Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/phonMXxA1jRgA9MI59GnWU-n7N4.roa
File: phonMXxA1jRgA9MI59GnWU-n7N4.roa (raw, json)
Hash identifier: e1ARHL/TsSP4dRllKG1L3+OAE9OuIvOQYEhtmYFEHkQ=
Subject key identifier: A6:1A:27:31:7C:40:D6:34:60:03:D3:08:E7:D1:A7:59:4F:A7:EC:DE
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0DAD
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/phonMXxA1jRgA9MI59GnWU-n7N4.roa
Signing time: Mon 26 Aug 2024 05:10:19 +0000
ROA not before: Mon 26 Aug 2024 05:10:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 61.57.136.0/21 maxlen: 23
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3501 (0xdad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Aug 26 05:10:19 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A61A27317C40D6346003D308E7D1A7594FA7ECDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:02:c3:59:f0:0f:5e:e5:d2:a6:0e:a8:af:2a:
dd:cd:8d:76:b8:2c:22:b5:58:f3:fb:80:6b:78:84:
23:b5:af:cb:4f:76:cb:b0:cc:6d:a8:fc:54:d6:ef:
28:66:27:ee:9c:ee:82:66:e2:2e:b3:a6:ba:15:59:
48:51:ca:43:1e:89:b3:c3:9d:c7:bb:bc:75:7e:e6:
d0:f6:8f:7e:e2:a3:96:19:60:fc:f3:a1:a2:7e:d8:
cd:2a:0b:2f:ac:b9:19:22:f7:82:e1:1a:b2:40:4c:
59:28:05:29:7f:2c:28:92:87:7d:29:14:82:c5:08:
15:31:db:b3:56:68:6f:ff:ba:40:cb:26:5d:e1:ab:
4e:34:7d:02:b2:42:52:ec:f8:d9:4f:cc:d0:74:e2:
4f:01:b3:cc:ba:9d:eb:d6:37:37:09:d7:3d:59:eb:
df:7e:fd:23:a8:f3:2b:1a:47:c1:b3:92:28:ce:ba:
5f:03:30:d4:24:2f:4c:eb:ac:49:89:c7:4e:52:3c:
26:39:9e:1c:7c:54:86:9e:3f:06:af:19:4b:e4:a5:
5a:10:a6:f5:1d:1e:00:5b:a8:1c:3f:68:21:43:b9:
1f:96:bd:a0:9e:5b:35:1d:c3:7e:63:a9:1b:fa:85:
be:a8:f5:a8:3c:93:9b:45:28:52:f5:45:1c:22:58:
fa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1A:27:31:7C:40:D6:34:60:03:D3:08:E7:D1:A7:59:4F:A7:EC:DE
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/phonMXxA1jRgA9MI59GnWU-n7N4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:a8:7c:60:fb:59:7e:f3:2a:18:9b:15:3c:b7:9b:be:0b:29:
8d:72:04:f1:f7:f5:d2:05:a0:e0:dd:c7:c1:8d:0b:50:23:47:
15:a6:1a:0d:da:78:9b:e3:df:20:73:b7:da:eb:54:b8:58:42:
b2:ef:3c:53:a6:27:5c:6a:8d:1d:d4:70:55:ad:51:1a:3e:44:
06:a9:6b:62:93:94:30:0d:f0:d3:50:e5:ff:5a:b4:b4:bb:83:
45:1f:59:2f:9b:46:d3:b2:29:07:11:47:6b:21:20:22:4f:a8:
b8:47:37:8f:d3:01:08:e0:da:ec:0d:61:00:0e:a3:51:83:58:
46:19:f6:45:e4:bd:3a:f5:c3:23:c8:c9:dc:ec:60:28:c1:be:
21:15:59:f1:18:17:5a:2d:05:d7:44:84:a5:3b:ee:19:48:41:
67:ac:74:75:ec:5d:12:19:50:a0:a9:28:06:fa:f0:f1:70:8b:
aa:e4:31:fd:27:4a:47:ca:2c:84:a8:6e:18:d3:fc:bc:cb:99:
04:30:1d:45:66:14:f9:f8:7d:a7:5a:83:e2:51:df:c9:92:11:
20:d7:b0:2a:b9:c3:24:9f:20:86:5c:d9:03:b9:25:a6:d5:72:
e1:64:37:dd:56:08:f2:4b:06:7a:1a:44:db:5d:f4:84:24:8c:
7f:83:d2:bf
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDa0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw
NTEwMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE2MUEyNzMxN0M0MEQ2
MzQ2MDAzRDMwOEU3RDFBNzU5NEZBN0VDREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwAsNZ8A9e5dKmDqivKt3NjXa4LCK1WPP7gGt4hCO1r8tPdsuw
zG2o/FTW7yhmJ+6c7oJm4i6zproVWUhRykMeibPDnce7vHV+5tD2j37io5YZYPzz
oaJ+2M0qCy+suRki94LhGrJATFkoBSl/LCiSh30pFILFCBUx27NWaG//ukDLJl3h
q040fQKyQlLs+NlPzNB04k8Bs8y6nevWNzcJ1z1Z699+/SOo8ysaR8GzkijOul8D
MNQkL0zrrEmJx05SPCY5nhx8VIaePwavGUvkpVoQpvUdHgBbqBw/aCFDuR+WvaCe
WzUdw35jqRv6hb6o9ag8k5tFKFL1RRwiWPojAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUphonMXxA1jRgA9MI59GnWU+n7N4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9waG9uTVh4QTFqUmdBOU1JNTlH
bldVLW43TjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBvqHxg+1l+8yoYmxU8t5u+CymNcgTx9/XSBaDg
3cfBjQtQI0cVphoN2nib498gc7fa61S4WEKy7zxTpidcao0d1HBVrVEaPkQGqWti
k5QwDfDTUOX/WrS0u4NFH1kvm0bTsikHEUdrISAiT6i4RzeP0wEI4NrsDWEADqNR
g1hGGfZF5L069cMjyMnc7GAowb4hFVnxGBdaLQXXRISlO+4ZSEFnrHR17F0SGVCg
qSgG+vDxcIuq5DH9J0pHyiyEqG4Y0/y8y5kEMB1FZhT5+H2nWoPiUd/JkhEg17Aq
ucMknyCGXNkDuSWm1XLhZDfdVgjySwZ6GkTbXfSEJIx/g9K/
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:22:31 2025 by rpki-client