Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/iCU-lrSyTMFbkd2tzD84xJvpmNc.roa
File: iCU-lrSyTMFbkd2tzD84xJvpmNc.roa (raw, json)
Hash identifier: Q9fL4qlp0uGH9XvbIjKzVxkR+D2FJrSYDY+4F9shyvE=
Subject key identifier: 88:25:3E:96:B4:B2:4C:C1:5B:91:DD:AD:CC:3F:38:C4:9B:E9:98:D7
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10B6
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iCU-lrSyTMFbkd2tzD84xJvpmNc.roa
Signing time: Mon 26 Aug 2024 05:16:43 +0000
ROA not before: Mon 26 Aug 2024 05:16:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9311
IP address blocks: 210.63.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4278 (0x10b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:43 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=88253E96B4B24CC15B91DDADCC3F38C49BE998D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:91:e3:b3:ab:dc:24:34:1b:96:02:5f:43:06:
a5:45:e7:8b:02:36:bc:d1:0e:97:89:86:b2:da:f1:
dc:2f:40:86:35:e2:11:f1:db:02:af:8c:64:20:d5:
6a:7f:5f:f5:f7:4a:7f:46:17:5f:a4:c0:93:bf:2b:
fc:59:71:8e:25:cd:32:7f:7f:58:76:12:ae:b8:74:
48:48:a7:27:e7:4b:69:46:41:05:f2:43:a8:71:76:
3b:6a:f4:e0:78:9b:35:20:ca:e8:56:6f:ba:dd:80:
cb:a1:4f:ad:68:41:24:de:1a:c4:0c:3c:ef:5d:a5:
58:e9:2a:26:ae:a7:1d:73:a4:c6:b8:12:20:8a:f9:
22:df:6b:8d:32:5e:4a:96:cb:a7:f1:ae:f6:6b:8e:
e0:85:c7:8b:e3:75:2e:62:f4:d6:fe:da:0c:c5:21:
4c:02:06:12:23:fc:70:ef:94:d7:38:df:c8:4f:15:
7c:3f:23:fe:72:20:20:97:9c:19:71:c3:b5:01:cb:
e5:c7:b6:d5:2f:e2:9d:07:17:69:17:05:75:52:76:
82:fb:4b:e7:9e:59:1c:27:3c:46:ca:a9:ee:14:6a:
f0:7f:b9:64:12:64:af:c5:52:6b:62:6e:88:56:73:
66:90:d6:d5:8f:72:0b:e0:1e:9d:46:0c:99:93:1c:
96:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:25:3E:96:B4:B2:4C:C1:5B:91:DD:AD:CC:3F:38:C4:9B:E9:98:D7
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iCU-lrSyTMFbkd2tzD84xJvpmNc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:3b:ca:bd:27:2e:e9:62:b3:a4:b8:c8:5c:cc:f7:1f:01:b0:
89:9c:d6:74:f7:7d:6e:ae:82:b3:4d:40:26:81:c3:f2:e7:39:
94:bc:1e:2f:39:6a:37:11:88:58:96:8d:b0:64:63:06:ea:bc:
8d:e0:d7:d4:66:f5:d8:03:51:73:d6:a8:41:9a:6a:75:ca:cc:
fa:61:bf:b0:0b:8c:e2:28:25:07:73:e9:ee:a3:53:a8:fc:7c:
28:01:43:99:6e:ae:45:26:3f:35:08:c4:80:41:7b:92:54:dc:
49:55:78:ae:39:63:ff:e5:49:ca:d0:87:e7:d7:6a:c7:c6:91:
d0:f1:bf:9c:e2:8c:a3:63:f3:1a:c4:14:07:30:04:ea:dc:d5:
fb:54:e2:82:29:b7:17:ee:d4:29:c2:b9:ed:76:5c:c4:c2:9e:
cc:27:b6:b2:2b:72:79:9a:3d:84:1b:5b:57:fe:c6:0c:08:d9:
3c:c2:de:a3:da:e4:89:94:0a:4a:c4:a4:56:a5:fc:b1:c1:01:
c1:d5:f4:d1:a2:03:fd:4a:87:6c:43:6e:04:ee:9a:19:53:1d:
5a:2b:c6:a8:9c:12:2d:07:a9:0a:4d:10:52:bc:a3:0c:14:bc:
fe:bc:c3:6d:3e:8d:76:a4:34:90:bc:f5:58:88:5a:dd:c5:a9:
1e:46:82:56
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICELYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg4MjUzRTk2QjRCMjRD
QzE1QjkxRERBRENDM0YzOEM0OUJFOTk4RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdkeOzq9wkNBuWAl9DBqVF54sCNrzRDpeJhrLa8dwvQIY14hHx
2wKvjGQg1Wp/X/X3Sn9GF1+kwJO/K/xZcY4lzTJ/f1h2Eq64dEhIpyfnS2lGQQXy
Q6hxdjtq9OB4mzUgyuhWb7rdgMuhT61oQSTeGsQMPO9dpVjpKiaupx1zpMa4EiCK
+SLfa40yXkqWy6fxrvZrjuCFx4vjdS5i9Nb+2gzFIUwCBhIj/HDvlNc438hPFXw/
I/5yICCXnBlxw7UBy+XHttUv4p0HF2kXBXVSdoL7S+eeWRwnPEbKqe4UavB/uWQS
ZK/FUmtibohWc2aQ1tWPcgvgHp1GDJmTHJa7AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUiCU+lrSyTMFbkd2tzD84xJvpmNcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2lDVS1sclN5VE1GYmtkMnR6RDg0eEp2
cG1OYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSP+8wDQYJ
KoZIhvcNAQELBQADggEBALo7yr0nLulis6S4yFzM9x8BsImc1nT3fW6ugrNNQCaB
w/LnOZS8Hi85ajcRiFiWjbBkYwbqvI3g19Rm9dgDUXPWqEGaanXKzPphv7ALjOIo
JQdz6e6jU6j8fCgBQ5lurkUmPzUIxIBBe5JU3ElVeK45Y//lScrQh+fXasfGkdDx
v5zijKNj8xrEFAcwBOrc1ftU4oIptxfu1CnCue12XMTCnswntrIrcnmaPYQbW1f+
xgwI2TzC3qPa5ImUCkrEpFal/LHBAcHV9NGiA/1Kh2xDbgTumhlTHVorxqicEi0H
qQpNEFK8owwUvP68w20+jXakNJC89ViIWt3FqR5GglY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:44:51 2025 by rpki-client