Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/zsxiPauq7fubwayPXOpvpFpKFmU.roa
File: zsxiPauq7fubwayPXOpvpFpKFmU.roa (raw, json)
Hash identifier: ewEitLpRk8ZT+nZzVLtp9IIAPQzgvTmHZPO2m3idoxc=
Subject key identifier: CE:CC:62:3D:AB:AA:ED:FB:9B:C1:AC:8F:5C:EA:6F:A4:5A:4A:16:65
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10D7
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zsxiPauq7fubwayPXOpvpFpKFmU.roa
Signing time: Mon 26 Aug 2024 05:16:50 +0000
ROA not before: Mon 26 Aug 2024 05:16:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 203.79.200.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4311 (0x10d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:50 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CECC623DABAAEDFB9BC1AC8F5CEA6FA45A4A1665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:29:94:89:94:be:ff:44:c1:18:8e:7c:cd:
b1:40:57:a4:7f:12:37:d6:6c:c7:83:8c:e3:be:1f:
f6:49:7d:cc:55:5f:b0:cc:cd:3c:33:b0:86:5d:d1:
82:47:fd:35:6c:71:85:df:16:2b:a1:2d:08:56:39:
fd:e4:fa:2d:60:5b:db:f9:58:0d:2b:60:9a:21:b5:
ce:c8:2d:a3:35:6e:3f:bf:a9:02:6a:02:34:51:04:
5a:fb:ec:c4:74:df:3b:48:94:d5:15:72:43:5a:9c:
aa:7e:dd:a0:93:71:9c:14:9c:16:ff:80:29:5c:80:
a0:cd:60:fb:1d:4c:64:07:37:76:cd:bc:0a:19:28:
49:28:a6:a8:20:f1:60:94:0a:59:60:8f:a5:cc:a6:
36:e2:8d:2b:8d:42:63:b2:6a:13:a6:a8:cf:1b:19:
93:49:84:39:65:69:28:20:10:53:3c:3b:12:64:6b:
83:ea:59:6e:33:52:f2:cf:89:cb:14:c5:5e:9f:68:
53:25:c0:ab:26:47:82:3a:e0:36:49:19:22:6a:6a:
c1:eb:16:6c:fe:2a:b3:7b:63:f5:71:82:93:db:19:
91:0e:84:47:18:a7:67:c1:e0:5a:8c:49:26:a5:e7:
26:0d:d3:6e:ca:f9:8b:0d:e1:23:80:cc:40:a9:a4:
ec:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CC:62:3D:AB:AA:ED:FB:9B:C1:AC:8F:5C:EA:6F:A4:5A:4A:16:65
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zsxiPauq7fubwayPXOpvpFpKFmU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.200.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:00:15:ce:c7:50:3c:18:29:f5:64:68:3d:b3:6e:60:72:4f:
ee:01:97:15:79:83:ff:c6:e8:42:ed:be:ce:8c:01:d0:cd:77:
ae:29:aa:aa:10:44:56:0e:8c:2f:28:e4:1d:97:67:6e:9e:19:
fa:0a:a2:3b:a6:6f:e0:dd:17:ac:60:c5:a4:06:46:11:bc:81:
de:ae:64:65:bc:ce:24:43:2f:1e:d0:38:a1:47:33:30:7a:23:
99:0c:0b:34:88:1f:ba:1d:8e:85:c4:37:f8:de:5e:ca:4c:80:
2e:4b:1f:14:10:11:2e:d8:51:d4:ff:72:a8:80:67:d1:01:ac:
68:38:ab:30:bd:e2:24:49:fb:12:29:d1:1c:97:04:83:b7:bd:
cf:e1:79:10:c2:af:42:f7:a3:c9:80:c9:f3:ed:dc:f1:01:42:
5e:ec:b4:3e:a9:67:32:64:9d:32:c2:93:25:2f:33:9c:2c:2e:
76:0f:49:0e:e4:18:3f:06:9a:e9:10:bb:8c:f1:23:64:57:8c:
b7:ec:d3:e8:aa:22:82:bb:59:37:7f:cb:f1:23:61:4c:0d:4e:
b0:f2:39:81:9c:15:16:64:02:f5:ca:cd:36:55:1e:fe:e0:c7:
c7:28:4e:49:9a:a6:89:87:36:8c:c6:cd:af:65:67:c3:7e:2c:
b8:c8:98:d5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICENcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENFQ0M2MjNEQUJBQUVE
RkI5QkMxQUM4RjVDRUE2RkE0NUE0QTE2NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU+CmUiZS+/0TBGI58zbFAV6R/EjfWbMeDjOO+H/ZJfcxVX7DM
zTwzsIZd0YJH/TVscYXfFiuhLQhWOf3k+i1gW9v5WA0rYJohtc7ILaM1bj+/qQJq
AjRRBFr77MR03ztIlNUVckNanKp+3aCTcZwUnBb/gClcgKDNYPsdTGQHN3bNvAoZ
KEkopqgg8WCUCllgj6XMpjbijSuNQmOyahOmqM8bGZNJhDllaSggEFM8OxJka4Pq
WW4zUvLPicsUxV6faFMlwKsmR4I64DZJGSJqasHrFmz+KrN7Y/VxgpPbGZEOhEcY
p2fB4FqMSSal5yYN027K+YsN4SOAzECppOzjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUzsxiPauq7fubwayPXOpvpFpKFmUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3pzeGlQYXVxN2Z1YndheVBYT3B2cEZw
S0ZtVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLT8gwDQYJ
KoZIhvcNAQELBQADggEBACoAFc7HUDwYKfVkaD2zbmByT+4BlxV5g//G6ELtvs6M
AdDNd64pqqoQRFYOjC8o5B2XZ26eGfoKojumb+DdF6xgxaQGRhG8gd6uZGW8ziRD
Lx7QOKFHMzB6I5kMCzSIH7odjoXEN/jeXspMgC5LHxQQES7YUdT/cqiAZ9EBrGg4
qzC94iRJ+xIp0RyXBIO3vc/heRDCr0L3o8mAyfPt3PEBQl7stD6pZzJknTLCkyUv
M5wsLnYPSQ7kGD8GmukQu4zxI2RXjLfs0+iqIoK7WTd/y/EjYUwNTrDyOYGcFRZk
AvXKzTZVHv7gx8coTkmapomHNozGza9lZ8N+LLjImNU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:56 2025 by rpki-client