Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/xtjBFCzQHft5SUbuVaXXVmDo5hQ.roa
File: xtjBFCzQHft5SUbuVaXXVmDo5hQ.roa (raw, json)
Hash identifier: SpmOpoHZMzAjMxMWB6dgBS55vCzsXBAbG1UxDeqH6K4=
Subject key identifier: C6:D8:C1:14:2C:D0:1D:FB:79:49:46:EE:55:A5:D7:56:60:E8:E6:14
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 164C
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xtjBFCzQHft5SUbuVaXXVmDo5hQ.roa
Signing time: Mon 26 Aug 2024 05:22:01 +0000
ROA not before: Mon 26 Aug 2024 05:22:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 122.147.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5708 (0x164c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:22:01 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C6D8C1142CD01DFB794946EE55A5D75660E8E614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:37:68:0b:d8:cf:ba:8f:23:6f:a3:2e:f1:6a:
03:b5:46:56:15:2d:14:08:3c:ab:e8:d6:d2:e3:e1:
85:ff:fb:13:24:95:42:78:48:7e:41:08:5c:eb:e4:
25:9b:4b:df:49:8e:d3:8f:fb:9a:81:41:68:76:ea:
d0:cf:b2:ad:ce:61:53:72:8a:e0:b4:cc:3e:27:b3:
18:b9:91:c6:ce:b0:c5:dc:88:3b:d6:25:43:f1:dd:
24:97:3c:6a:09:33:ca:cc:85:1f:4a:4c:38:55:21:
d2:d5:4c:7c:3e:d1:37:21:cc:62:5c:5b:ad:f9:ad:
d3:ac:05:1e:a9:01:c8:8e:44:9a:b8:7a:7c:6c:fe:
2c:74:6e:15:76:79:10:d0:1d:6d:f7:23:60:25:88:
d6:84:d2:ed:4f:26:3d:09:61:2a:dc:ac:b2:d0:64:
30:05:2b:a3:b9:1e:73:27:20:c0:82:11:f9:1c:8c:
33:0d:a8:91:dd:de:f6:7c:41:8d:49:92:cd:e4:4f:
22:d7:d8:75:69:48:2b:52:99:92:ee:ca:0a:da:69:
84:36:8a:c3:b7:05:25:30:8b:b0:0b:23:55:d5:fd:
22:96:7e:44:d8:2e:1c:e0:19:fe:d3:97:0e:5d:64:
53:31:bd:47:0e:96:7c:8f:dd:21:aa:66:45:ee:20:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D8:C1:14:2C:D0:1D:FB:79:49:46:EE:55:A5:D7:56:60:E8:E6:14
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xtjBFCzQHft5SUbuVaXXVmDo5hQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
34:1e:4f:57:21:1f:cc:9e:35:75:f3:cf:20:e6:bf:b2:a0:dc:
77:0d:94:3d:f1:d6:76:6d:80:0e:86:63:a2:b0:cc:15:6b:d2:
80:2f:5d:ac:d1:d0:3d:14:e3:e0:8c:56:70:73:8c:27:c9:51:
2a:05:18:53:6a:97:63:66:ba:85:54:2b:ff:82:e1:e8:7f:3a:
e6:e9:59:60:dd:19:fd:0f:b9:79:c2:cc:fb:14:63:e0:3d:d4:
1a:4f:e3:a8:ed:2c:36:d4:04:07:59:f4:c2:e6:33:00:e5:3f:
0f:e2:f8:f8:5b:74:3b:ae:13:ac:e6:db:f4:eb:63:5b:0c:28:
23:38:65:40:2c:2d:ea:ea:45:08:7b:2f:33:71:83:f7:bd:dc:
41:5e:d8:8e:c3:c5:4e:8c:b0:73:fd:2d:83:00:e3:64:78:7c:
be:ac:f4:ea:31:76:7d:f2:66:97:60:e1:ff:02:66:0a:26:bb:
cb:71:bb:a7:c9:67:73:77:b2:6b:f9:bb:42:02:21:7f:0f:b6:
39:44:8c:f2:6c:88:93:63:1e:37:0c:1e:3b:19:5d:56:4f:2e:
02:2c:07:1d:c9:f7:d1:96:b8:e6:59:10:05:0b:bd:f5:cc:f4:
6a:1e:12:6f:22:41:52:b4:07:db:ab:6d:e2:e7:5d:d8:3a:91:
ec:78:d2:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIyMDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM2RDhDMTE0MkNEMDFE
RkI3OTQ5NDZFRTU1QTVENzU2NjBFOEU2MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVN2gL2M+6jyNvoy7xagO1RlYVLRQIPKvo1tLj4YX/+xMklUJ4
SH5BCFzr5CWbS99JjtOP+5qBQWh26tDPsq3OYVNyiuC0zD4nsxi5kcbOsMXciDvW
JUPx3SSXPGoJM8rMhR9KTDhVIdLVTHw+0TchzGJcW635rdOsBR6pAciORJq4enxs
/ix0bhV2eRDQHW33I2AliNaE0u1PJj0JYSrcrLLQZDAFK6O5HnMnIMCCEfkcjDMN
qJHd3vZ8QY1Jks3kTyLX2HVpSCtSmZLuygraaYQ2isO3BSUwi7ALI1XV/SKWfkTY
LhzgGf7Tlw5dZFMxvUcOlnyP3SGqZkXuIFgnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxtjBFCzQHft5SUbuVaXXVmDo5hQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveHRqQkZDelFIZnQ1U1VidVZhWFhW
bURvNWhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTEDAN
BgkqhkiG9w0BAQsFAAOCAQEANB5PVyEfzJ41dfPPIOa/sqDcdw2UPfHWdm2ADoZj
orDMFWvSgC9drNHQPRTj4IxWcHOMJ8lRKgUYU2qXY2a6hVQr/4Lh6H865ulZYN0Z
/Q+5ecLM+xRj4D3UGk/jqO0sNtQEB1n0wuYzAOU/D+L4+Ft0O64TrObb9OtjWwwo
IzhlQCwt6upFCHsvM3GD973cQV7YjsPFToywc/0tgwDjZHh8vqz06jF2ffJml2Dh
/wJmCia7y3G7p8lnc3eya/m7QgIhfw+2OUSM8myIk2MeNwweOxldVk8uAiwHHcn3
0Za45lkQBQu99cz0ah4SbyJBUrQH26tt4udd2DqR7HjSKg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:25:26 2025 by rpki-client