Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EHHKY/O4Eqyscoe5ataxBPoDcgKPJtP-Q.roa
File: O4Eqyscoe5ataxBPoDcgKPJtP-Q.roa (raw, json)
Hash identifier: 4AJyTaSZxM+y0Tzdvfd5d+6d3FGe5Agr4Gi7FSZNptU=
Subject key identifier: 3B:81:2A:CA:C7:28:7B:96:AD:6B:10:4F:A0:37:20:28:F2:6D:3F:E4
Certificate issuer: /CN=8302DE193598EDC36222D929FAD6678367D62E21
Certificate serial: 123A
Authority key identifier: 83:02:DE:19:35:98:ED:C3:62:22:D9:29:FA:D6:67:83:67:D6:2E:21
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gwLeGTWY7cNiItkp-tZng2fWLiE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EHHKY/O4Eqyscoe5ataxBPoDcgKPJtP-Q.roa
Signing time: Mon 26 Aug 2024 05:13:06 +0000
ROA not before: Mon 26 Aug 2024 05:13:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131607
IP address blocks: 103.130.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4666 (0x123a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8302DE193598EDC36222D929FAD6678367D62E21
Validity
Not Before: Aug 26 05:13:06 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3B812ACAC7287B96AD6B104FA0372028F26D3FE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:82:34:22:85:55:59:51:25:de:c2:c5:b7:fe:
3f:a0:09:1e:55:89:09:45:fb:f8:be:17:0d:0d:d5:
99:77:e2:36:b3:5a:f5:c0:29:0b:21:14:26:ae:db:
c4:3f:08:e9:8a:e8:4c:3e:1a:a8:87:ec:77:bf:b1:
c0:57:cc:29:42:0b:bc:87:a7:51:c2:64:8f:83:02:
0d:87:cf:69:26:e5:d4:96:35:1f:73:8c:2e:b2:14:
c0:a6:93:9c:01:ed:23:67:1f:78:2c:74:9e:33:35:
9c:4c:bc:d3:05:cd:7a:0d:54:31:0e:c9:e5:9d:1e:
63:05:ab:87:5d:03:63:a9:ab:da:bf:5b:b0:ab:b5:
dc:8e:9b:b2:e0:0f:0a:d3:4e:be:92:a4:99:9b:61:
d7:33:25:53:73:86:31:3a:da:5b:85:2a:13:e1:ca:
31:68:f5:a3:f3:fc:d0:f4:dc:e3:48:cc:45:00:cc:
37:0a:7f:11:c3:cf:e4:cf:c8:6a:d2:49:13:dd:a8:
70:53:4a:fb:fa:72:bf:1b:4c:d2:65:5b:58:9f:d9:
96:54:96:d2:90:bb:64:bb:d0:48:0b:c8:76:24:b8:
b6:e2:38:08:4d:1b:a7:68:b1:50:e2:46:4a:52:ae:
31:7e:e0:5c:ae:4b:d8:07:37:69:42:e7:71:39:15:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:81:2A:CA:C7:28:7B:96:AD:6B:10:4F:A0:37:20:28:F2:6D:3F:E4
X509v3 Authority Key Identifier:
keyid:83:02:DE:19:35:98:ED:C3:62:22:D9:29:FA:D6:67:83:67:D6:2E:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EHHKY/gwLeGTWY7cNiItkp-tZng2fWLiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gwLeGTWY7cNiItkp-tZng2fWLiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EHHKY/O4Eqyscoe5ataxBPoDcgKPJtP-Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.84.0/22
