Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/wI3hM5_-ONnWKIwHe5bXy7CqJBE.roa
File: wI3hM5_-ONnWKIwHe5bXy7CqJBE.roa (raw, json)
Hash identifier: iF9bsYj2e/QwIR+Bf/CahNi90BKu64NND8qBXgsKV3g=
Subject key identifier: C0:8D:E1:33:9F:FE:38:D9:D6:28:8C:07:7B:96:D7:CB:B0:AA:24:11
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0DAF
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/wI3hM5_-ONnWKIwHe5bXy7CqJBE.roa
Signing time: Mon 26 Aug 2024 05:10:20 +0000
ROA not before: Mon 26 Aug 2024 05:10:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 27.147.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3503 (0xdaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Aug 26 05:10:20 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C08DE1339FFE38D9D6288C077B96D7CBB0AA2411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:85:96:b8:1e:f5:58:2b:38:50:c1:45:9c:
4f:fd:66:64:bd:25:f4:48:db:86:1c:d8:50:8a:bf:
2e:a4:65:61:5b:b5:74:6f:03:d7:e1:9f:eb:fe:f2:
94:d2:e5:e4:60:ae:cf:6d:15:3c:69:f2:83:df:05:
aa:1d:14:92:ed:26:09:46:b3:72:8f:d8:c5:0c:72:
e1:7d:11:a1:9a:e5:9b:d7:6d:37:f4:08:c0:a5:37:
99:d6:4f:3a:e5:58:3b:96:f4:8b:e9:1c:ce:82:7c:
30:55:02:3f:ac:52:b4:a1:30:16:2d:fa:61:30:89:
c2:22:75:70:d4:82:32:65:0b:44:b3:63:19:9a:9e:
e6:52:f1:c5:28:46:2a:6d:28:8e:bd:87:cb:32:c0:
11:bb:32:42:52:6e:e5:4a:c2:80:01:bd:47:62:29:
e5:f8:64:21:d5:6a:8d:fc:1b:44:b9:9a:c5:04:1f:
0f:e1:5b:ef:1d:cf:b1:c0:a7:e6:1e:b2:16:b8:26:
3b:2c:06:90:10:13:0a:e0:98:c8:6d:ef:2d:99:b4:
66:14:77:34:f8:00:04:7c:06:b4:2e:5d:6f:fd:38:
e0:12:27:e2:61:c7:99:f1:1d:c0:12:7f:b2:b8:6d:
dc:83:27:8b:85:86:e4:48:74:62:83:37:92:e8:6f:
73:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8D:E1:33:9F:FE:38:D9:D6:28:8C:07:7B:96:D7:CB:B0:AA:24:11
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/wI3hM5_-ONnWKIwHe5bXy7CqJBE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.56.0/21
Signature Algorithm: sha256WithRSAEncryption
28:8d:d9:ff:2a:3a:9c:67:a0:86:b4:21:9e:1a:71:a2:0e:4c:
9f:ec:96:37:26:df:65:57:f1:09:2e:5c:57:43:87:62:84:c1:
35:a1:40:ad:8c:ad:76:8d:76:f8:9e:f7:ef:82:ed:28:64:a6:
5f:19:8b:47:61:d9:52:b5:ca:4b:01:ac:b1:01:b5:0d:85:ff:
66:a0:95:f2:80:93:53:bf:16:41:50:fa:f8:ea:48:1b:1f:bf:
96:97:5d:c9:b8:16:5b:bb:32:47:1e:b1:c7:5a:64:af:78:49:
dd:50:29:98:7b:c8:aa:bb:94:cb:ed:1b:90:16:31:ac:54:9e:
72:ca:6a:72:21:3b:a6:1c:02:85:4d:11:7f:6a:ce:30:c4:74:
ec:d4:fd:35:99:df:0e:33:4e:4b:9a:1d:83:95:ba:a4:d8:72:
db:1a:b6:23:20:6a:87:3f:9e:ec:8c:55:56:03:9f:81:95:76:
fc:62:ed:a2:73:82:30:03:7f:94:d8:3b:6e:82:10:81:18:df:
d8:68:0e:b6:1f:a2:c4:1a:06:b9:04:af:29:5c:a7:41:77:ec:
9e:80:43:df:dc:da:a1:cf:51:61:5e:cc:1d:7d:3d:e8:88:5e:
c4:9f:aa:35:c8:5e:c3:ad:6a:1a:ee:c4:ee:c7:ea:22:1b:45:
c7:01:15:78
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNDA4MjYw
NTEwMjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMwOERFMTMzOUZGRTM4
RDlENjI4OEMwNzdCOTZEN0NCQjBBQTI0MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvIYWWuB71WCs4UMFFnE/9ZmS9JfRI24Yc2FCKvy6kZWFbtXRv
A9fhn+v+8pTS5eRgrs9tFTxp8oPfBaodFJLtJglGs3KP2MUMcuF9EaGa5ZvXbTf0
CMClN5nWTzrlWDuW9IvpHM6CfDBVAj+sUrShMBYt+mEwicIidXDUgjJlC0SzYxma
nuZS8cUoRiptKI69h8sywBG7MkJSbuVKwoABvUdiKeX4ZCHVao38G0S5msUEHw/h
W+8dz7HAp+Yesha4JjssBpAQEwrgmMht7y2ZtGYUdzT4AAR8BrQuXW/9OOASJ+Jh
x5nxHcASf7K4bdyDJ4uFhuRIdGKDN5Lob3PzAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUwI3hM5/+ONnWKIwHe5bXy7CqJBEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC93STNoTTVfLU9ObldLSXdIZTVi
WHk3Q3FKQkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5M4
MA0GCSqGSIb3DQEBCwUAA4IBAQAojdn/KjqcZ6CGtCGeGnGiDkyf7JY3Jt9lV/EJ
LlxXQ4dihME1oUCtjK12jXb4nvfvgu0oZKZfGYtHYdlStcpLAayxAbUNhf9moJXy
gJNTvxZBUPr46kgbH7+Wl13JuBZbuzJHHrHHWmSveEndUCmYe8iqu5TL7RuQFjGs
VJ5yympyITumHAKFTRF/as4wxHTs1P01md8OM05Lmh2Dlbqk2HLbGrYjIGqHP57s
jFVWA5+BlXb8Yu2ic4IwA3+U2DtughCBGN/YaA62H6LEGga5BK8pXKdBd+yegEPf
3Nqhz1FhXswdfT3oiF7En6o1yF7DrWoa7sTux+oiG0XHARV4
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:10 2025 by rpki-client