Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/RNYOTQvaOSF8KdbaIu--gvvYio0.roa
File: RNYOTQvaOSF8KdbaIu--gvvYio0.roa (raw, json)
Hash identifier: XqURJPT1BMfsqHRq8RRqORm6vuK0J5+UXP/pxOEr1yY=
Subject key identifier: 44:D6:0E:4D:0B:DA:39:21:7C:29:D6:DA:22:EF:BE:82:FB:D8:8A:8D
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 0C1C
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/RNYOTQvaOSF8KdbaIu--gvvYio0.roa
Signing time: Mon 26 Aug 2024 05:21:26 +0000
ROA not before: Mon 26 Aug 2024 05:21:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 202.123.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3100 (0xc1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Aug 26 05:21:26 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=44D60E4D0BDA39217C29D6DA22EFBE82FBD88A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cb:ea:e2:99:fb:fb:52:90:22:b3:29:ea:8c:
bf:92:fb:56:d5:4a:bd:cb:ca:9e:d8:a0:92:a8:d6:
cd:1f:64:cc:15:39:33:61:2f:a4:76:bd:b4:bf:8f:
81:97:a1:d4:dc:37:9d:bf:78:cc:25:dc:7f:14:ef:
94:9a:a3:6d:aa:1a:83:a1:3d:cb:85:7c:3d:f4:59:
f9:6b:52:08:6a:df:87:d0:22:9b:29:28:e8:e7:30:
d9:d4:a7:f0:40:d4:04:2d:64:e5:0e:07:41:d1:78:
8c:ca:2a:30:7e:3a:a8:d4:32:fb:65:86:95:63:99:
17:8d:c3:08:fc:14:d0:fe:39:ba:53:95:08:03:94:
3f:9d:84:76:af:7f:95:49:b3:d4:02:84:d3:8c:99:
f3:ec:97:98:11:bf:6a:3b:9e:cb:ee:44:4f:f4:cb:
66:44:85:1c:1b:5d:4e:9c:f2:82:d2:da:e3:14:ac:
0b:50:3c:d0:b1:66:04:7d:55:9e:a9:af:9f:83:46:
cd:3a:eb:b6:48:e5:8b:6d:53:39:52:50:e8:8d:5a:
4a:e9:c7:dd:9f:25:4c:63:62:21:90:ec:8f:32:ca:
f8:54:d0:f4:2c:b7:35:bb:ef:fb:83:d0:94:de:0d:
fe:0f:79:96:2d:22:24:19:0f:2b:56:79:dc:8e:07:
07:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D6:0E:4D:0B:DA:39:21:7C:29:D6:DA:22:EF:BE:82:FB:D8:8A:8D
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/RNYOTQvaOSF8KdbaIu--gvvYio0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.123.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:46:40:45:60:4a:d8:62:39:c9:d1:75:3d:46:f3:6c:9d:11:
e0:9b:d1:73:63:f2:eb:75:6e:79:1d:d6:31:86:36:0c:f3:04:
f7:bb:61:26:06:15:16:8d:30:1b:3d:8b:ef:54:1c:68:72:d3:
59:6d:51:8a:e2:d1:44:e4:24:50:80:ed:10:a6:e4:cc:04:cd:
4f:4a:61:53:43:d0:1e:de:38:52:8c:84:5d:1a:bd:83:d3:ec:
bb:74:4d:9e:b2:c9:88:eb:cc:16:f2:4b:6f:07:1e:f2:42:4f:
db:82:0f:14:70:25:b9:66:aa:72:1d:63:d5:fb:2b:34:80:77:
e5:d8:02:ce:3b:9c:1c:db:5c:06:49:e0:71:ea:53:2b:ae:74:
24:4c:83:16:3f:ba:0c:b9:d6:ff:a4:c4:3c:68:08:f2:78:ed:
01:a0:fa:89:57:74:40:31:00:2b:9b:c4:a2:72:0c:7c:80:3e:
ea:12:c0:97:44:67:8b:cd:f4:f2:e5:a9:d5:da:ca:be:24:d5:
1f:49:0d:c5:03:3a:20:56:9c:f1:d8:1a:fc:51:bb:f6:cd:ab:
29:cc:6c:55:d7:bc:03:f2:55:2b:be:e5:f9:ab:29:9e:c0:fa:
dd:57:77:d4:72:5f:2b:82:6e:05:a9:5b:1f:99:da:08:1f:91:
ee:b9:3c:1e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yNDA4MjYw
NTIxMjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ0RDYwRTREMEJEQTM5
MjE3QzI5RDZEQTIyRUZCRTgyRkJEODhBOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJy+rimfv7UpAisynqjL+S+1bVSr3Lyp7YoJKo1s0fZMwVOTNh
L6R2vbS/j4GXodTcN52/eMwl3H8U75Sao22qGoOhPcuFfD30WflrUghq34fQIpsp
KOjnMNnUp/BA1AQtZOUOB0HReIzKKjB+OqjUMvtlhpVjmReNwwj8FND+ObpTlQgD
lD+dhHavf5VJs9QChNOMmfPsl5gRv2o7nsvuRE/0y2ZEhRwbXU6c8oLS2uMUrAtQ
PNCxZgR9VZ6pr5+DRs0667ZI5YttUzlSUOiNWkrpx92fJUxjYiGQ7I8yyvhU0PQs
tzW77/uD0JTeDf4PeZYtIiQZDytWedyOBwd5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQURNYOTQvaOSF8KdbaIu++gvvYio0wHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9STllPVFF2YU9TRjhLZGJhSXUt
LWd2dllpbzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCynt8
MA0GCSqGSIb3DQEBCwUAA4IBAQB7RkBFYErYYjnJ0XU9RvNsnRHgm9FzY/LrdW55
HdYxhjYM8wT3u2EmBhUWjTAbPYvvVBxoctNZbVGK4tFE5CRQgO0QpuTMBM1PSmFT
Q9Ae3jhSjIRdGr2D0+y7dE2essmI68wW8ktvBx7yQk/bgg8UcCW5ZqpyHWPV+ys0
gHfl2ALOO5wc21wGSeBx6lMrrnQkTIMWP7oMudb/pMQ8aAjyeO0BoPqJV3RAMQAr
m8Sicgx8gD7qEsCXRGeLzfTy5anV2sq+JNUfSQ3FAzogVpzx2Br8Ubv2zaspzGxV
17wD8lUrvuX5qymewPrdV3fUcl8rgm4FqVsfmdoIH5HuuTwe
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:29:59 2025 by rpki-client