Signature Algorithm: sha256WithRSAEncryption
45:47:a2:2a:58:b2:0e:ab:c0:e7:fb:74:38:07:3c:81:af:81:
15:36:2d:9e:57:c4:64:3f:e5:51:29:b2:89:a5:c7:92:25:2e:
f8:c0:02:f6:a0:51:e6:56:ed:a0:f5:d5:04:96:1c:6d:16:de:
2d:6a:e4:a7:05:6a:00:61:4f:8c:8a:c9:97:a4:c4:6f:b4:3a:
22:83:11:29:c4:e7:7c:23:3b:be:fe:74:4c:03:d3:6f:b3:24:
ab:e0:bc:af:86:5b:50:f4:69:a8:fe:33:74:1c:86:d7:f9:9a:
a1:64:90:5a:bd:8e:1c:7f:aa:02:34:64:4a:66:5b:ab:eb:f0:
f0:f0:1d:e9:9e:51:56:36:22:5e:86:e4:d3:26:10:63:43:59:
54:62:90:f3:2e:2d:f7:af:71:f2:7b:29:9b:3a:e7:47:94:34:
91:e2:ce:7c:57:7b:42:d8:4e:36:04:a3:be:f7:94:51:94:40:
fd:3b:ba:23:cf:3a:3c:bb:bf:d7:8e:56:c8:27:d8:3c:ff:de:
5f:e0:f5:fe:d7:45:c7:37:9e:b4:7e:4a:37:d4:f4:dd:95:0b:
9d:29:35:39:fc:ad:17:45:50:83:dd:5b:fb:c7:50:ea:86:65:
93:48:8d:e5:0e:23:5d:c3:af:b9:99:3b:a1:a0:4a:ec:a6:18:
a4:c1:43:c8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMw
MkRFMTkzNTk4RURDMzYyMjJEOTI5RkFENjY3ODM2N0Q2MkUyMTAeFw0yNDA4MjYw
NTEzMDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNCODEyQUNBQzcyODdC
OTZBRDZCMTA0RkEwMzcyMDI4RjI2RDNGRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKgjQihVVZUSXewsW3/j+gCR5ViQlF+/i+Fw0N1Zl34jazWvXA
KQshFCau28Q/COmK6Ew+GqiH7He/scBXzClCC7yHp1HCZI+DAg2Hz2km5dSWNR9z
jC6yFMCmk5wB7SNnH3gsdJ4zNZxMvNMFzXoNVDEOyeWdHmMFq4ddA2Opq9q/W7Cr
tdyOm7LgDwrTTr6SpJmbYdczJVNzhjE62luFKhPhyjFo9aPz/ND03ONIzEUAzDcK
fxHDz+TPyGrSSRPdqHBTSvv6cr8bTNJlW1if2ZZUltKQu2S70EgLyHYkuLbiOAhN
G6dosVDiRkpSrjF+4FyuS9gHN2lC53E5FSH/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUO4Eqyscoe5ataxBPoDcgKPJtP+QwHwYDVR0jBBgwFoAUgwLeGTWY7cNiItkp
+tZng2fWLiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUhIS1kv
Z3dMZUdUV1k3Y05pSXRrcC10Wm5nMmZXTGlFLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9nd0xlR1RXWTdjTmlJdGtwLXRabmcyZldMaUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FSEhLWS9PNEVxeXNjb2U1YXRheEJQb0Rj
Z0tQSnRQLVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4JU
MA0GCSqGSIb3DQEBCwUAA4IBAQBFR6IqWLIOq8Dn+3Q4BzyBr4EVNi2eV8RkP+VR
KbKJpceSJS74wAL2oFHmVu2g9dUElhxtFt4tauSnBWoAYU+MismXpMRvtDoigxEp
xOd8Izu+/nRMA9NvsySr4LyvhltQ9Gmo/jN0HIbX+ZqhZJBavY4cf6oCNGRKZlur
6/Dw8B3pnlFWNiJehuTTJhBjQ1lUYpDzLi33r3HyeymbOudHlDSR4s58V3tC2E42
BKO+95RRlED9O7ojzzo8u7/XjlbIJ9g8/95f4PX+10XHN560fko31PTdlQudKTU5
/K0XRVCD3Vv7x1DqhmWTSI3lDiNdw6+5mTuhoErsphikwUPI
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:09:17 2025 by rpki-client