Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/qhQyjwaWaHt8sau4p02KBHwNh64.roa
File: qhQyjwaWaHt8sau4p02KBHwNh64.roa (raw, json)
Hash identifier: JqmOsLMoSrtLI2w/KPm+YSLMXRSFz6BlTMCNwxg2zFk=
Subject key identifier: AA:14:32:8F:06:96:68:7B:7C:B1:AB:B8:A7:4D:8A:04:7C:0D:87:AE
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1057
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/qhQyjwaWaHt8sau4p02KBHwNh64.roa
Signing time: Mon 26 Aug 2024 05:16:19 +0000
ROA not before: Mon 26 Aug 2024 05:16:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 2404:0:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4183 (0x1057)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:19 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AA14328F0696687B7CB1ABB8A74D8A047C0D87AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d5:1a:90:39:2e:16:8c:9e:14:d6:34:c1:fe:
b7:29:d8:ea:04:a2:32:2c:c1:00:94:f6:b6:77:7d:
49:10:87:d7:1c:0a:a4:bd:0d:be:3e:44:dd:8e:05:
2c:02:08:f4:5c:d7:32:b1:06:b2:ef:92:85:6f:b7:
9c:91:48:7c:32:c1:97:db:64:d9:8d:31:70:02:85:
bd:89:f9:d1:b0:84:5a:9d:cd:01:6c:82:0c:97:a6:
4a:48:9a:7c:88:69:e3:95:d4:59:2a:1a:87:7a:b4:
a7:5f:cf:b5:e7:97:6f:23:45:f0:25:8e:85:7d:52:
e2:72:5f:2b:e9:74:fc:f1:69:74:0e:6c:85:6f:53:
33:00:67:75:b4:6b:ce:4a:29:6f:0f:2b:cf:24:36:
4f:28:cc:9c:4c:27:d4:3e:48:75:52:e2:4b:ea:44:
2d:a3:8a:4b:69:83:64:2b:30:f1:4c:ab:02:d8:c1:
ee:2f:d5:97:02:2e:ee:fc:a3:2b:37:5f:5c:94:66:
7b:11:0d:3d:32:9d:f9:44:52:99:f4:30:ed:cf:9d:
04:83:bb:af:4f:68:79:3e:f5:a8:a1:60:05:52:d9:
26:ba:a1:6a:4c:14:75:53:30:16:9c:2e:57:da:d5:
f9:dd:34:0f:cc:11:57:00:b6:25:c5:52:a4:46:2f:
cf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:14:32:8F:06:96:68:7B:7C:B1:AB:B8:A7:4D:8A:04:7C:0D:87:AE
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/qhQyjwaWaHt8sau4p02KBHwNh64.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:0:2000::/36
Signature Algorithm: sha256WithRSAEncryption
76:1a:4e:30:94:00:04:f9:62:ff:99:17:ae:a0:2f:01:9a:98:
e9:7e:03:03:1e:19:e8:9f:8b:29:7f:b2:33:fb:92:fd:0d:9c:
56:3a:4f:30:22:1a:3f:49:ad:14:88:ec:cb:5c:1b:93:03:6f:
be:ac:7f:79:4f:ed:63:60:be:77:6a:75:8c:8a:d3:5b:8a:63:
e3:e8:b3:39:f6:fd:a6:ce:dc:2c:5e:17:f7:61:1e:ab:52:aa:
45:8b:1f:ea:08:c9:24:c3:45:6e:67:3b:59:0d:13:d9:e9:be:
9a:3a:79:f7:cd:78:c0:23:12:cc:6c:b8:f0:21:32:93:1a:bf:
0a:ce:5a:b3:46:6c:56:a5:57:f8:72:aa:7b:ce:06:a2:db:87:
ee:b5:c0:13:31:2e:68:30:53:e6:eb:35:68:0c:4a:f7:db:e2:
d2:a6:f1:dd:2e:89:83:a2:48:19:85:28:d7:69:9f:51:58:d7:
b9:50:0c:62:ae:d3:fa:2e:02:51:2e:de:d5:bb:93:d8:c8:b8:
07:e9:d5:18:e1:8c:d7:cc:cb:a7:ec:a9:6d:13:db:72:b1:aa:
e0:26:09:0d:85:6c:a8:2a:24:33:17:cd:b2:2c:40:29:d6:78:
e4:27:ca:db:66:5c:ee:9c:16:70:34:bb:8a:ad:61:38:21:f6:
78:fe:1c:fe
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFBMTQzMjhGMDY5NjY4
N0I3Q0IxQUJCOEE3NEQ4QTA0N0MwRDg3QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCd1RqQOS4WjJ4U1jTB/rcp2OoEojIswQCU9rZ3fUkQh9ccCqS9
Db4+RN2OBSwCCPRc1zKxBrLvkoVvt5yRSHwywZfbZNmNMXAChb2J+dGwhFqdzQFs
ggyXpkpImnyIaeOV1FkqGod6tKdfz7Xnl28jRfAljoV9UuJyXyvpdPzxaXQObIVv
UzMAZ3W0a85KKW8PK88kNk8ozJxMJ9Q+SHVS4kvqRC2jiktpg2QrMPFMqwLYwe4v
1ZcCLu78oys3X1yUZnsRDT0ynflEUpn0MO3PnQSDu69PaHk+9aihYAVS2Sa6oWpM
FHVTMBacLlfa1fndNA/MEVcAtiXFUqRGL8+FAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqhQyjwaWaHt8sau4p02KBHwNh64wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3FoUXlqd2FXYUh0OHNhdTRwMDJLQkh3
Tmg2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQkBAAAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAdhpOMJQABPli/5kXrqAvAZqY6X4DAx4Z6J+LKX+y
M/uS/Q2cVjpPMCIaP0mtFIjsy1wbkwNvvqx/eU/tY2C+d2p1jIrTW4pj4+izOfb9
ps7cLF4X92Eeq1KqRYsf6gjJJMNFbmc7WQ0T2em+mjp59814wCMSzGy48CEykxq/
Cs5as0ZsVqVX+HKqe84GotuH7rXAEzEuaDBT5us1aAxK99vi0qbx3S6Jg6JIGYUo
12mfUVjXuVAMYq7T+i4CUS7e1buT2Mi4B+nVGOGM18zLp+ypbRPbcrGq4CYJDYVs
qCokMxfNsixAKdZ45CfK22Zc7pwWcDS7iq1hOCH2eP4c/g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:43:33 2025 by rpki-client