Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/t6NVdi3bgTTTZXuxSWjbaWsoEiY.roa
File: t6NVdi3bgTTTZXuxSWjbaWsoEiY.roa (raw, json)
Hash identifier: M4w+khm3vylMbMWCQJ/JopimCsq3+141ujIxXOwdaDE=
Subject key identifier: B7:A3:55:76:2D:DB:81:34:D3:65:7B:B1:49:68:DB:69:6B:28:12:26
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 0C4B
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/t6NVdi3bgTTTZXuxSWjbaWsoEiY.roa
Signing time: Mon 26 Aug 2024 05:32:44 +0000
ROA not before: Mon 26 Aug 2024 05:32:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 103.229.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3147 (0xc4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Aug 26 05:32:44 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B7A355762DDB8134D3657BB14968DB696B281226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:77:27:31:6d:00:75:eb:d0:e6:a5:90:4d:45:
18:8e:ad:17:c1:19:8d:0c:90:42:64:16:fe:5e:e1:
67:d1:d2:18:ab:a4:f6:d8:7c:62:d4:a5:3a:8a:81:
6c:de:bd:54:71:21:ac:ce:e9:72:7f:89:a3:0d:31:
d7:4c:11:cf:b4:14:d8:6b:14:7c:ab:23:00:77:7f:
43:f3:33:ea:bb:da:b4:3c:2a:97:48:fa:dc:9b:0d:
3a:33:1f:cf:be:52:f2:cf:be:a4:9a:9f:fb:9c:4f:
28:0e:8f:69:7b:7a:18:f1:06:72:66:4f:d7:8a:ca:
e4:98:bd:1a:74:ba:13:2d:27:6a:d9:12:a8:c8:aa:
a1:f3:b0:b2:83:a2:a4:8d:17:ca:73:f2:08:c5:47:
8c:62:d9:9b:18:43:bf:e1:d0:24:aa:78:05:24:7f:
4f:3b:a8:c8:af:29:d3:a3:23:9a:cc:3d:ce:8b:51:
1b:33:09:ff:a8:7d:8b:90:16:1a:a5:98:27:26:f8:
a2:28:fe:2a:39:55:4a:b0:01:d3:22:e1:a5:8a:7f:
fe:61:ec:d3:b8:1f:b1:7b:00:dd:b0:e7:b7:f4:03:
e8:91:dc:69:e7:bf:00:0d:38:a5:41:2d:1f:79:28:
8b:95:36:7f:5b:6a:6c:9e:c8:1d:4f:db:db:e7:d2:
47:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A3:55:76:2D:DB:81:34:D3:65:7B:B1:49:68:DB:69:6B:28:12:26
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/t6NVdi3bgTTTZXuxSWjbaWsoEiY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.100.0/22
Signature Algorithm: sha256WithRSAEncryption
42:82:c1:29:2e:d0:e0:12:62:78:d9:a8:ee:41:37:47:c6:22:
24:f7:09:8c:68:85:2c:74:06:4a:d7:1c:cd:45:6a:18:da:f1:
72:60:98:1a:3f:cf:3a:80:ea:62:d4:3c:e5:5e:b2:74:55:3e:
58:b2:e9:25:0f:a7:8a:70:09:66:16:53:a0:79:83:40:96:7b:
8d:27:86:e5:99:51:35:d3:31:e6:41:39:b3:31:85:0c:ba:cb:
cb:24:37:e0:e4:87:20:38:73:e3:4e:d3:8e:1a:a0:e0:22:8c:
93:28:20:76:fc:a9:b4:90:f8:93:c4:d0:8d:48:2d:5f:88:23:
99:83:27:7a:3c:4f:eb:60:54:70:88:a7:10:fe:d3:d8:51:b8:
b9:68:af:eb:6a:77:47:fb:b4:60:98:65:52:8d:f8:89:40:69:
69:d8:ae:9f:e9:30:c6:15:7d:e0:6d:0e:3c:30:06:ab:25:ce:
2a:83:82:b6:be:b3:e0:f7:44:f4:ca:31:f7:0a:e6:1a:6a:a3:
23:ea:5b:e4:28:19:bf:00:72:22:28:26:03:9a:27:57:a6:25:
7d:ce:f8:2b:e0:4b:93:4b:de:28:d5:94:e8:3d:3b:06:ce:02:
e6:6b:83:b1:d6:70:4e:f7:26:59:b8:b2:62:9d:b0:c1:e6:f7:
57:1f:f4:5c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDEswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNDA4MjYw
NTMyNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI3QTM1NTc2MkREQjgx
MzREMzY1N0JCMTQ5NjhEQjY5NkIyODEyMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJdycxbQB169DmpZBNRRiOrRfBGY0MkEJkFv5e4WfR0hirpPbY
fGLUpTqKgWzevVRxIazO6XJ/iaMNMddMEc+0FNhrFHyrIwB3f0PzM+q72rQ8KpdI
+tybDTozH8++UvLPvqSan/ucTygOj2l7ehjxBnJmT9eKyuSYvRp0uhMtJ2rZEqjI
qqHzsLKDoqSNF8pz8gjFR4xi2ZsYQ7/h0CSqeAUkf087qMivKdOjI5rMPc6LURsz
Cf+ofYuQFhqlmCcm+KIo/io5VUqwAdMi4aWKf/5h7NO4H7F7AN2w57f0A+iR3Gnn
vwANOKVBLR95KIuVNn9bamyeyB1P29vn0kdBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUt6NVdi3bgTTTZXuxSWjbaWsoEiYwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL3Q2TlZkaTNiZ1RUVFpYdXhTV2piYVdz
b0VpWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn5WQwDQYJ
KoZIhvcNAQELBQADggEBAEKCwSku0OASYnjZqO5BN0fGIiT3CYxohSx0BkrXHM1F
ahja8XJgmBo/zzqA6mLUPOVesnRVPliy6SUPp4pwCWYWU6B5g0CWe40nhuWZUTXT
MeZBObMxhQy6y8skN+DkhyA4c+NO044aoOAijJMoIHb8qbSQ+JPE0I1ILV+II5mD
J3o8T+tgVHCIpxD+09hRuLlor+tqd0f7tGCYZVKN+IlAaWnYrp/pMMYVfeBtDjww
BqslziqDgra+s+D3RPTKMfcK5hpqoyPqW+QoGb8AciIoJgOaJ1emJX3O+CvgS5NL
3ijVlOg9OwbOAuZrg7HWcE73Jlm4smKdsMHm91cf9Fw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:18:10 2025 by rpki-client