Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/cDSwcGlkTRVOcp66ltsl80JxIs8.roa
File: cDSwcGlkTRVOcp66ltsl80JxIs8.roa (raw, json)
Hash identifier: d2ohgamgMDOVmL49SwU0n/62ccImoQhna/c3cnv9190=
Subject key identifier: 70:34:B0:70:69:64:4D:15:4E:72:9E:BA:96:DB:25:F3:42:71:22:CF
Certificate issuer: /CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
Certificate serial: 0385
Authority key identifier: EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/cDSwcGlkTRVOcp66ltsl80JxIs8.roa
Signing time: Mon 26 Aug 2024 05:10:02 +0000
ROA not before: Mon 26 Aug 2024 05:10:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131618
IP address blocks: 103.161.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:20:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901 (0x385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
Validity
Not Before: Aug 26 05:10:02 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7034B07069644D154E729EBA96DB25F3427122CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:92:e0:89:77:11:4d:ec:07:da:df:89:4e:6d:
42:b4:59:ca:ca:43:d8:78:df:5d:55:6e:2d:fe:0b:
7f:bb:39:02:41:de:c5:b0:3e:0e:53:ac:f7:b6:b4:
a3:4b:78:8d:9e:7a:e1:05:6b:9b:2d:90:ff:8d:87:
f5:35:4a:d1:53:53:86:2a:94:b8:fd:89:f7:1c:38:
72:4a:f3:0b:21:11:b8:7a:7a:a7:a5:83:4d:a1:9e:
f6:b7:de:53:b9:01:66:82:73:05:9d:d2:86:fb:ac:
99:cf:98:dd:10:cd:96:33:49:0b:d7:87:16:59:b1:
a8:6d:84:16:09:ba:79:08:83:76:d7:92:7f:26:fe:
d3:70:86:3f:2c:81:88:b5:b0:91:b9:ff:8e:57:2e:
98:2c:f0:9e:ad:39:33:c7:58:ab:c9:86:07:32:67:
f7:b8:3d:0b:33:1f:b9:2b:57:e6:1b:e4:c1:77:3e:
ae:0e:1a:3d:30:02:ac:5b:76:16:88:24:92:fc:da:
f8:f9:66:c4:2b:6e:7f:f2:c1:74:df:2c:1a:44:16:
b2:5c:79:15:2b:4d:46:a7:6c:6a:85:24:42:46:39:
83:e6:39:94:85:65:e3:77:06:8f:d6:57:03:d4:95:
8a:1e:2a:93:8b:d6:60:ec:e8:67:b5:eb:bd:bb:bb:
e4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:34:B0:70:69:64:4D:15:4E:72:9E:BA:96:DB:25:F3:42:71:22:CF
X509v3 Authority Key Identifier:
keyid:EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/cDSwcGlkTRVOcp66ltsl80JxIs8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:d1:10:45:07:9d:aa:d4:00:c6:1b:51:5f:3c:aa:87:9a:5a:
8b:6d:f0:7e:23:68:e3:d3:51:60:78:24:f3:09:d9:ef:80:a6:
63:e6:12:cd:3f:4c:d1:3f:5f:89:06:88:9a:8e:91:0c:de:76:
c2:08:17:9d:47:60:fd:d4:9f:07:e8:81:fa:de:58:2c:64:86:
c2:0f:e1:ff:c4:0a:ba:04:ae:b5:11:41:c1:49:63:11:85:79:
f5:80:c5:06:87:bd:de:c3:a1:e0:19:ab:d7:8d:ed:fa:71:d6:
eb:a9:0c:3b:cb:e1:dc:42:23:57:5d:ea:2d:3a:cb:cd:ca:04:
54:f7:76:4b:3f:04:2f:24:35:87:06:a5:ea:21:b2:36:ab:68:
01:e1:c5:28:2c:3e:dd:04:61:1c:64:0b:69:05:14:64:0c:36:
df:50:68:df:ec:1e:4e:ba:9b:bd:b1:5f:30:39:a5:bd:34:81:
0e:45:fb:ee:7c:9e:0a:f5:3c:de:11:60:68:88:48:1d:8c:49:
4e:72:e4:14:90:cc:b4:da:8a:2c:b2:6e:c6:a8:cd:c5:40:46:
ba:1e:a7:f3:f0:10:48:81:1f:76:5e:d4:01:34:4b:ae:cb:af:
74:c0:9d:02:ba:c3:9e:78:b1:d2:fd:9f:dc:88:9c:14:86:83:
04:f1:b9:fd
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICA4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI3
RjRBOEI3QjIxMERCOTIwOEVENTgwMzU3MDQ1RTU5NzFERTBEMzAeFw0yNDA4MjYw
NTEwMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcwMzRCMDcwNjk2NDRE
MTU0RTcyOUVCQTk2REIyNUYzNDI3MTIyQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjkuCJdxFN7Afa34lObUK0WcrKQ9h4311Vbi3+C3+7OQJB3sWw
Pg5TrPe2tKNLeI2eeuEFa5stkP+Nh/U1StFTU4YqlLj9ifccOHJK8wshEbh6eqel
g02hnva33lO5AWaCcwWd0ob7rJnPmN0QzZYzSQvXhxZZsahthBYJunkIg3bXkn8m
/tNwhj8sgYi1sJG5/45XLpgs8J6tOTPHWKvJhgcyZ/e4PQszH7krV+Yb5MF3Pq4O
Gj0wAqxbdhaIJJL82vj5ZsQrbn/ywXTfLBpEFrJceRUrTUanbGqFJEJGOYPmOZSF
ZeN3Bo/WVwPUlYoeKpOL1mDs6Ge16727u+SdAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUcDSwcGlkTRVOcp66ltsl80JxIs8wHwYDVR0jBBgwFoAU639Ki3shDbkgjtWA
NXBF5Zcd4NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdB
VENILzYzOUtpM3NoRGJrZ2p0V0FOWEJGNVpjZDROTS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvNjM5S2kzc2hEYmtnanRXQU5YQkY1WmNkNE5NLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdBVENIL2NEU3djR2xrVFJW
T2NwNjZsdHNsODBKeElzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFnoQYwDQYJKoZIhvcNAQELBQADggEBAJ7REEUHnarUAMYbUV88qoeaWott
8H4jaOPTUWB4JPMJ2e+ApmPmEs0/TNE/X4kGiJqOkQzedsIIF51HYP3Unwfogfre
WCxkhsIP4f/ECroErrURQcFJYxGFefWAxQaHvd7DoeAZq9eN7fpx1uupDDvL4dxC
I1dd6i06y83KBFT3dks/BC8kNYcGpeohsjaraAHhxSgsPt0EYRxkC2kFFGQMNt9Q
aN/sHk66m72xXzA5pb00gQ5F++58ngr1PN4RYGiISB2MSU5y5BSQzLTaiiyybsao
zcVARroep/PwEEiBH3Ze1AE0S67Lr3TAnQK6w554sdL9n9yInBSGgwTxuf0=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:44:42 2025 by rpki-client