Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/Y27uZ4Xbq0FexmQU2nO-1oI1eIs.roa
File: Y27uZ4Xbq0FexmQU2nO-1oI1eIs.roa (raw, json)
Hash identifier: S1pxsXLxWIq8jcCE6zwuuCIBqek/OJI8GQhreYfllEY=
Subject key identifier: 63:6E:EE:67:85:DB:AB:41:5E:C6:64:14:DA:73:BE:D6:82:35:78:8B
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 0C1B
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/Y27uZ4Xbq0FexmQU2nO-1oI1eIs.roa
Signing time: Mon 26 Aug 2024 05:21:25 +0000
ROA not before: Mon 26 Aug 2024 05:21:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 103.196.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3099 (0xc1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Aug 26 05:21:25 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=636EEE6785DBAB415EC66414DA73BED68235788B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:2e:50:a6:d8:68:0a:a9:38:b6:9e:f8:9e:
92:25:25:18:b0:07:14:3d:6e:d0:af:22:44:97:60:
04:5a:f2:0a:7d:90:3b:5c:82:78:08:11:b6:9a:ed:
47:75:4d:e3:f7:75:c6:71:b5:0f:50:f2:08:81:3c:
82:4e:9d:b6:fc:21:63:02:ee:a0:fd:55:e2:9b:99:
4d:fa:f5:36:a4:8c:40:7c:c3:47:78:d8:6b:38:f9:
74:b5:9d:23:0f:55:c8:e2:c2:f0:81:f4:9a:18:0d:
97:7c:89:53:80:39:90:79:d8:82:77:57:95:ea:38:
f2:e8:d5:f6:c5:0b:5b:f3:43:91:42:90:f1:ba:c9:
be:9a:c4:ba:2e:44:c5:6e:3e:31:bc:cf:00:eb:ca:
33:e4:1d:84:f8:bc:ea:71:09:65:c7:97:2e:46:a4:
71:cb:a1:2b:6b:21:be:59:97:7b:6e:88:d9:8b:43:
ea:0a:45:10:57:e2:12:d9:50:c2:93:4b:5a:ad:62:
03:c1:ae:7a:2e:fd:c4:0f:a9:bf:51:0c:f8:b7:7c:
bd:24:be:7a:e7:a2:70:67:d7:33:f8:8c:e3:fa:df:
1f:c5:ce:d9:03:cd:90:47:58:06:9a:fc:f9:ad:91:
08:f0:5b:c5:b6:24:c3:72:a2:d4:c0:4f:7e:61:53:
93:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6E:EE:67:85:DB:AB:41:5E:C6:64:14:DA:73:BE:D6:82:35:78:8B
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/Y27uZ4Xbq0FexmQU2nO-1oI1eIs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.196.172.0/22
Signature Algorithm: sha256WithRSAEncryption
77:e1:df:87:fe:75:d9:30:16:79:73:04:48:8a:a0:d6:65:d8:
03:55:f6:2b:6b:98:f2:2d:d4:86:61:b0:6c:44:e3:4b:25:d9:
ba:04:aa:76:a6:89:28:62:32:b6:2f:f5:cd:90:b3:51:d4:4b:
3d:4f:7b:2f:52:15:46:d4:fa:50:1b:4e:3d:ec:03:06:89:a5:
ed:5a:8f:27:da:9a:9a:4b:1d:99:ef:48:4d:94:99:0a:94:db:
ca:71:c0:cf:33:1c:1c:c1:b9:5d:01:46:3e:89:62:83:19:b8:
98:13:14:d2:41:7b:e8:88:1d:9a:9b:db:f7:84:d1:4b:d7:5b:
87:b9:b8:5d:19:b5:8b:b5:0c:06:10:f8:08:9c:19:f3:3b:21:
10:8a:a2:a0:e7:b2:04:dd:f6:a0:25:1c:6c:5a:d6:04:bc:49:
eb:e1:6d:b4:f7:aa:fe:bc:45:17:7c:44:2d:49:3c:40:dc:06:
98:60:95:26:cf:2a:4c:51:98:6a:36:43:e4:55:3d:6d:fd:1f:
f5:c5:36:22:4d:82:eb:0b:3c:9c:41:7a:d8:9b:ee:03:15:0b:
6c:84:39:17:2d:2d:11:df:50:60:a7:b5:80:82:ad:6b:13:d0:
40:f1:00:d1:9c:88:5f:ce:8a:77:b5:a5:49:fd:98:24:2c:9f:
aa:4b:fe:cb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yNDA4MjYw
NTIxMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzNkVFRTY3ODVEQkFC
NDE1RUM2NjQxNERBNzNCRUQ2ODIzNTc4OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFNC5QpthoCqk4tp74npIlJRiwBxQ9btCvIkSXYARa8gp9kDtc
gngIEbaa7Ud1TeP3dcZxtQ9Q8giBPIJOnbb8IWMC7qD9VeKbmU369TakjEB8w0d4
2Gs4+XS1nSMPVcjiwvCB9JoYDZd8iVOAOZB52IJ3V5XqOPLo1fbFC1vzQ5FCkPG6
yb6axLouRMVuPjG8zwDryjPkHYT4vOpxCWXHly5GpHHLoStrIb5Zl3tuiNmLQ+oK
RRBX4hLZUMKTS1qtYgPBrnou/cQPqb9RDPi3fL0kvnrnonBn1zP4jOP63x/FztkD
zZBHWAaa/PmtkQjwW8W2JMNyotTAT35hU5NrAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUY27uZ4Xbq0FexmQU2nO+1oI1eIswHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9ZMjd1WjRYYnEwRmV4bVFVMm5P
LTFvSTFlSXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8Ss
MA0GCSqGSIb3DQEBCwUAA4IBAQB34d+H/nXZMBZ5cwRIiqDWZdgDVfYra5jyLdSG
YbBsRONLJdm6BKp2pokoYjK2L/XNkLNR1Es9T3svUhVG1PpQG0497AMGiaXtWo8n
2pqaSx2Z70hNlJkKlNvKccDPMxwcwbldAUY+iWKDGbiYExTSQXvoiB2am9v3hNFL
11uHubhdGbWLtQwGEPgInBnzOyEQiqKg57IE3fagJRxsWtYEvEnr4W2096r+vEUX
fEQtSTxA3AaYYJUmzypMUZhqNkPkVT1t/R/1xTYiTYLrCzycQXrYm+4DFQtshDkX
LS0R31Bgp7WAgq1rE9BA8QDRnIhfzop3taVJ/ZgkLJ+qS/7L
-----END CERTIFICATE-----
Generated at Wed Apr 23 00:36:02 2025 by rpki-client