Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/8xydnSQjG0P7tY1Vo7mYf9E-a94.roa
File: 8xydnSQjG0P7tY1Vo7mYf9E-a94.roa (raw, json)
Hash identifier: ySnKIZ32M/E2526mBQ+kw8gn9/d1qlHRo2R33Z+Izeg=
Subject key identifier: F3:1C:9D:9D:24:23:1B:43:FB:B5:8D:55:A3:B9:98:7F:D1:3E:6B:DE
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10C7
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/8xydnSQjG0P7tY1Vo7mYf9E-a94.roa
Signing time: Mon 26 Aug 2024 05:16:47 +0000
ROA not before: Mon 26 Aug 2024 05:16:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 210.202.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4295 (0x10c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:47 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F31C9D9D24231B43FBB58D55A3B9987FD13E6BDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:ce:d9:8f:4f:72:dc:a9:41:3a:2e:9f:ac:
72:f7:37:a1:7d:08:a9:3d:ef:cd:47:3a:20:64:93:
d8:0b:29:90:c3:dd:57:ab:c7:b5:3f:27:9d:b0:e0:
d4:c2:67:7c:37:7e:80:ca:f3:35:99:2f:2f:cb:29:
01:0f:a7:2a:36:67:aa:94:1f:81:79:42:25:41:e0:
40:41:c0:b3:ed:b6:3b:87:77:d4:85:58:06:ce:55:
10:49:58:81:7f:76:9c:3a:d8:e3:93:c0:92:1e:c6:
fe:d6:2b:bd:ed:04:28:6a:e7:03:82:6e:ee:4e:8f:
cf:56:2f:f6:29:14:15:a4:24:15:29:7e:e7:fa:d5:
8d:99:4d:c1:a3:6e:ce:6c:05:ae:3a:b9:4b:6a:81:
cb:ed:b8:8c:c1:b9:08:f0:c5:f5:3f:91:59:da:8d:
d2:f9:87:75:57:c6:b4:49:07:05:25:c8:20:49:f1:
87:a8:5b:de:42:1c:b7:3a:e9:2e:94:69:f9:5b:b5:
71:f8:32:fb:4f:c7:84:97:23:e0:56:37:49:e2:24:
b7:b8:18:d5:18:c2:4a:97:4c:92:49:57:2b:0d:c7:
fd:71:fd:f5:c6:e5:b1:41:48:2a:9f:90:fc:b5:9b:
c1:7b:92:18:a3:32:c4:21:7b:f4:aa:53:85:be:b1:
f9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1C:9D:9D:24:23:1B:43:FB:B5:8D:55:A3:B9:98:7F:D1:3E:6B:DE
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/8xydnSQjG0P7tY1Vo7mYf9E-a94.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.0.0/19
Signature Algorithm: sha256WithRSAEncryption
54:a5:c0:4b:f7:39:7d:24:05:e3:70:43:4b:1e:60:90:e9:c4:
3d:d2:ad:3f:d2:0b:5f:d2:51:52:31:60:45:30:1d:1b:a4:70:
48:9e:f1:a5:46:72:51:5c:72:57:fb:70:42:72:01:4f:9e:89:
84:6c:d7:e8:aa:b8:2b:b5:46:86:40:17:ae:c7:1c:c8:71:77:
79:5e:7d:15:2c:41:65:28:51:f2:c6:04:d1:d5:ed:31:ae:7b:
02:b1:cf:46:49:63:ac:da:8c:49:97:5d:2f:6a:da:de:e7:cd:
61:29:c4:59:4b:30:6e:ef:20:b4:17:cd:f1:14:f1:09:71:4e:
b0:46:51:96:2a:45:9e:89:e4:10:5c:39:98:e9:76:b7:75:76:
65:e2:1b:75:6d:78:0a:dd:8f:fb:0c:70:c9:64:bc:75:bf:7f:
67:c3:51:6c:e0:bb:1c:30:04:4e:e5:f8:60:52:97:e5:f8:57:
34:28:c4:cb:79:10:17:c0:d3:27:84:25:33:b7:01:03:bf:e8:
69:79:d3:18:b6:c5:14:10:cb:e0:45:ed:10:70:a7:bd:84:c7:
71:e2:f0:fd:44:70:3c:95:30:ff:9b:b4:ba:3d:0c:e0:7f:f8:
8f:57:d3:cb:65:c4:7c:a2:75:8c:b5:2f:e2:0d:c6:41:27:0e:
15:7c:55:49
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYzMUM5RDlEMjQyMzFC
NDNGQkI1OEQ1NUEzQjk5ODdGRDEzRTZCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnLM7Zj09y3KlBOi6frHL3N6F9CKk9781HOiBkk9gLKZDD3Ver
x7U/J52w4NTCZ3w3foDK8zWZLy/LKQEPpyo2Z6qUH4F5QiVB4EBBwLPttjuHd9SF
WAbOVRBJWIF/dpw62OOTwJIexv7WK73tBChq5wOCbu5Oj89WL/YpFBWkJBUpfuf6
1Y2ZTcGjbs5sBa46uUtqgcvtuIzBuQjwxfU/kVnajdL5h3VXxrRJBwUlyCBJ8Yeo
W95CHLc66S6UaflbtXH4MvtPx4SXI+BWN0niJLe4GNUYwkqXTJJJVysNx/1x/fXG
5bFBSCqfkPy1m8F7khijMsQhe/SqU4W+sfk/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU8xydnSQjG0P7tY1Vo7mYf9E+a94wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzh4eWRuU1FqRzBQN3RZMVZvN21ZZjlF
LWE5NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSygAwDQYJ
KoZIhvcNAQELBQADggEBAFSlwEv3OX0kBeNwQ0seYJDpxD3SrT/SC1/SUVIxYEUw
HRukcEie8aVGclFcclf7cEJyAU+eiYRs1+iquCu1RoZAF67HHMhxd3lefRUsQWUo
UfLGBNHV7TGuewKxz0ZJY6zajEmXXS9q2t7nzWEpxFlLMG7vILQXzfEU8QlxTrBG
UZYqRZ6J5BBcOZjpdrd1dmXiG3VteArdj/sMcMlkvHW/f2fDUWzguxwwBE7l+GBS
l+X4VzQoxMt5EBfA0yeEJTO3AQO/6Gl50xi2xRQQy+BF7RBwp72Ex3Hi8P1EcDyV
MP+btLo9DOB/+I9X08tlxHyidYy1L+INxkEnDhV8VUk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:31 2025 by rpki-client