Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/aGxygk7v8X-NdZTmEVHsoCZ0lD0.roa
File: aGxygk7v8X-NdZTmEVHsoCZ0lD0.roa (raw, json)
Hash identifier: s2cfo8OSz0hVY22AAKr+XWicdobz1oMQCeLvK6CQthk=
Subject key identifier: 68:6C:72:82:4E:EF:F1:7F:8D:75:94:E6:11:51:EC:A0:26:74:94:3D
Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791
Certificate serial: 0DA3
Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/aGxygk7v8X-NdZTmEVHsoCZ0lD0.roa
Signing time: Mon 07 Jul 2025 06:13:06 +0000
ROA not before: Mon 07 Jul 2025 06:13:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 204677
IP address blocks: 43.224.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Jul 2025 09:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3491 (0xda3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791
Validity
Not Before: Jul 7 06:13:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=686C72824EEFF17F8D7594E61151ECA02674943D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:1e:9c:3a:cb:af:4d:40:9f:1a:ac:7d:e0:
41:1e:54:e6:47:8b:e7:e9:24:4b:f6:8f:78:9a:78:
4a:e2:35:e2:d4:e4:6f:e4:d0:b2:6e:68:99:59:a3:
f5:79:69:e4:d2:61:32:98:59:f2:2c:14:9c:74:e5:
69:32:1e:b7:28:88:20:84:45:64:05:40:89:f9:56:
18:cf:58:1e:7c:18:3e:ce:ca:e9:1d:ee:76:25:c8:
d9:19:e9:79:4f:d6:62:c8:ae:c9:53:e9:a9:d3:42:
7c:91:2c:35:f4:da:e3:f4:ab:ad:83:29:22:c2:2f:
4e:ba:df:40:a4:74:8c:40:f8:70:ac:d3:ab:4f:e3:
97:24:e6:83:24:52:6a:16:a1:d4:bb:f2:e4:16:e5:
c6:63:5c:0c:6e:56:7f:2c:7d:f1:af:21:3c:ed:c5:
da:55:e7:17:f9:f2:12:a8:de:f5:53:ed:82:56:af:
4a:99:5b:e8:aa:94:45:7e:ce:59:f3:9a:49:5a:30:
dc:f0:f9:35:31:23:45:43:af:68:18:d3:37:b2:c3:
8c:84:79:bb:6c:ec:e9:3d:ec:a0:fe:9f:63:3f:a3:
d3:0a:5e:b0:08:2e:6f:39:f1:5b:ed:0a:d1:28:91:
b2:51:ad:41:17:9d:24:93:b3:cb:c5:62:94:1b:1e:
21:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6C:72:82:4E:EF:F1:7F:8D:75:94:E6:11:51:EC:A0:26:74:94:3D
X509v3 Authority Key Identifier:
keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/aGxygk7v8X-NdZTmEVHsoCZ0lD0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5f:b2:81:7d:c9:8f:c9:4f:d7:5e:91:f2:23:7b:b1:78:5a:
3f:9a:e0:81:d6:89:2c:18:52:87:07:66:e6:19:19:23:fb:71:
24:c4:ef:30:94:1c:ad:c2:19:d7:b9:03:44:7c:85:36:6f:e9:
b5:6b:2e:15:00:18:7e:07:ab:89:a5:34:f6:8e:c6:13:11:83:
b4:6e:a2:09:0e:df:3d:71:18:33:3c:5d:47:33:2c:2b:a0:17:
81:ee:df:79:88:8e:0c:e4:83:cc:a4:b5:63:86:64:df:28:db:
ca:c7:54:c6:a8:eb:1a:4a:3b:79:8d:59:f3:74:94:76:df:85:
91:6f:37:5d:23:d8:6f:26:07:d2:c8:d0:ea:bd:18:e9:33:62:
05:2d:3f:cc:92:08:22:7d:14:f0:5f:ab:74:58:65:b8:e7:47:
81:ee:78:22:c2:20:4b:2d:35:28:fa:f6:a7:33:9a:ae:d5:af:
df:b8:7d:f3:52:27:6f:d8:dd:a1:7d:40:66:fc:36:11:f1:2f:
d3:90:04:6d:77:69:87:56:cc:e2:66:2a:e8:87:2b:83:67:88:
fd:f3:a4:ab:9c:47:e1:e5:b2:9b:d3:6a:8c:6c:61:a0:94:fc:
88:92:3e:22:87:be:46:4a:7f:9d:5e:b0:8b:8a:dd:fe:a4:9f:
f4:3d:8b:fb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1
RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yNTA3MDcw
NjEzMDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4NkM3MjgyNEVFRkYx
N0Y4RDc1OTRFNjExNTFFQ0EwMjY3NDk0M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7BR6cOsuvTUCfGqx94EEeVOZHi+fpJEv2j3iaeEriNeLU5G/k
0LJuaJlZo/V5aeTSYTKYWfIsFJx05WkyHrcoiCCERWQFQIn5VhjPWB58GD7Oyukd
7nYlyNkZ6XlP1mLIrslT6anTQnyRLDX02uP0q62DKSLCL06630CkdIxA+HCs06tP
45ck5oMkUmoWodS78uQW5cZjXAxuVn8sffGvITztxdpV5xf58hKo3vVT7YJWr0qZ
W+iqlEV+zlnzmklaMNzw+TUxI0VDr2gY0zeyw4yEebts7Ok97KD+n2M/o9MKXrAI
Lm858VvtCtEokbJRrUEXnSSTs8vFYpQbHiGPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUaGxygk7v8X+NdZTmEVHsoCZ0lD0wHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU
gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv
WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy9hR3h5Z2s3djhYLU5kWlRtRVZI
c29DWjBsRDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AV
MA0GCSqGSIb3DQEBCwUAA4IBAQCeX7KBfcmPyU/XXpHyI3uxeFo/muCB1oksGFKH
B2bmGRkj+3EkxO8wlBytwhnXuQNEfIU2b+m1ay4VABh+B6uJpTT2jsYTEYO0bqIJ
Dt89cRgzPF1HMywroBeB7t95iI4M5IPMpLVjhmTfKNvKx1TGqOsaSjt5jVnzdJR2
34WRbzddI9hvJgfSyNDqvRjpM2IFLT/MkggifRTwX6t0WGW450eB7ngiwiBLLTUo
+vanM5qu1a/fuH3zUidv2N2hfUBm/DYR8S/TkARtd2mHVsziZirohyuDZ4j986Sr
nEfh5bKb02qMbGGglPyIkj4ih75GSn+dXrCLit3+pJ/0PYv7
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:39:38 2025 by rpki-client