Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/0qAQQrmNU5spP7LL846MM9zQWKY.roa
File: 0qAQQrmNU5spP7LL846MM9zQWKY.roa (raw, json)
Hash identifier: q03JowTwH01emxjMcucDloUxsdywFSXyRmz4jxgQ6Io=
Subject key identifier: D2:A0:10:42:B9:8D:53:9B:29:3F:B2:CB:F3:8E:8C:33:DC:D0:58:A6
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 109A
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0qAQQrmNU5spP7LL846MM9zQWKY.roa
Signing time: Mon 26 Aug 2024 05:16:36 +0000
ROA not before: Mon 26 Aug 2024 05:16:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 124.218.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4250 (0x109a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:36 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D2A01042B98D539B293FB2CBF38E8C33DCD058A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:da:9e:d4:b8:cd:7e:0b:f7:65:c2:f9:55:b6:
ed:43:ed:c7:68:d8:9a:68:08:97:02:71:b3:e4:b0:
17:4d:32:ca:b2:4a:23:b9:0b:f6:3b:ef:db:9d:3d:
60:ff:ce:9e:65:46:2e:07:7a:92:3e:45:f5:84:fd:
80:77:bd:cb:5f:9f:4e:08:de:7e:7f:3e:56:18:c4:
11:7d:9f:7c:be:0d:86:a5:2e:fa:a3:05:30:df:d7:
75:a1:30:e8:a1:05:0c:ac:cf:b0:77:15:be:4d:df:
a7:84:e3:ba:71:75:3d:aa:c7:23:9c:b5:b4:4a:3b:
07:1e:26:f0:c5:a9:fc:02:68:23:8e:c0:9e:4a:1c:
3d:42:dc:7e:de:fa:10:69:a4:d9:a3:d4:42:a3:c7:
fa:b4:48:35:d4:76:4a:68:69:d6:4a:5c:ba:ba:c3:
0e:e1:f2:7c:a4:03:5d:62:7c:db:b5:77:a3:72:95:
b3:8f:66:9d:a6:42:7e:16:14:99:f6:f1:88:43:23:
86:02:4c:4c:c2:b5:2f:29:92:c2:43:1d:63:10:a4:
49:96:1c:b1:41:97:61:19:b9:17:9c:06:c0:da:29:
7b:07:55:b3:e1:30:5a:2c:d5:cc:e8:37:ec:fd:c1:
2d:50:e5:03:89:84:ce:8f:52:ac:b1:47:65:2f:ed:
7b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A0:10:42:B9:8D:53:9B:29:3F:B2:CB:F3:8E:8C:33:DC:D0:58:A6
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/0qAQQrmNU5spP7LL846MM9zQWKY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
47:29:4e:0f:cf:ac:e4:21:ec:59:1c:11:99:cb:82:7c:ee:76:
79:fe:bb:94:d7:da:42:c3:f3:ae:d9:80:c3:d0:8d:67:e1:75:
61:e8:20:2b:ca:e0:d4:82:c9:9c:27:e2:d6:f7:5c:a3:b2:81:
c9:f3:1b:9f:b4:84:de:0b:6b:da:09:75:5f:99:32:21:fa:7a:
99:a6:44:d3:07:15:b7:15:98:4b:33:95:0b:58:d6:f1:ae:96:
c3:d5:fd:9a:0f:1c:d7:96:0a:12:fd:14:e9:be:0c:5b:c7:e1:
6c:a9:dc:12:60:ff:ae:18:e4:c1:71:d8:04:a5:23:aa:f2:c1:
4f:8f:f9:6d:4a:2c:b3:1e:53:24:11:c0:0c:c0:8b:1b:8b:8c:
77:30:09:8b:45:78:e7:a3:4f:97:fd:36:bc:d5:c3:85:a9:2e:
95:39:e0:39:da:ef:02:7c:2f:17:7c:b7:ac:b2:eb:80:3c:c1:
6e:16:7b:54:96:42:57:a1:a6:e3:28:91:d0:ee:a8:6f:a9:79:
9b:1c:77:27:10:68:1e:94:2c:64:b5:42:58:2b:6e:b6:cd:96:
66:66:17:0f:b3:f2:17:79:46:4c:d8:a4:45:eb:17:08:87:ac:
f1:20:95:2d:a2:cc:96:8d:c9:1a:99:52:92:9c:1f:f9:b1:e4:
dd:6e:e8:da
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQyQTAxMDQyQjk4RDUz
OUIyOTNGQjJDQkYzOEU4QzMzRENEMDU4QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC12p7UuM1+C/dlwvlVtu1D7cdo2JpoCJcCcbPksBdNMsqySiO5
C/Y779udPWD/zp5lRi4HepI+RfWE/YB3vctfn04I3n5/PlYYxBF9n3y+DYalLvqj
BTDf13WhMOihBQysz7B3Fb5N36eE47pxdT2qxyOctbRKOwceJvDFqfwCaCOOwJ5K
HD1C3H7e+hBppNmj1EKjx/q0SDXUdkpoadZKXLq6ww7h8nykA11ifNu1d6NylbOP
Zp2mQn4WFJn28YhDI4YCTEzCtS8pksJDHWMQpEmWHLFBl2EZuRecBsDaKXsHVbPh
MFos1czoN+z9wS1Q5QOJhM6PUqyxR2Uv7XvNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0qAQQrmNU5spP7LL846MM9zQWKYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzBxQVFRcm1OVTVzcFA3TEw4NDZNTTl6
UVdLWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82qgwDQYJ
KoZIhvcNAQELBQADggEBAEcpTg/PrOQh7FkcEZnLgnzudnn+u5TX2kLD867ZgMPQ
jWfhdWHoICvK4NSCyZwn4tb3XKOygcnzG5+0hN4La9oJdV+ZMiH6epmmRNMHFbcV
mEszlQtY1vGulsPV/ZoPHNeWChL9FOm+DFvH4Wyp3BJg/64Y5MFx2ASlI6rywU+P
+W1KLLMeUyQRwAzAixuLjHcwCYtFeOejT5f9NrzVw4WpLpU54Dna7wJ8Lxd8t6yy
64A8wW4We1SWQlehpuMokdDuqG+peZscdycQaB6ULGS1QlgrbrbNlmZmFw+z8hd5
RkzYpEXrFwiHrPEglS2izJaNyRqZUpKcH/mx5N1u6No=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:35:06 2025 by rpki-client