Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa
File: hDqkOqa4TVKrztQoRNbpXMLHnG0.roa (raw, json)
Hash identifier: TjtnmUPk/k3zocrq3d1QHYjPhetL+r3i6aNf1v+xj+Y=
Subject key identifier: 84:3A:A4:3A:A6:B8:4D:52:AB:CE:D4:28:44:D6:E9:5C:C2:C7:9C:6D
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0CCF
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa
Signing time: Mon 26 Aug 2024 05:27:34 +0000
ROA not before: Mon 26 Aug 2024 05:27:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 123.240.0.0/15 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3279 (0xccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Aug 26 05:27:34 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=843AA43AA6B84D52ABCED42844D6E95CC2C79C6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:a0:4a:70:37:78:c1:de:a0:46:50:be:03:
9c:21:2f:74:4d:67:bc:e7:96:ac:07:96:7d:38:f1:
8e:45:90:cd:8c:89:9a:28:89:1b:1c:92:02:16:2c:
66:1d:d9:fe:c2:d4:6c:8f:9c:e3:db:9f:f4:18:a5:
b7:1f:88:3e:47:59:56:4f:a9:dd:d6:45:4c:1d:aa:
28:cf:a1:fa:25:c5:bf:e8:e2:0e:41:29:df:c7:8c:
05:c7:23:02:a1:af:70:46:75:bd:8f:71:84:b7:88:
04:d4:c3:10:c7:8d:1d:a0:e4:7b:8b:58:5d:49:5e:
17:34:1c:47:1e:e5:26:58:af:6e:e3:52:0a:a9:7c:
17:87:5d:be:90:fa:fc:8c:29:60:f6:4b:0b:92:07:
1f:45:2e:c0:d5:ef:93:e4:c8:45:4c:a8:6e:f8:cb:
76:af:6a:e2:76:3f:d6:e9:01:45:b6:12:e3:8c:35:
fc:c1:28:4a:56:75:ab:36:e4:f4:23:f2:e9:e7:93:
05:46:3b:23:4b:da:1c:30:66:3c:36:e9:7d:bb:2b:
8c:51:cf:48:c9:12:13:ce:60:e8:32:46:ba:d6:cd:
ce:c0:66:67:5c:b4:b6:8a:66:92:a5:67:45:43:b6:
4c:86:32:5d:70:ff:ad:f4:79:10:b7:db:97:6d:1f:
30:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3A:A4:3A:A6:B8:4D:52:AB:CE:D4:28:44:D6:E9:5C:C2:C7:9C:6D
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/hDqkOqa4TVKrztQoRNbpXMLHnG0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.240.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:fb:7c:a9:8d:f4:1e:e1:e1:81:ec:8a:ec:2f:00:64:18:eb:
24:5b:6a:fe:18:90:bc:60:48:ae:e9:34:38:24:1c:d3:57:b9:
6e:22:23:35:6b:33:0a:f5:c0:2c:8e:6d:e0:d7:a7:69:69:97:
7f:cf:db:b0:5e:be:7b:93:37:dd:a6:6f:66:03:f7:e8:e1:1d:
67:fd:8e:bd:ad:65:09:ab:a2:3e:1d:d1:53:90:e6:b5:6b:7e:
d9:5f:83:17:85:60:8b:45:a0:ab:c7:1e:4f:4a:89:01:88:ca:
e6:04:b0:51:e2:02:54:de:f3:b0:39:dd:3d:c3:98:4c:95:68:
42:9d:69:00:d0:42:6c:e3:f0:f9:b0:f7:a3:5c:a6:99:cc:0c:
be:76:f4:19:78:26:a6:38:02:7f:53:99:88:df:58:de:73:69:
c4:db:9f:c3:65:fb:96:da:70:d2:d2:7e:e6:01:5c:94:58:b6:
f5:bc:0b:32:b9:ac:2f:64:37:d3:78:50:a3:ab:f4:63:86:72:
d7:bd:00:1b:53:a5:95:f9:6a:ae:e8:4d:48:db:74:35:e8:6e:
26:18:b3:10:47:32:80:45:11:a8:42:ad:ea:49:b4:10:a8:5b:
55:0e:48:eb:4e:83:bd:24:97:ff:09:88:06:90:45:1c:fb:08:
b2:60:e9:53
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNDA4MjYw
NTI3MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0M0FBNDNBQTZCODRE
NTJBQkNFRDQyODQ0RDZFOTVDQzJDNzlDNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7HqBKcDd4wd6gRlC+A5whL3RNZ7znlqwHln048Y5FkM2MiZoo
iRsckgIWLGYd2f7C1GyPnOPbn/QYpbcfiD5HWVZPqd3WRUwdqijPofolxb/o4g5B
Kd/HjAXHIwKhr3BGdb2PcYS3iATUwxDHjR2g5HuLWF1JXhc0HEce5SZYr27jUgqp
fBeHXb6Q+vyMKWD2SwuSBx9FLsDV75PkyEVMqG74y3avauJ2P9bpAUW2EuOMNfzB
KEpWdas25PQj8unnkwVGOyNL2hwwZjw26X27K4xRz0jJEhPOYOgyRrrWzc7AZmdc
tLaKZpKlZ0VDtkyGMl1w/630eRC325dtHzD5AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUhDqkOqa4TVKrztQoRNbpXMLHnG0wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9oRHFrT3FhNFRWS3J6dFFvUk5i
cFhNTEhuRzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBe/Aw
DQYJKoZIhvcNAQELBQADggEBACf7fKmN9B7h4YHsiuwvAGQY6yRbav4YkLxgSK7p
NDgkHNNXuW4iIzVrMwr1wCyObeDXp2lpl3/P27BevnuTN92mb2YD9+jhHWf9jr2t
ZQmroj4d0VOQ5rVrftlfgxeFYItFoKvHHk9KiQGIyuYEsFHiAlTe87A53T3DmEyV
aEKdaQDQQmzj8Pmw96NcppnMDL529Bl4JqY4An9TmYjfWN5zacTbn8Nl+5bacNLS
fuYBXJRYtvW8CzK5rC9kN9N4UKOr9GOGcte9ABtTpZX5aq7oTUjbdDXobiYYsxBH
MoBFEahCrepJtBCoW1UOSOtOg70kl/8JiAaQRRz7CLJg6VM=
-----END CERTIFICATE-----
Generated at Fri Apr 18 22:33:43 2025 by rpki-client