Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/SAsysG4NNg_0aH166NhSGDJxbpk.roa
File: SAsysG4NNg_0aH166NhSGDJxbpk.roa (raw, json)
Hash identifier: PGYNg7TGHsIp1IVZjDe6dWxfbti0HJVVjm9wnaTEjYE=
Subject key identifier: 48:0B:32:B0:6E:0D:36:0F:F4:68:7D:7A:E8:D8:52:18:32:71:6E:99
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0CF2
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/SAsysG4NNg_0aH166NhSGDJxbpk.roa
Signing time: Mon 26 Aug 2024 05:12:52 +0000
ROA not before: Mon 26 Aug 2024 05:12:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9244
IP address blocks: 210.67.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3314 (0xcf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Aug 26 05:12:52 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=480B32B06E0D360FF4687D7AE8D8521832716E99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:62:ba:f1:73:0a:df:54:fd:12:46:64:67:39:
a4:a5:f7:d7:23:fb:7d:be:26:d7:e4:45:eb:63:e5:
56:53:c0:6a:1e:4f:7b:82:e4:b0:a3:32:d6:79:64:
4e:00:54:5c:b8:a4:3b:04:a6:17:7f:e6:b5:56:6d:
67:67:17:0b:c4:3d:56:c6:74:78:ab:54:47:e2:70:
ea:de:c6:80:c2:40:52:c0:79:78:e4:ed:5e:91:ed:
17:62:d0:ab:3d:ce:fc:40:af:dd:6f:34:10:70:19:
9c:df:22:de:49:91:52:e1:26:84:9c:63:f9:33:db:
7a:d0:3b:d6:d1:31:75:b0:aa:25:0f:52:c0:0f:a5:
bb:d6:11:e9:1e:31:d4:ec:0d:43:c4:4d:cd:fa:8f:
df:2f:15:e2:29:6a:d3:6e:94:e1:b1:4e:06:31:21:
10:88:9e:fc:73:42:e3:74:b0:f7:40:3a:93:08:5f:
bb:1e:32:27:89:49:00:97:56:bd:d8:1d:69:49:da:
8a:d6:a5:55:39:0d:3f:25:0b:72:aa:89:8f:16:2b:
f2:0a:5c:f4:2d:2f:fc:d4:ed:54:c9:4e:c5:87:8e:
ff:09:8c:49:84:ae:b5:ac:28:83:0c:56:a2:3e:dc:
b9:6a:ce:63:28:53:40:64:5f:24:34:a2:27:30:65:
3c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0B:32:B0:6E:0D:36:0F:F4:68:7D:7A:E8:D8:52:18:32:71:6E:99
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/SAsysG4NNg_0aH166NhSGDJxbpk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.67.96.0/20
Signature Algorithm: sha256WithRSAEncryption
67:a8:fb:a9:15:fa:63:1c:31:1f:f8:92:c6:3a:a0:8e:68:37:
2f:c3:9f:61:70:e3:76:b4:46:e9:1e:1f:98:83:56:76:c3:a9:
06:d6:06:85:ce:be:4e:44:ad:3e:7f:d2:72:fb:ef:53:34:9e:
72:40:21:88:55:a7:7f:9f:12:1b:bf:c6:dc:bd:98:36:0b:29:
df:c3:a4:e4:37:79:c7:f6:56:83:e7:3c:ba:9f:f1:4e:df:1a:
da:8c:84:67:af:76:8a:31:15:d8:ee:e6:c9:79:03:28:1d:48:
4d:1a:52:a0:4a:11:ad:5a:31:83:cb:ee:2c:09:76:d3:12:ec:
89:c9:85:03:40:70:a9:df:0c:4b:21:29:f7:6c:fc:ae:5b:75:
bf:0f:15:3f:a6:7a:cb:6d:b3:e5:c9:08:d1:ed:c8:47:ca:ed:
98:0b:8e:4d:88:56:f4:ee:a6:80:9d:4f:2b:2c:9c:dc:b8:44:
0a:d9:b7:45:b0:90:b5:76:45:9e:0c:57:53:50:1f:3c:3b:ae:
c1:35:e1:53:82:c7:0c:4d:5b:e8:ae:63:20:d6:76:d0:d5:cd:
40:e2:a5:cc:dc:c4:53:8e:e2:58:90:fd:3c:ca:48:55:85:ef:
86:c8:8e:5e:e7:ed:9e:27:68:08:dc:31:b1:13:8a:96:4e:4d:
51:ff:8e:d0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNDA4MjYw
NTEyNTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ4MEIzMkIwNkUwRDM2
MEZGNDY4N0Q3QUU4RDg1MjE4MzI3MTZFOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtYrrxcwrfVP0SRmRnOaSl99cj+32+JtfkRetj5VZTwGoeT3uC
5LCjMtZ5ZE4AVFy4pDsEphd/5rVWbWdnFwvEPVbGdHirVEficOrexoDCQFLAeXjk
7V6R7Rdi0Ks9zvxAr91vNBBwGZzfIt5JkVLhJoScY/kz23rQO9bRMXWwqiUPUsAP
pbvWEekeMdTsDUPETc36j98vFeIpatNulOGxTgYxIRCInvxzQuN0sPdAOpMIX7se
MieJSQCXVr3YHWlJ2orWpVU5DT8lC3KqiY8WK/IKXPQtL/zU7VTJTsWHjv8JjEmE
rrWsKIMMVqI+3LlqzmMoU0BkXyQ0oicwZTxTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUSAsysG4NNg/0aH166NhSGDJxbpkwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1NBc3lzRzROTmdfMGFIMTY2
TmhTR0RKeGJway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATS
Q2AwDQYJKoZIhvcNAQELBQADggEBAGeo+6kV+mMcMR/4ksY6oI5oNy/Dn2Fw43a0
RukeH5iDVnbDqQbWBoXOvk5ErT5/0nL771M0nnJAIYhVp3+fEhu/xty9mDYLKd/D
pOQ3ecf2VoPnPLqf8U7fGtqMhGevdooxFdju5sl5AygdSE0aUqBKEa1aMYPL7iwJ
dtMS7InJhQNAcKnfDEshKfds/K5bdb8PFT+mestts+XJCNHtyEfK7ZgLjk2IVvTu
poCdTyssnNy4RArZt0WwkLV2RZ4MV1NQHzw7rsE14VOCxwxNW+iuYyDWdtDVzUDi
pczcxFOO4liQ/TzKSFWF74bIjl7n7Z4naAjcMbETipZOTVH/jtA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 22:34:35 2025 by rpki-client