Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/4PtXfZhwD9sU2_bBf41fdt4Hj3o.roa
File: 4PtXfZhwD9sU2_bBf41fdt4Hj3o.roa (raw, json)
Hash identifier: F0VjBamIgKGDSy3AkS4T/qsxpgo6MZk1Xr6bbxXKIKs=
Subject key identifier: E0:FB:57:7D:98:70:0F:DB:14:DB:F6:C1:7F:8D:5F:76:DE:07:8F:7A
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 1025
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4PtXfZhwD9sU2_bBf41fdt4Hj3o.roa
Signing time: Mon 26 Aug 2024 05:13:25 +0000
ROA not before: Mon 26 Aug 2024 05:13:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 27.96.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:56:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4133 (0x1025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Aug 26 05:13:25 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E0FB577D98700FDB14DBF6C17F8D5F76DE078F7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d4:75:32:1d:7d:24:69:35:fc:89:f5:99:4a:
32:17:1f:75:10:21:5a:77:f2:31:54:46:7c:97:38:
66:7f:09:f0:0c:35:7e:90:de:c6:19:60:f0:3f:f5:
9f:9a:c5:0a:eb:58:b9:0b:70:fe:2a:67:52:3c:09:
aa:a5:d3:ed:a1:bb:ee:95:6d:2a:5b:0f:26:07:18:
c2:d8:8b:29:6a:3c:17:1d:f8:18:bb:43:fd:e7:c3:
2e:01:a0:4f:ac:2b:1e:bb:f8:cf:b2:ce:72:7f:62:
26:26:79:81:0c:04:f2:11:a6:e1:f5:6f:f3:e3:af:
d7:00:e9:8b:c7:ee:48:29:7f:f5:eb:7f:b5:ff:20:
e7:85:bd:9a:77:00:d4:28:b5:3a:00:20:75:31:76:
9f:50:2f:fc:02:03:24:26:1d:e0:a0:ed:71:48:2e:
de:7c:f2:ba:7b:3d:88:3d:a9:02:97:8c:ac:4b:cc:
4e:73:13:46:c6:a6:04:02:61:06:23:59:81:cc:71:
a2:d0:92:ed:77:03:f1:3b:f6:ba:4a:aa:b3:3a:6b:
7d:f8:42:b0:a8:d7:cd:dc:df:46:ca:e7:ee:d2:a3:
3e:87:78:7a:33:3a:b6:92:0f:bd:aa:e5:5e:82:60:
f1:3c:b2:44:f2:50:40:3e:fd:14:a7:6f:a6:92:10:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FB:57:7D:98:70:0F:DB:14:DB:F6:C1:7F:8D:5F:76:DE:07:8F:7A
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/4PtXfZhwD9sU2_bBf41fdt4Hj3o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.224.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:4d:de:9a:9e:2f:a6:0f:59:1c:29:a2:1f:5d:f8:98:12:2f:
a4:76:85:fc:c9:89:4c:7a:16:9c:47:65:48:7a:5e:57:7b:69:
e7:2d:96:aa:13:84:4a:09:30:78:95:dc:b4:bd:da:42:03:84:
db:13:12:07:f0:92:96:ef:cb:15:e9:a3:18:80:93:a4:83:eb:
1a:53:e8:9f:f6:79:4f:a2:90:aa:fc:44:1d:0d:6e:fb:ae:3d:
b4:fb:be:c4:15:3d:c9:ee:05:c5:fc:29:df:07:8d:b0:9a:fc:
7b:22:48:00:9d:3b:fb:e9:d9:1c:ff:68:c2:78:59:fa:a9:57:
e7:b1:81:c9:9e:d3:c7:a3:34:f2:11:0c:ef:57:f1:4a:32:76:
8e:14:42:00:7c:6e:a8:1e:33:58:05:f6:ec:dc:73:99:82:27:
c5:6c:7a:e7:6a:dd:c1:e3:11:bb:72:37:b2:d9:e2:ca:48:be:
10:73:dc:78:be:02:1e:a4:28:8f:7a:16:39:59:1f:dd:0f:93:
cc:a3:cd:75:89:bd:98:98:91:c9:3e:ba:01:43:97:9a:e0:97:
17:20:da:45:23:c8:36:a3:f9:77:07:17:16:ea:77:98:72:dd:
5f:41:90:f4:e6:67:f4:46:4b:b8:44:dd:8d:d2:fc:b4:ad:31:
31:13:37:6d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICECUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNDA4MjYw
NTEzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUwRkI1NzdEOTg3MDBG
REIxNERCRjZDMTdGOEQ1Rjc2REUwNzhGN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL1HUyHX0kaTX8ifWZSjIXH3UQIVp38jFURnyXOGZ/CfAMNX6Q
3sYZYPA/9Z+axQrrWLkLcP4qZ1I8Caql0+2hu+6VbSpbDyYHGMLYiylqPBcd+Bi7
Q/3nwy4BoE+sKx67+M+yznJ/YiYmeYEMBPIRpuH1b/Pjr9cA6YvH7kgpf/Xrf7X/
IOeFvZp3ANQotToAIHUxdp9QL/wCAyQmHeCg7XFILt588rp7PYg9qQKXjKxLzE5z
E0bGpgQCYQYjWYHMcaLQku13A/E79rpKqrM6a334QrCo183c30bK5+7Soz6HeHoz
OraSD72q5V6CYPE8skTyUEA+/RSnb6aSEMPjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU4PtXfZhwD9sU2/bBf41fdt4Hj3owHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvNFB0WGZaaHdEOXNVMl9iQmY0MWZk
dDRIajNvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg4DAN
BgkqhkiG9w0BAQsFAAOCAQEALk3emp4vpg9ZHCmiH134mBIvpHaF/MmJTHoWnEdl
SHpeV3tp5y2WqhOESgkweJXctL3aQgOE2xMSB/CSlu/LFemjGICTpIPrGlPon/Z5
T6KQqvxEHQ1u+649tPu+xBU9ye4Fxfwp3weNsJr8eyJIAJ07++nZHP9ownhZ+qlX
57GByZ7Tx6M08hEM71fxSjJ2jhRCAHxuqB4zWAX27NxzmYInxWx652rdweMRu3I3
stniyki+EHPceL4CHqQoj3oWOVkf3Q+TzKPNdYm9mJiRyT66AUOXmuCXFyDaRSPI
NqP5dwcXFup3mHLdX0GQ9OZn9EZLuETdjdL8tK0xMRM3bQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 21:08:56 2025 by rpki-client