Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/OipMZw6_DWriMrFkF3NXhzBcKvk.roa
File: OipMZw6_DWriMrFkF3NXhzBcKvk.roa (raw, json)
Hash identifier: EeHNdYVUkirPnyEVSlfwMZtzhDpV2PVUaQsREZuyIqE=
Subject key identifier: 3A:2A:4C:67:0E:BF:0D:6A:E2:32:B1:64:17:73:57:87:30:5C:2A:F9
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F11
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/OipMZw6_DWriMrFkF3NXhzBcKvk.roa
Signing time: Mon 26 Aug 2024 05:12:42 +0000
ROA not before: Mon 26 Aug 2024 05:12:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131641
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3857 (0xf11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Aug 26 05:12:42 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3A2A4C670EBF0D6AE232B16417735787305C2AF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:93:a3:88:2b:3f:ed:cc:b9:d7:61:6d:99:
ac:32:0c:e1:7a:96:40:d4:ba:e3:64:8d:47:e1:e9:
7f:a9:28:26:65:13:32:4f:4c:b2:df:38:13:2f:38:
38:2e:4a:37:b2:b5:4c:6e:5c:13:3a:54:52:be:c9:
07:3e:c3:75:cf:65:bb:e9:68:e5:3f:99:d7:da:7a:
46:78:7d:93:1d:84:d7:d6:55:47:55:a8:8a:14:e4:
e2:16:e8:07:4a:0c:aa:b2:c1:06:98:77:2e:e8:a5:
44:1e:85:0e:40:84:ad:90:af:46:53:40:0f:0d:2a:
c6:c5:d8:65:27:44:86:72:11:51:2f:6e:53:f8:bd:
86:61:3f:18:da:de:aa:11:f7:42:ec:40:bd:5a:79:
3d:0c:65:d2:4c:ca:31:e6:e8:2e:69:52:6c:8e:50:
60:5a:13:57:22:24:99:cb:ba:b0:79:6a:e4:12:c8:
e1:8d:be:ff:75:24:ff:30:01:cf:88:7c:48:9b:a4:
22:d6:c0:db:cf:be:c6:4e:b2:aa:f1:7e:b1:11:d1:
a1:cf:db:20:06:6e:0c:e6:ff:cc:85:da:ce:45:50:
f0:65:62:eb:a0:d7:ed:f4:7b:9f:be:e5:e2:ab:cd:
56:11:3d:1f:92:d1:4a:c6:67:75:ed:de:a4:54:95:
78:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2A:4C:67:0E:BF:0D:6A:E2:32:B1:64:17:73:57:87:30:5C:2A:F9
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/OipMZw6_DWriMrFkF3NXhzBcKvk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a9:d6:65:19:01:1d:13:27:30:87:8f:96:47:c4:e4:96:93:
5c:cd:9a:ee:87:21:98:30:41:8a:9b:77:d0:be:0e:59:93:c9:
45:4e:ac:3a:93:d7:d1:9c:93:23:d4:c3:93:65:fb:53:af:87:
38:3f:33:26:e1:14:d7:df:bd:4b:13:7e:f1:bd:5d:ee:dd:9f:
d5:fe:b8:78:a4:ed:f0:d3:ac:99:e2:e3:42:b2:be:78:39:b2:
c6:61:ef:12:05:9b:e0:8a:ae:ae:f3:c4:62:e1:4d:02:37:eb:
ba:64:fe:66:61:91:50:51:fa:ca:9d:fb:dd:87:b0:a4:2d:7d:
ca:c2:4c:80:ff:8c:18:32:9a:0b:f7:4d:2a:fd:a6:d7:26:7b:
37:6b:22:b6:8b:44:32:31:bf:0d:9e:3e:38:01:ba:17:10:37:
a2:1f:67:64:55:1d:31:ee:b4:6e:4a:fd:a7:ba:da:42:55:e3:
ad:c6:d6:92:78:54:71:52:29:bc:56:76:3a:78:45:99:09:54:
0d:6d:84:22:f7:94:1e:1e:13:62:9f:e0:b0:5b:9b:d0:80:9f:
51:87:a0:4b:6a:10:25:e9:2e:cd:c2:f6:22:f3:d8:aa:2f:d7:
d1:a7:6b:6e:47:5d:aa:10:c4:76:61:15:d8:52:68:60:42:1a:
42:a5:50:bf
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNDA4MjYw
NTEyNDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNBMkE0QzY3MEVCRjBE
NkFFMjMyQjE2NDE3NzM1Nzg3MzA1QzJBRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0upOjiCs/7cy512FtmawyDOF6lkDUuuNkjUfh6X+pKCZlEzJP
TLLfOBMvODguSjeytUxuXBM6VFK+yQc+w3XPZbvpaOU/mdfaekZ4fZMdhNfWVUdV
qIoU5OIW6AdKDKqywQaYdy7opUQehQ5AhK2Qr0ZTQA8NKsbF2GUnRIZyEVEvblP4
vYZhPxja3qoR90LsQL1aeT0MZdJMyjHm6C5pUmyOUGBaE1ciJJnLurB5auQSyOGN
vv91JP8wAc+IfEibpCLWwNvPvsZOsqrxfrER0aHP2yAGbgzm/8yF2s5FUPBlYuug
1+30e5++5eKrzVYRPR+S0UrGZ3Xt3qRUlXj3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUOipMZw6/DWriMrFkF3NXhzBcKvkwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL09pcE1adzZfRFdyaU1yRmtGM05YaHpC
Y0t2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBACep1mUZAR0TJzCHj5ZHxOSWk1zNmu6HIZgwQYqbd9C+
DlmTyUVOrDqT19GckyPUw5Nl+1Ovhzg/MybhFNffvUsTfvG9Xe7dn9X+uHik7fDT
rJni40Kyvng5ssZh7xIFm+CKrq7zxGLhTQI367pk/mZhkVBR+sqd+92HsKQtfcrC
TID/jBgymgv3TSr9ptcmezdrIraLRDIxvw2ePjgBuhcQN6IfZ2RVHTHutG5K/ae6
2kJV463G1pJ4VHFSKbxWdjp4RZkJVA1thCL3lB4eE2Kf4LBbm9CAn1GHoEtqECXp
Ls3C9iLz2Kov19Gna25HXaoQxHZhFdhSaGBCGkKlUL8=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:57:47 2025 by rpki-client