Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/wmbwnd2mYglh20EMX1uw_4an9E8.roa
File: wmbwnd2mYglh20EMX1uw_4an9E8.roa (raw, json)
Hash identifier: u2h+WaDTWISSca2EpgM/0Lbt/aFwgvbzlvCEFH4Tkos=
Subject key identifier: C2:66:F0:9D:DD:A6:62:09:61:DB:41:0C:5F:5B:B0:FF:86:A7:F4:4F
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10CC
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wmbwnd2mYglh20EMX1uw_4an9E8.roa
Signing time: Mon 26 Aug 2024 05:16:48 +0000
ROA not before: Mon 26 Aug 2024 05:16:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9311
IP address blocks: 222.156.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4300 (0x10cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:48 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C266F09DDDA6620961DB410C5F5BB0FF86A7F44F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:da:07:29:af:66:a7:b3:5e:59:55:48:73:
d5:e0:26:d2:75:b0:92:de:3e:d8:f3:f6:1d:8d:8a:
fd:d5:35:64:1c:39:63:b5:27:9b:0a:1c:e6:ec:c5:
f8:43:7d:5d:ca:3d:19:fb:a6:b3:fe:c3:4b:b0:d3:
7b:12:a5:33:b7:06:1a:49:ee:62:97:cc:0e:28:b4:
02:90:16:d7:5f:05:a0:9f:9e:6e:de:9e:ea:ae:17:
a1:52:1a:c3:2e:a1:9a:ba:a5:56:2d:b3:a7:8f:89:
11:57:7e:31:e4:4a:18:a0:04:02:91:a9:4c:f1:5a:
b4:c0:99:12:79:f1:1d:fe:3c:3e:16:e1:f9:a0:48:
d7:67:db:ac:4c:fb:91:33:fc:b4:1b:89:11:42:9d:
f0:3a:9a:39:b4:75:2a:66:59:a2:b7:f9:b8:3a:c0:
86:95:12:bf:e7:dc:36:fe:80:94:8d:41:2c:10:91:
11:9f:e8:5a:1f:e8:8a:8b:cf:df:f2:53:a9:dd:31:
cc:d8:b0:c0:82:42:da:69:58:b2:6d:b5:91:d3:08:
ed:8c:58:7e:92:16:0b:7d:e6:35:cc:d2:6c:71:aa:
f6:64:e5:4e:fc:84:d1:06:24:95:ae:52:02:c2:d7:
9b:89:19:75:5e:33:2f:59:85:24:59:00:92:55:82:
2a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:66:F0:9D:DD:A6:62:09:61:DB:41:0C:5F:5B:B0:FF:86:A7:F4:4F
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wmbwnd2mYglh20EMX1uw_4an9E8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.247.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ea:83:ca:5e:b6:78:05:f7:b8:7a:78:56:19:8a:2b:ad:b8:
f7:f2:27:66:17:3c:b0:04:75:7b:ef:00:54:b2:ea:58:55:43:
8e:94:14:fe:c8:f8:39:89:c6:9b:d9:ae:9b:39:39:49:91:c4:
21:4b:1f:92:fb:03:37:cb:cf:55:b9:4b:f9:d3:6a:e5:1a:d8:
10:05:4a:44:22:0b:19:17:dc:a5:0f:ad:0c:82:8c:b8:e1:ff:
38:1c:b1:8d:11:62:d4:da:b8:32:d6:9f:13:18:c7:16:89:f6:
2b:17:58:63:14:a2:f0:f1:5a:95:0b:4d:dc:bc:46:be:01:e0:
9d:6f:7a:8d:fe:48:2f:48:c5:f3:32:ac:b8:49:74:40:ae:86:
41:81:45:57:f2:8a:1f:2e:87:89:44:00:87:81:92:65:0a:50:
c2:7d:30:4e:54:0a:fc:bc:63:4f:93:df:5a:ec:73:b7:ce:d3:
82:4d:0a:66:cd:48:fa:c9:d8:dd:e3:0d:e0:67:f1:c2:82:06:
3d:6a:3e:ee:86:b1:88:d1:86:a5:7b:28:8c:32:38:96:58:c3:
e7:80:31:de:9d:f7:cc:c1:ef:af:ab:ac:fe:d3:c9:8b:d9:4d:
84:78:1a:3a:22:81:74:aa:2f:2e:7f:3e:ea:93:90:de:e9:f4:
58:ba:9f:04
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMyNjZGMDlERERBNjYy
MDk2MURCNDEwQzVGNUJCMEZGODZBN0Y0NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4gdoHKa9mp7NeWVVIc9XgJtJ1sJLePtjz9h2Niv3VNWQcOWO1
J5sKHObsxfhDfV3KPRn7prP+w0uw03sSpTO3BhpJ7mKXzA4otAKQFtdfBaCfnm7e
nuquF6FSGsMuoZq6pVYts6ePiRFXfjHkShigBAKRqUzxWrTAmRJ58R3+PD4W4fmg
SNdn26xM+5Ez/LQbiRFCnfA6mjm0dSpmWaK3+bg6wIaVEr/n3Db+gJSNQSwQkRGf
6Fof6IqLz9/yU6ndMczYsMCCQtppWLJttZHTCO2MWH6SFgt95jXM0mxxqvZk5U78
hNEGJJWuUgLC15uJGXVeMy9ZhSRZAJJVgip3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUwmbwnd2mYglh20EMX1uw/4an9E8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3dtYnduZDJtWWdsaDIwRU1YMXV3XzRh
bjlFOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADenPcwDQYJ
KoZIhvcNAQELBQADggEBAKzqg8petngF97h6eFYZiiutuPfyJ2YXPLAEdXvvAFSy
6lhVQ46UFP7I+DmJxpvZrps5OUmRxCFLH5L7AzfLz1W5S/nTauUa2BAFSkQiCxkX
3KUPrQyCjLjh/zgcsY0RYtTauDLWnxMYxxaJ9isXWGMUovDxWpULTdy8Rr4B4J1v
eo3+SC9IxfMyrLhJdECuhkGBRVfyih8uh4lEAIeBkmUKUMJ9ME5UCvy8Y0+T31rs
c7fO04JNCmbNSPrJ2N3jDeBn8cKCBj1qPu6GsYjRhqV7KIwyOJZYw+eAMd6d98zB
76+rrP7TyYvZTYR4GjoigXSqLy5/PuqTkN7p9Fi6nwQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:34 2025 by rpki-client