Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/-DfPZoSf9iG6CH-WIe9lBz48SNA.roa
File: -DfPZoSf9iG6CH-WIe9lBz48SNA.roa (raw, json)
Hash identifier: mIIFaqSx2gEqw0eHi1CVxnaBJwypk2GLQVpFXi7jbbE=
Subject key identifier: F8:37:CF:66:84:9F:F6:21:BA:08:7F:96:21:EF:65:07:3E:3C:48:D0
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0EE8
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/-DfPZoSf9iG6CH-WIe9lBz48SNA.roa
Signing time: Mon 26 Aug 2024 05:22:40 +0000
ROA not before: Mon 26 Aug 2024 05:22:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.16.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3816 (0xee8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Aug 26 05:22:40 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F837CF66849FF621BA087F9621EF65073E3C48D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:0e:b2:ee:30:78:5f:fe:8e:b3:68:5c:0b:
98:5f:ed:b1:c7:8b:9a:cd:2f:ff:84:94:f8:f4:b4:
43:33:06:c2:6f:49:9b:ad:31:07:fc:b2:02:39:ec:
3c:8e:14:ed:18:7b:f2:9e:e5:2e:98:01:df:25:94:
4d:27:1a:79:58:f5:18:ee:b8:26:84:e4:a5:f5:83:
c5:83:64:cd:21:15:e8:5c:6b:e9:8a:91:eb:3a:85:
20:8c:25:89:4a:15:0f:22:0c:8b:44:68:aa:37:03:
bf:97:73:a5:79:4a:fb:80:82:ed:d8:3f:4e:4e:0e:
ac:aa:62:c6:c5:06:af:10:a8:8e:7c:33:d7:a8:df:
4e:dc:6d:19:6a:79:d7:4a:8a:51:2a:02:b3:9f:27:
cc:72:fa:c9:1f:bc:8f:38:56:af:51:e3:43:14:00:
af:e0:15:bf:95:06:2e:64:71:3a:f7:75:ec:c3:8f:
c7:1b:df:f0:10:a9:05:23:e2:8c:fd:5a:01:0b:d0:
7d:37:26:e0:fb:03:af:42:67:24:be:b5:54:59:12:
09:18:5c:e8:a4:e5:50:95:f3:ed:25:24:67:20:e3:
e1:4c:78:0c:b0:9f:e2:ca:90:31:db:9b:ef:17:88:
06:ca:d0:f0:26:b5:b7:5c:01:31:bf:bb:66:8f:54:
73:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:37:CF:66:84:9F:F6:21:BA:08:7F:96:21:EF:65:07:3E:3C:48:D0
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/-DfPZoSf9iG6CH-WIe9lBz48SNA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.16.0/20
Signature Algorithm: sha256WithRSAEncryption
81:b9:dc:43:2b:46:e8:7f:92:53:af:4c:02:1f:48:b9:63:72:
8d:32:8a:7f:e8:c8:4f:98:31:70:aa:ec:5c:09:da:53:59:bb:
5d:5c:b8:e8:b1:f5:e6:6b:3b:e1:fd:19:32:a7:9b:df:6f:fb:
ff:b6:8f:21:67:02:b4:86:8d:ee:a7:28:d4:e1:63:c5:c8:0e:
77:68:82:ba:0d:4c:39:ad:70:92:24:4c:fe:51:31:ea:0b:ac:
4f:a4:cd:00:c8:b9:12:86:b9:34:d0:71:8d:45:24:43:70:9a:
e7:e5:29:d3:d0:9f:8b:5c:24:a6:64:f1:21:ce:71:0a:af:4d:
55:27:da:10:51:ed:74:73:ce:72:56:17:da:bf:2c:1c:c1:e2:
6e:76:14:cb:ef:fa:48:ee:c2:f2:6e:fe:86:54:aa:ba:20:7b:
14:3b:67:65:01:c6:f2:91:49:0e:4b:0b:27:9b:de:13:0c:ba:
af:32:42:36:3f:f1:dd:c1:25:17:c8:53:f9:42:43:cb:5c:a5:
18:22:fa:ff:d3:3a:53:23:d9:a7:b2:ec:90:cf:7f:64:33:78:
44:73:40:03:2d:9f:2b:5c:07:19:0b:95:47:16:31:83:ad:c3:
ba:d7:1b:9e:ff:81:c5:6c:fe:20:0d:40:9c:b5:90:32:99:69:
5a:03:96:b2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNDA4MjYw
NTIyNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY4MzdDRjY2ODQ5RkY2
MjFCQTA4N0Y5NjIxRUY2NTA3M0UzQzQ4RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+bA6y7jB4X/6Os2hcC5hf7bHHi5rNL/+ElPj0tEMzBsJvSZut
MQf8sgI57DyOFO0Ye/Ke5S6YAd8llE0nGnlY9RjuuCaE5KX1g8WDZM0hFehca+mK
kes6hSCMJYlKFQ8iDItEaKo3A7+Xc6V5SvuAgu3YP05ODqyqYsbFBq8QqI58M9eo
307cbRlqeddKilEqArOfJ8xy+skfvI84Vq9R40MUAK/gFb+VBi5kcTr3dezDj8cb
3/AQqQUj4oz9WgEL0H03JuD7A69CZyS+tVRZEgkYXOik5VCV8+0lJGcg4+FMeAyw
n+LKkDHbm+8XiAbK0PAmtbdcATG/u2aPVHO3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+DfPZoSf9iG6CH+WIe9lBz48SNAwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvLURmUFpvU2Y5aUc2Q0gtV0llOWxC
ejQ4U05BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN
BgkqhkiG9w0BAQsFAAOCAQEAgbncQytG6H+SU69MAh9IuWNyjTKKf+jIT5gxcKrs
XAnaU1m7XVy46LH15ms74f0ZMqeb32/7/7aPIWcCtIaN7qco1OFjxcgOd2iCug1M
Oa1wkiRM/lEx6gusT6TNAMi5Eoa5NNBxjUUkQ3Ca5+Up09Cfi1wkpmTxIc5xCq9N
VSfaEFHtdHPOclYX2r8sHMHibnYUy+/6SO7C8m7+hlSquiB7FDtnZQHG8pFJDksL
J5veEwy6rzJCNj/x3cElF8hT+UJDy1ylGCL6/9M6UyPZp7LskM9/ZDN4RHNAAy2f
K1wHGQuVRxYxg63Dutcbnv+BxWz+IA1AnLWQMplpWgOWsg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:18:35 2025 by rpki-client