Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa
File: NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa (raw, json)
Hash identifier: xKRNyOH23BEjCsSYysCmP2GFobh7P0Vlm7U+9UYijLY=
Subject key identifier: 35:2B:88:32:79:C7:83:87:06:72:31:B6:22:C8:04:B3:C1:3C:BE:15
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10B8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa
Signing time: Mon 26 Aug 2024 05:16:43 +0000
ROA not before: Mon 26 Aug 2024 05:16:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 218.35.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4280 (0x10b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:43 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=352B883279C78387067231B622C804B3C13CBE15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b2:b5:e1:3e:00:f5:d7:60:01:f6:fe:4b:6f:
a5:8f:0c:8f:88:73:4c:67:c5:9a:c9:a9:c0:a5:6f:
34:2c:f5:ee:e8:d3:2b:bf:cb:37:db:7d:e6:a1:35:
a4:3a:ac:b3:48:41:51:61:ef:5b:2b:8c:6a:60:b4:
26:5e:3b:e9:88:ad:f7:88:1e:9f:fc:a8:c3:26:b0:
92:f8:a0:3d:77:f3:8e:be:60:71:1e:1e:3a:e4:3e:
c4:d2:9c:f5:1b:7d:5b:83:b0:86:85:e5:16:27:da:
07:24:d7:b2:01:16:94:a1:6e:89:c7:ff:0c:bb:34:
0d:24:cb:29:38:3b:c1:c5:77:ee:f3:ce:1e:98:03:
8d:b6:50:71:30:33:33:58:b4:11:d3:04:9a:0e:45:
3b:6f:4c:9a:a4:f5:94:f2:b0:2a:73:66:79:b5:74:
aa:65:7a:20:e8:c6:c7:11:c2:3c:61:6a:63:80:09:
67:39:2c:f1:fb:39:fd:04:4a:ee:bb:a8:c3:58:8d:
66:d0:2d:07:b5:f5:fc:9e:d1:d0:66:71:39:04:91:
35:c0:5f:81:a0:ad:fc:1a:71:14:f0:f2:e1:65:37:
04:07:fc:bc:ab:a2:34:c3:fc:99:55:55:fe:f6:38:
f3:34:1c:17:e4:ff:5c:45:18:44:88:83:00:91:d6:
33:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2B:88:32:79:C7:83:87:06:72:31:B6:22:C8:04:B3:C1:3C:BE:15
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NSuIMnnHg4cGcjG2IsgEs8E8vhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.0.0/21
Signature Algorithm: sha256WithRSAEncryption
01:5a:e3:ac:69:9c:ff:87:8b:3f:9b:a5:b7:ef:9f:10:f7:8f:
c8:00:d2:be:31:37:b1:f2:10:ba:af:71:9b:eb:ef:02:55:75:
d3:65:cc:a8:08:54:e8:d7:f1:2f:38:5f:0e:e9:ce:57:f5:43:
43:b1:6d:7c:a2:e3:ac:38:59:db:d0:b1:96:77:ea:bd:0a:9f:
34:67:c4:11:df:b1:c4:2f:03:a6:f1:01:94:2d:be:a4:c8:d7:
94:97:c4:f8:18:8a:29:40:13:fc:8c:3e:9f:96:11:2f:4b:bd:
23:04:4e:6c:b7:ca:5a:53:90:e5:0e:92:62:0f:65:48:4e:64:
db:50:a7:bd:fe:2f:7e:e6:4c:14:40:2b:de:11:f3:46:1f:fe:
ed:c3:36:49:8a:9e:ca:ec:2e:82:6f:01:f0:aa:d1:e9:62:10:
81:98:21:66:21:dc:de:dc:71:92:66:9d:2e:17:25:3b:18:14:
f1:5f:a5:b8:06:a2:68:34:54:0c:0b:c3:25:59:69:92:21:18:
26:04:26:10:c3:da:af:40:33:79:e2:8e:52:dc:9b:44:d1:7e:
f4:16:21:69:b3:26:e0:dd:c8:89:7a:1c:0e:a9:2d:95:f6:e7:
0b:99:29:3a:37:8f:5b:a9:cb:d4:1f:da:2d:05:9a:e3:1a:92:
59:a9:b6:51
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICELgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1MkI4ODMyNzlDNzgz
ODcwNjcyMzFCNjIyQzgwNEIzQzEzQ0JFMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhsrXhPgD112AB9v5Lb6WPDI+Ic0xnxZrJqcClbzQs9e7o0yu/
yzfbfeahNaQ6rLNIQVFh71srjGpgtCZeO+mIrfeIHp/8qMMmsJL4oD13846+YHEe
HjrkPsTSnPUbfVuDsIaF5RYn2gck17IBFpShbonH/wy7NA0kyyk4O8HFd+7zzh6Y
A422UHEwMzNYtBHTBJoORTtvTJqk9ZTysCpzZnm1dKpleiDoxscRwjxhamOACWc5
LPH7Of0ESu67qMNYjWbQLQe19fye0dBmcTkEkTXAX4GgrfwacRTw8uFlNwQH/Lyr
ojTD/JlVVf72OPM0HBfk/1xFGESIgwCR1jMRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNSuIMnnHg4cGcjG2IsgEs8E8vhUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL05TdUlNbm5IZzRjR2NqRzJJc2dFczhF
OHZoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPaIwAwDQYJ
KoZIhvcNAQELBQADggEBAAFa46xpnP+Hiz+bpbfvnxD3j8gA0r4xN7HyELqvcZvr
7wJVddNlzKgIVOjX8S84Xw7pzlf1Q0OxbXyi46w4WdvQsZZ36r0KnzRnxBHfscQv
A6bxAZQtvqTI15SXxPgYiilAE/yMPp+WES9LvSMETmy3ylpTkOUOkmIPZUhOZNtQ
p73+L37mTBRAK94R80Yf/u3DNkmKnsrsLoJvAfCq0eliEIGYIWYh3N7ccZJmnS4X
JTsYFPFfpbgGomg0VAwLwyVZaZIhGCYEJhDD2q9AM3nijlLcm0TRfvQWIWmzJuDd
yIl6HA6pLZX25wuZKTo3j1upy9Qf2i0FmuMaklmptlE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:34 2025 by rpki-client