Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/sh1CTOJEJ0UN512wSk7_H4Wken4.roa
File: sh1CTOJEJ0UN512wSk7_H4Wken4.roa (raw, json)
Hash identifier: qVNxB4Bfr48jp3/YxyR7KWywogJRe3UhnTq98koMLIo=
Subject key identifier: B2:1D:42:4C:E2:44:27:45:0D:E7:5D:B0:4A:4E:FF:1F:85:A4:7A:7E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0FDB
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/sh1CTOJEJ0UN512wSk7_H4Wken4.roa
Signing time: Mon 26 Aug 2024 05:15:49 +0000
ROA not before: Mon 26 Aug 2024 05:15:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.63.192.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4059 (0xfdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:15:49 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B21D424CE24427450DE75DB04A4EFF1F85A47A7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:c4:b1:be:0f:0a:1a:9c:56:0b:27:60:73:
e4:c2:75:17:a0:3a:42:43:7f:4a:60:9b:c8:a3:64:
4e:bf:da:32:cd:40:c3:39:c4:a9:c4:da:5e:37:35:
9a:19:f7:2a:27:ca:84:65:9f:82:db:03:81:6f:74:
32:de:70:83:52:06:b5:fd:0a:0c:ae:d2:25:ef:5e:
d6:f0:87:0f:96:fc:96:66:5d:5a:d5:45:c9:93:67:
c9:3f:c3:e6:00:ec:40:7e:e1:b6:91:08:56:df:12:
d0:98:0a:e8:e7:c7:f9:1e:f8:25:75:00:9a:84:89:
32:67:e2:39:25:b8:e5:26:5d:b5:6e:58:11:3f:e2:
c7:96:fb:c3:b0:b2:17:d0:1b:2e:2f:c6:fb:02:7a:
14:93:d5:70:53:41:21:ba:43:b6:60:1c:6c:a2:c2:
2c:3d:0a:8d:75:d1:04:b5:00:50:99:a1:68:0b:23:
7c:0f:c8:08:e9:17:66:92:cf:e2:01:88:60:17:bc:
42:74:c9:92:59:8c:5c:fd:5e:44:de:d4:f5:9e:7b:
98:f9:e9:62:91:6b:bf:cd:6d:52:01:64:de:bc:4d:
5b:02:bd:20:72:6e:36:29:32:70:b1:99:4c:7c:7e:
f0:af:c3:7b:ed:10:e7:86:38:51:c8:2c:13:f3:35:
d0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:1D:42:4C:E2:44:27:45:0D:E7:5D:B0:4A:4E:FF:1F:85:A4:7A:7E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/sh1CTOJEJ0UN512wSk7_H4Wken4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.192.0/19
Signature Algorithm: sha256WithRSAEncryption
09:8d:20:b6:4e:b1:93:12:78:0c:0b:87:ec:6b:95:52:5e:8f:
0a:0e:2b:40:89:bb:10:c3:00:a7:2e:35:88:83:80:a4:d0:9e:
04:19:ab:47:6c:d2:23:53:85:ad:58:62:24:25:f2:e5:17:78:
e7:a8:c6:19:f6:d3:5e:9c:c4:23:be:f9:38:90:e9:f2:a2:0d:
8b:04:37:d7:7a:1b:71:c9:37:2f:c0:fe:70:80:46:18:be:d2:
a5:04:45:f8:6b:c0:c3:a8:2c:cc:84:01:8b:91:f8:31:7f:2c:
10:3e:fe:e6:bb:30:06:d4:2d:6b:68:cf:97:a2:34:10:40:ff:
3b:ce:73:b7:3b:40:f9:53:75:18:7e:70:1d:22:aa:f9:cc:e1:
9c:c3:c7:3b:f9:3b:dd:6a:8b:d7:af:ba:1e:63:58:44:f4:32:
45:44:b7:60:b4:9c:d7:61:8b:68:22:c2:a0:4a:5f:ee:9b:39:
17:65:bc:1e:18:55:a1:8e:6a:a8:f4:cb:e4:54:27:8b:97:b6:
39:6b:70:5f:97:cf:58:36:62:01:ec:9c:a6:64:28:7f:3b:c0:
fb:f3:e6:71:b6:e1:31:db:72:1b:a5:c6:68:e7:b0:4d:39:ed:
0f:16:d1:d5:dc:17:b8:81:9e:83:b3:eb:c1:ea:53:8d:63:f6:
f8:ce:dd:95
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE1NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIyMUQ0MjRDRTI0NDI3
NDUwREU3NURCMDRBNEVGRjFGODVBNDdBN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8jMSxvg8KGpxWCydgc+TCdRegOkJDf0pgm8ijZE6/2jLNQMM5
xKnE2l43NZoZ9yonyoRln4LbA4FvdDLecINSBrX9Cgyu0iXvXtbwhw+W/JZmXVrV
RcmTZ8k/w+YA7EB+4baRCFbfEtCYCujnx/ke+CV1AJqEiTJn4jkluOUmXbVuWBE/
4seW+8OwshfQGy4vxvsCehST1XBTQSG6Q7ZgHGyiwiw9Co110QS1AFCZoWgLI3wP
yAjpF2aSz+IBiGAXvEJ0yZJZjFz9XkTe1PWee5j56WKRa7/NbVIBZN68TVsCvSBy
bjYpMnCxmUx8fvCvw3vtEOeGOFHILBPzNdDhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUsh1CTOJEJ0UN512wSk7/H4Wken4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3NoMUNUT0pFSjBVTjUxMndTazdfSDRX
a2VuNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSP8AwDQYJ
KoZIhvcNAQELBQADggEBAAmNILZOsZMSeAwLh+xrlVJejwoOK0CJuxDDAKcuNYiD
gKTQngQZq0ds0iNTha1YYiQl8uUXeOeoxhn2016cxCO++TiQ6fKiDYsEN9d6G3HJ
Ny/A/nCARhi+0qUERfhrwMOoLMyEAYuR+DF/LBA+/ua7MAbULWtoz5eiNBBA/zvO
c7c7QPlTdRh+cB0iqvnM4ZzDxzv5O91qi9evuh5jWET0MkVEt2C0nNdhi2giwqBK
X+6bORdlvB4YVaGOaqj0y+RUJ4uXtjlrcF+Xz1g2YgHsnKZkKH87wPvz5nG24THb
chulxmjnsE057Q8W0dXcF7iBnoOz68HqU41j9vjO3ZU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:44 2025 by rpki-client