Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SUMATRA/3Y9sH_uzCT5IouLj_mAaf8Rj_4s.roa
File: 3Y9sH_uzCT5IouLj_mAaf8Rj_4s.roa (raw, json)
Hash identifier: 5GJRel/P/6v+5GFx+MJaze+4s/8fS90SSMyedikflYo=
Subject key identifier: DD:8F:6C:1F:FB:B3:09:3E:48:A2:E2:E3:FE:60:1A:7F:C4:63:FF:8B
Certificate issuer: /CN=B2839BF7A6C6B17E7CFCB3734A36C0E98C37A1B7
Certificate serial: 0643
Authority key identifier: B2:83:9B:F7:A6:C6:B1:7E:7C:FC:B3:73:4A:36:C0:E9:8C:37:A1:B7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/soOb96bGsX58_LNzSjbA6Yw3obc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SUMATRA/3Y9sH_uzCT5IouLj_mAaf8Rj_4s.roa
Signing time: Mon 26 Aug 2024 05:26:42 +0000
ROA not before: Mon 26 Aug 2024 05:26:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 103.152.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:09:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1603 (0x643)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B2839BF7A6C6B17E7CFCB3734A36C0E98C37A1B7
Validity
Not Before: Aug 26 05:26:42 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DD8F6C1FFBB3093E48A2E2E3FE601A7FC463FF8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:3d:79:d3:b2:2c:67:dd:db:d5:3a:08:f8:
e6:ac:c8:24:07:ce:5a:52:d3:d2:ed:95:83:81:a6:
e2:fb:c3:be:ca:8a:b7:21:ce:1c:ab:0e:8c:76:ec:
e9:c0:44:20:0e:0e:c8:45:f3:e3:4b:95:fd:3f:24:
1d:ed:eb:77:54:22:9b:67:80:a4:aa:31:ae:b5:46:
da:29:0e:01:19:95:be:e2:f6:8e:02:60:dc:81:d7:
40:9f:c9:1d:28:aa:21:7f:93:26:c6:5a:46:eb:5a:
38:7f:7e:f9:8a:5b:54:e5:40:37:ee:93:9c:76:f5:
6d:76:37:05:4b:64:36:34:3c:90:9f:df:f9:74:d2:
16:18:11:ae:be:5c:5b:1e:80:35:32:f6:5c:92:76:
8d:8c:35:f7:24:c0:4a:81:72:62:48:d3:da:14:ea:
91:67:58:b0:bb:14:2e:50:62:4d:1a:bd:32:19:a6:
35:14:f6:02:a3:78:6f:80:e8:91:bf:a4:59:8a:87:
6f:40:94:48:3d:ac:81:67:03:ae:f7:e2:bf:9c:a6:
da:bd:39:57:10:94:55:e0:69:90:4e:bf:d1:be:58:
ba:bc:2a:e6:cf:64:b4:15:7f:19:23:0c:4e:a8:9f:
c9:66:68:dd:09:cd:ac:4f:ae:b6:21:8d:5b:74:6e:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8F:6C:1F:FB:B3:09:3E:48:A2:E2:E3:FE:60:1A:7F:C4:63:FF:8B
X509v3 Authority Key Identifier:
keyid:B2:83:9B:F7:A6:C6:B1:7E:7C:FC:B3:73:4A:36:C0:E9:8C:37:A1:B7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SUMATRA/soOb96bGsX58_LNzSjbA6Yw3obc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/soOb96bGsX58_LNzSjbA6Yw3obc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SUMATRA/3Y9sH_uzCT5IouLj_mAaf8Rj_4s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.151.0/24
