh87Tpqpag==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:38:08 2025 by rpki-client