Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/Lx0fvoW1ruAkQ_5A9UXHUS4yYew.roa
File: Lx0fvoW1ruAkQ_5A9UXHUS4yYew.roa (raw, json)
Hash identifier: sqTPsifAuCaHlzybKWr2Y5MnJbK2BP5RHirqUMTfdDA=
Subject key identifier: 2F:1D:1F:BE:85:B5:AE:E0:24:43:FE:40:F5:45:C7:51:2E:32:61:EC
Certificate issuer: /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial: 09FA
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/Lx0fvoW1ruAkQ_5A9UXHUS4yYew.roa
Signing time: Mon 10 Feb 2025 14:16:41 +0000
ROA not before: Mon 10 Feb 2025 14:16:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131666
IP address blocks: 103.144.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 02:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2554 (0x9fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
Validity
Not Before: Feb 10 14:16:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2F1D1FBE85B5AEE02443FE40F545C7512E3261EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:44:28:8d:95:fe:0e:65:44:13:b6:79:d4:43:
30:93:0e:dd:af:84:4e:70:32:b3:52:93:4e:02:08:
53:e5:39:be:1d:d9:c8:ce:6c:52:47:81:12:64:04:
bb:57:92:1c:55:a3:91:42:46:c9:00:0a:7f:b2:35:
7b:a4:ad:17:db:70:89:cd:18:25:6c:d9:83:b4:5b:
f7:8f:79:c3:b1:ef:b1:e8:4f:3d:a6:82:cb:d5:22:
34:43:cb:11:f4:7e:b4:9f:8a:b8:c5:e5:c6:bd:11:
63:a0:42:ad:3a:8f:94:03:49:2d:1b:a7:c2:37:68:
f0:90:db:10:17:c3:68:3b:b6:ec:1a:8c:54:79:06:
50:d1:5c:51:0a:af:0b:f5:dc:d5:ca:0e:59:0e:51:
01:4d:cd:19:2c:3e:fd:cd:03:e1:2b:0e:3a:99:f6:
d9:46:86:89:ff:44:2a:1a:a7:a8:04:35:c8:91:8c:
e6:55:9a:01:a2:0f:82:e6:d6:16:28:f5:24:79:06:
34:84:ae:0a:f6:1c:c4:55:ca:92:a6:59:3c:e2:b7:
d6:2d:cb:a4:8e:51:19:bd:b9:68:8b:54:8e:f9:79:
9a:22:4b:90:27:d4:5f:b4:c6:a9:70:9d:d2:82:1e:
fa:3e:b0:c0:3b:b6:56:e7:5f:ad:ed:05:2f:d3:70:
07:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1D:1F:BE:85:B5:AE:E0:24:43:FE:40:F5:45:C7:51:2E:32:61:EC
X509v3 Authority Key Identifier:
keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/Lx0fvoW1ruAkQ_5A9UXHUS4yYew.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.34.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:08:1c:1a:db:c3:fd:05:61:3b:6f:db:60:e8:8a:48:68:06:
46:34:12:0d:07:9a:70:0b:5e:fb:9f:ef:93:19:f7:dd:1d:11:
a4:f2:7d:e1:35:cb:d8:36:21:30:db:8f:75:7a:08:6c:2e:bb:
62:4e:f2:a1:21:63:90:03:1b:59:bd:7d:02:bc:37:54:61:51:
73:f3:18:d4:b0:f6:ff:87:d1:17:2f:de:26:a0:1d:e5:8c:ef:
9b:e4:14:24:b0:6b:97:cd:6c:bb:b5:60:2a:65:56:d5:c5:19:
3b:6a:fa:d3:38:31:78:5c:4f:72:d8:61:9d:98:cd:99:72:d0:
4f:66:e5:bc:0b:52:cb:31:01:cf:8e:f5:7f:38:d7:3d:98:bb:
8d:2a:94:ef:84:41:cd:26:d4:eb:9f:81:c5:89:89:46:52:a2:
cd:20:43:1d:c3:a7:f7:46:55:2f:8a:8f:62:fe:1c:2f:17:33:
a7:21:81:24:e7:57:8f:2f:06:2f:b5:90:5e:15:3c:e5:82:2e:
7e:1a:d4:f6:d5:51:46:d9:7d:73:6c:3d:e7:99:ef:29:9f:a8:
1a:48:f4:0e:fc:ea:b3:0e:3e:0d:f5:3c:e7:f0:62:6b:b6:d4:
9d:f6:fc:43:95:ce:7c:ec:84:85:13:a2:a1:47:1b:53:e9:e0:
ca:56:96:ba
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yNTAyMTAx
NDE2NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJGMUQxRkJFODVCNUFF
RTAyNDQzRkU0MEY1NDVDNzUxMkUzMjYxRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZRCiNlf4OZUQTtnnUQzCTDt2vhE5wMrNSk04CCFPlOb4d2cjO
bFJHgRJkBLtXkhxVo5FCRskACn+yNXukrRfbcInNGCVs2YO0W/ePecOx77HoTz2m
gsvVIjRDyxH0frSfirjF5ca9EWOgQq06j5QDSS0bp8I3aPCQ2xAXw2g7tuwajFR5
BlDRXFEKrwv13NXKDlkOUQFNzRksPv3NA+ErDjqZ9tlGhon/RCoap6gENciRjOZV
mgGiD4Lm1hYo9SR5BjSErgr2HMRVypKmWTzit9Yty6SOURm9uWiLVI75eZoiS5An
1F+0xqlwndKCHvo+sMA7tlbnX63tBS/TcAeBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQULx0fvoW1ruAkQ/5A9UXHUS4yYewwHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL0x4MGZ2b1cxcnVBa1FfNUE5VVhIVVM0
eVlldy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnkCIwDQYJ
KoZIhvcNAQELBQADggEBANcIHBrbw/0FYTtv22DoikhoBkY0Eg0HmnALXvuf75MZ
990dEaTyfeE1y9g2ITDbj3V6CGwuu2JO8qEhY5ADG1m9fQK8N1RhUXPzGNSw9v+H
0Rcv3iagHeWM75vkFCSwa5fNbLu1YCplVtXFGTtq+tM4MXhcT3LYYZ2YzZly0E9m
5bwLUssxAc+O9X841z2Yu40qlO+EQc0m1OufgcWJiUZSos0gQx3Dp/dGVS+Kj2L+
HC8XM6chgSTnV48vBi+1kF4VPOWCLn4a1PbVUUbZfXNsPeeZ7ymfqBpI9A786rMO
Pg31POfwYmu21J32/EOVznzshIUToqFHG1Pp4MpWlro=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:48:56 2025 by rpki-client