Signature Algorithm: sha256WithRSAEncryption
63:5f:e6:51:8f:30:f8:f5:5d:fc:6d:21:fe:54:82:15:73:cc:
22:23:df:4c:92:3f:c8:1f:9a:ed:10:5d:b7:6a:47:b3:00:08:
c9:b2:cb:01:ab:a4:9a:3e:c5:c6:e5:a0:b0:f7:51:07:64:5a:
0b:9c:3e:c5:ab:11:52:b3:a3:dc:83:93:7b:59:44:30:4c:85:
c8:05:ce:98:96:86:3f:e7:3f:34:fd:39:39:58:1d:a0:30:7e:
50:69:98:dc:79:6e:9a:11:d0:df:d4:04:23:be:ab:bf:fb:c4:
c0:44:76:d8:a7:e3:0e:0d:2c:56:88:f4:fa:97:4f:a0:6f:c8:
dd:1c:3f:d9:4d:5d:2b:3d:9b:d5:15:aa:dc:a2:97:f1:a7:3e:
dd:ef:1d:a5:54:05:2e:ff:9b:dc:e2:e6:df:bd:dd:4e:34:74:
19:77:ba:a5:2a:0f:5d:b9:9a:c2:6a:9c:72:57:3f:1e:0b:9d:
bb:ec:0a:3c:01:c7:3b:cc:b0:f0:36:a4:e7:5e:57:f6:ca:55:
61:15:5c:48:e9:25:8e:33:56:3b:a0:df:88:86:da:0b:60:52:
17:72:1b:3f:03:1c:97:dd:ad:d0:eb:8a:6d:8b:40:82:93:87:
1d:78:e5:ec:6e:18:ea:d8:d7:c5:72:f2:60:f8:67:cc:5b:20:
8b:8b:76:e6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjI4
MzlCRjdBNkM2QjE3RTdDRkNCMzczNEEzNkMwRTk4QzM3QTFCNzAeFw0yNDA4MjYw
NTI2NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREOEY2QzFGRkJCMzA5
M0U0OEEyRTJFM0ZFNjAxQTdGQzQ2M0ZGOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuNj1507IsZ93b1ToI+OasyCQHzlpS09LtlYOBpuL7w77Kirch
zhyrDox27OnARCAODshF8+NLlf0/JB3t63dUIptngKSqMa61RtopDgEZlb7i9o4C
YNyB10CfyR0oqiF/kybGWkbrWjh/fvmKW1TlQDfuk5x29W12NwVLZDY0PJCf3/l0
0hYYEa6+XFsegDUy9lySdo2MNfckwEqBcmJI09oU6pFnWLC7FC5QYk0avTIZpjUU
9gKjeG+A6JG/pFmKh29AlEg9rIFnA6734r+cptq9OVcQlFXgaZBOv9G+WLq8KubP
ZLQVfxkjDE6on8lmaN0JzaxPrrYhjVt0bvjnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3Y9sH/uzCT5IouLj/mAaf8Rj/4swHwYDVR0jBBgwFoAUsoOb96bGsX58/LNz
SjbA6Yw3obcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1VNQVRS
QS9zb09iOTZiR3NYNThfTE56U2piQTZZdzNvYmMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3NvT2I5NmJHc1g1OF9MTnpTamJBNll3M29iYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NVTUFUUkEvM1k5c0hfdXpDVDVJb3VM
al9tQWFmOFJqXzRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGeYlzANBgkqhkiG9w0BAQsFAAOCAQEAY1/mUY8w+PVd/G0h/lSCFXPMIiPfTJI/
yB+a7RBdt2pHswAIybLLAaukmj7FxuWgsPdRB2RaC5w+xasRUrOj3IOTe1lEMEyF
yAXOmJaGP+c/NP05OVgdoDB+UGmY3HlumhHQ39QEI76rv/vEwER22KfjDg0sVoj0
+pdPoG/I3Rw/2U1dKz2b1RWq3KKX8ac+3e8dpVQFLv+b3OLm373dTjR0GXe6pSoP
Xbmawmqcclc/Hgudu+wKPAHHO8yw8Dak515X9spVYRVcSOkljjNWO6DfiIbaC2BS
F3IbPwMcl92t0OuKbYtAgpOHHXjl7G4Y6tjXxXLyYPhnzFsgi4t25g==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:52:09 2025 by rpki-client