Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/PeWxtOazb_yhcBHaWpxfOYpG-2E.roa
File: PeWxtOazb_yhcBHaWpxfOYpG-2E.roa (raw, json)
Hash identifier: hLDRmdxLCp2fyr69lT/rQNVDzTzdLno9iEceqwfD/cw=
Subject key identifier: 3D:E5:B1:B4:E6:B3:6F:FC:A1:70:11:DA:5A:9C:5F:39:8A:46:FB:61
Certificate issuer: /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial: 09F8
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/PeWxtOazb_yhcBHaWpxfOYpG-2E.roa
Signing time: Mon 10 Feb 2025 14:16:41 +0000
ROA not before: Mon 10 Feb 2025 14:16:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131666
IP address blocks: 2405:6440::/32 maxlen: 38
Validation: Failed, certificate revoked on Fri 14 Mar 2025 06:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2552 (0x9f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
Validity
Not Before: Feb 10 14:16:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3DE5B1B4E6B36FFCA17011DA5A9C5F398A46FB61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e6:48:e4:94:89:80:a4:96:00:b1:58:1e:84:
43:4b:78:81:e4:c2:e4:2d:ee:86:f3:07:0d:51:bd:
5c:ef:6e:a9:af:c9:ef:46:5c:fd:d5:e0:3d:51:8f:
4a:64:10:f8:4a:0f:4b:36:59:5c:4f:0d:92:c1:22:
aa:fe:a7:46:ad:3c:53:3d:9d:5b:96:9a:f8:35:b0:
dd:b1:74:32:f1:a3:a1:52:eb:d7:e0:8b:47:24:8f:
c6:ef:d0:e3:16:e4:6a:c3:5b:2d:f9:fb:56:f0:e1:
3e:97:15:9d:fd:4a:05:ab:62:35:65:91:c3:ea:24:
cd:74:40:1a:4a:e2:ca:38:49:9d:43:f0:37:fc:db:
86:46:69:91:58:d0:67:6b:58:6c:04:43:5b:f8:93:
33:62:70:28:19:bd:0f:97:31:4c:cb:53:5e:29:05:
9b:d7:42:7a:2c:e4:6d:3d:f3:c3:1c:a4:dd:96:0e:
3f:f7:cf:44:e8:ab:5c:0d:27:b7:11:86:fd:ea:60:
b8:02:d5:ee:69:b9:d9:7d:48:82:54:91:f2:79:33:
56:17:de:16:bd:d5:ba:e5:44:88:ee:92:d9:3e:67:
d2:23:71:29:81:de:1b:d7:28:d9:91:f8:49:98:8b:
97:32:d7:c5:d9:21:87:28:74:c2:b2:5f:4f:41:6c:
a2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E5:B1:B4:E6:B3:6F:FC:A1:70:11:DA:5A:9C:5F:39:8A:46:FB:61
X509v3 Authority Key Identifier:
keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/PeWxtOazb_yhcBHaWpxfOYpG-2E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:6440::/32
Signature Algorithm: sha256WithRSAEncryption
d1:69:76:ef:ba:59:74:5d:42:45:10:36:58:82:7a:05:a2:b4:
3f:6c:46:e6:7d:00:07:47:23:06:3f:a4:41:39:73:a3:b8:3a:
d6:fe:a2:d5:4d:b2:f7:9a:e5:c4:5c:98:17:a5:ae:92:b6:cd:
96:4b:56:c7:c4:f1:e2:c3:95:7e:85:06:3d:98:57:00:9c:70:
8c:7d:7d:c0:ca:be:38:d5:fa:58:b7:30:a4:8c:32:ee:b2:3c:
f5:d8:af:eb:b8:d9:7e:34:b6:6d:ab:7d:24:e0:c7:d1:44:67:
95:53:23:0a:5d:76:be:df:51:a8:d8:4a:44:79:8b:cf:c7:b7:
fe:d7:45:78:89:fa:f5:63:3a:a3:b1:6b:65:9f:e0:e6:b9:e4:
a7:51:1b:47:18:d4:b7:51:d7:47:9c:25:2a:d3:98:a9:63:34:
23:76:2b:48:d6:85:8c:45:cb:8e:23:86:5a:d9:f1:8e:69:e5:
4c:67:7a:9b:36:a5:ab:f1:6a:37:02:1f:35:dd:37:bb:7f:be:
7b:0e:15:30:0d:c8:2a:6f:53:a8:74:4d:f6:d8:53:15:45:1b:
23:7d:35:51:91:1b:29:f6:ae:05:e9:29:ff:e7:2e:69:bc:43:
93:26:00:43:7d:2d:8e:37:f1:6e:60:d8:15:63:ba:b5:e6:75:
7f:13:36:85
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yNTAyMTAx
NDE2NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNERTVCMUI0RTZCMzZG
RkNBMTcwMTFEQTVBOUM1RjM5OEE0NkZCNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa5kjklImApJYAsVgehENLeIHkwuQt7obzBw1RvVzvbqmvye9G
XP3V4D1Rj0pkEPhKD0s2WVxPDZLBIqr+p0atPFM9nVuWmvg1sN2xdDLxo6FS69fg
i0ckj8bv0OMW5GrDWy35+1bw4T6XFZ39SgWrYjVlkcPqJM10QBpK4so4SZ1D8Df8
24ZGaZFY0GdrWGwEQ1v4kzNicCgZvQ+XMUzLU14pBZvXQnos5G0988McpN2WDj/3
z0Toq1wNJ7cRhv3qYLgC1e5pudl9SIJUkfJ5M1YX3ha91brlRIjuktk+Z9IjcSmB
3hvXKNmR+EmYi5cy18XZIYcodMKyX09BbKKhAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUPeWxtOazb/yhcBHaWpxfOYpG+2EwHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL1BlV3h0T2F6Yl95aGNCSGFXcHhmT1lw
Ry0yRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBWRAMA0G
CSqGSIb3DQEBCwUAA4IBAQDRaXbvull0XUJFEDZYgnoForQ/bEbmfQAHRyMGP6RB
OXOjuDrW/qLVTbL3muXEXJgXpa6Sts2WS1bHxPHiw5V+hQY9mFcAnHCMfX3Ayr44
1fpYtzCkjDLusjz12K/ruNl+NLZtq30k4MfRRGeVUyMKXXa+31Go2EpEeYvPx7f+
10V4ifr1YzqjsWtln+DmueSnURtHGNS3UddHnCUq05ipYzQjditI1oWMRcuOI4Za
2fGOaeVMZ3qbNqWr8Wo3Ah813Te7f757DhUwDcgqb1OodE322FMVRRsjfTVRkRsp
9q4F6Sn/5y5pvEOTJgBDfS2ON/FuYNgVY7q15nV/EzaF
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:51:47 2025 by rpki-client