Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/iSuVZLM7DFE1xrmLfwQgA_3IKcU.roa
File: iSuVZLM7DFE1xrmLfwQgA_3IKcU.roa (raw, json)
Hash identifier: y1EHb2muKiKRRv6xVVgAEo7eYcK/T0rgsiM3RzarYNs=
Subject key identifier: 89:2B:95:64:B3:3B:0C:51:35:C6:B9:8B:7F:04:20:03:FD:C8:29:C5
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1040
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iSuVZLM7DFE1xrmLfwQgA_3IKcU.roa
Signing time: Mon 26 Aug 2024 05:16:13 +0000
ROA not before: Mon 26 Aug 2024 05:16:13 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 210.200.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4160 (0x1040)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:13 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=892B9564B33B0C5135C6B98B7F042003FDC829C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:7a:e9:8f:b5:27:82:8c:6f:d1:47:07:f5:
fe:57:63:40:b4:92:12:19:87:3d:1a:2d:a5:8e:ad:
2e:7a:1f:be:5a:be:16:f0:b8:55:7e:3c:e6:df:b8:
02:66:3f:89:01:4d:b5:4f:11:82:26:bf:24:99:69:
c1:f2:fb:5a:e9:ef:fa:0e:57:6d:b1:11:27:93:c9:
e9:d2:7d:57:a7:0e:44:eb:28:e3:fa:44:f0:42:0b:
d9:ed:ec:2e:e5:03:e6:a5:e4:83:e0:99:25:7a:61:
ae:04:41:2d:63:15:9c:5a:c4:c1:13:ee:85:07:92:
ff:b2:73:f1:b9:dd:e9:88:ef:87:9d:94:8e:b8:4b:
d9:dd:b6:f3:79:de:a6:21:62:b0:d2:e7:31:3c:82:
49:5f:a7:0c:d5:bd:e4:b7:ef:52:0c:7b:d3:b0:f7:
63:0f:28:3a:96:f8:9b:50:f2:a1:d1:d7:f2:97:72:
c4:e5:d2:2b:89:00:94:fb:08:cc:ff:f7:91:ba:2f:
a0:c6:d5:be:1b:2f:f0:35:0f:70:a0:02:b8:71:4b:
2c:92:a1:32:2e:5d:00:57:6d:04:ed:d3:b4:1f:a8:
36:ca:0d:5a:4a:52:9a:18:eb:67:25:df:29:ce:88:
6f:2f:6f:be:4f:78:42:29:79:26:a6:8d:bb:6c:8e:
06:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2B:95:64:B3:3B:0C:51:35:C6:B9:8B:7F:04:20:03:FD:C8:29:C5
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iSuVZLM7DFE1xrmLfwQgA_3IKcU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.85.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:00:14:38:e0:ed:7d:c1:7a:ba:42:0b:c2:9c:f9:b4:39:69:
b8:3a:e8:52:41:42:d1:4f:d9:61:92:9b:12:71:5d:f7:b0:9c:
f4:a5:d8:85:17:36:10:5e:e1:a8:86:5e:06:7c:dc:8c:eb:35:
f0:4a:46:a9:2a:4e:2c:ed:c6:f4:e8:60:25:5a:9a:b0:5f:78:
63:55:93:af:57:67:68:ec:54:cc:40:bc:c3:85:ae:5c:7a:b7:
39:14:38:c7:25:07:e6:27:20:e6:de:ab:43:97:7f:53:91:39:
44:bc:70:ba:57:83:31:88:b4:33:da:47:bc:f9:be:36:f4:8b:
e8:97:fc:d8:c2:54:c3:5e:e5:6f:c9:2c:47:cb:17:dc:ad:23:
eb:45:55:f9:3a:3c:27:9d:d2:70:c4:a9:69:63:f9:e6:b1:fd:
70:ef:56:ad:be:5e:be:b4:4e:fd:ee:e9:0f:52:c0:cf:d8:4e:
40:30:df:a8:2e:68:3c:6d:00:50:f1:f9:bb:2b:97:47:62:83:
d9:51:4d:48:79:c8:d8:07:6e:42:66:4f:9f:70:d6:d5:1a:0a:
6e:27:8d:de:43:be:8c:e0:bb:76:91:d2:a8:de:db:4d:e1:65:
9e:d8:b7:ab:24:56:a1:12:81:71:fd:d5:5d:c3:48:c8:d5:5f:
93:64:69:cc
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5MkI5NTY0QjMzQjBD
NTEzNUM2Qjk4QjdGMDQyMDAzRkRDODI5QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnjnrpj7Ungoxv0UcH9f5XY0C0khIZhz0aLaWOrS56H75avhbw
uFV+PObfuAJmP4kBTbVPEYImvySZacHy+1rp7/oOV22xESeTyenSfVenDkTrKOP6
RPBCC9nt7C7lA+al5IPgmSV6Ya4EQS1jFZxaxMET7oUHkv+yc/G53emI74edlI64
S9ndtvN53qYhYrDS5zE8gklfpwzVveS371IMe9Ow92MPKDqW+JtQ8qHR1/KXcsTl
0iuJAJT7CMz/95G6L6DG1b4bL/A1D3CgArhxSyySoTIuXQBXbQTt07QfqDbKDVpK
UpoY62cl3ynOiG8vb75PeEIpeSamjbtsjgZBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUiSuVZLM7DFE1xrmLfwQgA/3IKcUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2lTdVZaTE03REZFMXhybUxmd1FnQV8z
SUtjVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSyFUwDQYJ
KoZIhvcNAQELBQADggEBAH8AFDjg7X3BerpCC8Kc+bQ5abg66FJBQtFP2WGSmxJx
XfewnPSl2IUXNhBe4aiGXgZ83IzrNfBKRqkqTiztxvToYCVamrBfeGNVk69XZ2js
VMxAvMOFrlx6tzkUOMclB+YnIObeq0OXf1OROUS8cLpXgzGItDPaR7z5vjb0i+iX
/NjCVMNe5W/JLEfLF9ytI+tFVfk6PCed0nDEqWlj+eax/XDvVq2+Xr60Tv3u6Q9S
wM/YTkAw36guaDxtAFDx+bsrl0dig9lRTUh5yNgHbkJmT59w1tUaCm4njd5Dvozg
u3aR0qje203hZZ7Yt6skVqESgXH91V3DSMjVX5Nkacw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:46 2025 by rpki-client