Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIAOCHIAO/39UFxv-3xQYdjUeFd5Ljd0ywj2g.roa
File: 39UFxv-3xQYdjUeFd5Ljd0ywj2g.roa (raw, json)
Hash identifier: wFw5IJu+vcks+hHjBeSmOzXcJ3FeAJnT9gsCMqUViyA=
Subject key identifier: DF:D5:05:C6:FF:B7:C5:06:1D:8D:47:85:77:92:E3:77:4C:B0:8F:68
Certificate issuer: /CN=8A3FD89CE70A14F13ED0A86459224D007DD0A148
Certificate serial: 089C
Authority key identifier: 8A:3F:D8:9C:E7:0A:14:F1:3E:D0:A8:64:59:22:4D:00:7D:D0:A1:48
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ij_YnOcKFPE-0KhkWSJNAH3QoUg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIAOCHIAO/39UFxv-3xQYdjUeFd5Ljd0ywj2g.roa
Signing time: Mon 10 Feb 2025 14:11:50 +0000
ROA not before: Mon 10 Feb 2025 14:11:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 40065
IP address blocks: 103.148.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 03:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2204 (0x89c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8A3FD89CE70A14F13ED0A86459224D007DD0A148
Validity
Not Before: Feb 10 14:11:50 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DFD505C6FFB7C5061D8D47857792E3774CB08F68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d0:3b:65:13:0b:22:ba:1e:e9:77:d1:56:2d:
a2:6b:99:90:87:4c:34:8c:a7:48:b2:92:c1:48:0a:
98:f3:de:fd:a7:44:14:e2:17:f5:49:ac:40:54:dd:
a1:97:7e:9b:e4:1c:84:b4:78:a8:6a:02:35:6b:6f:
af:1f:66:40:87:17:79:ac:53:fb:77:e2:6e:7e:4c:
b2:cb:a2:48:50:14:a5:42:bd:65:ed:58:f8:31:a6:
48:06:f2:44:07:a2:6a:47:41:8f:5e:11:f8:b4:91:
35:11:db:0a:42:28:c8:8e:c3:d1:db:34:bd:60:38:
8b:4e:9e:d8:a4:14:53:68:44:45:12:c9:5d:1e:54:
7c:41:05:41:b1:4b:af:14:16:81:ab:87:ff:ed:b4:
4a:d0:85:17:6c:f6:5a:c7:46:4f:f6:4f:c5:2b:ba:
48:9b:36:04:73:8c:f0:0c:73:78:36:ca:73:3e:41:
10:b9:f6:13:f0:ea:2a:52:09:b1:c2:c4:c1:06:2b:
2a:42:e4:dc:a8:c1:74:b3:20:8d:c7:b7:86:34:6a:
d9:02:11:fa:0e:49:0c:37:11:63:ce:b1:73:3d:33:
9d:73:da:83:5c:31:80:fa:9e:b3:d8:e5:97:8f:58:
b3:64:5e:e3:d4:76:cb:cd:71:81:69:77:c5:58:0b:
20:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D5:05:C6:FF:B7:C5:06:1D:8D:47:85:77:92:E3:77:4C:B0:8F:68
X509v3 Authority Key Identifier:
keyid:8A:3F:D8:9C:E7:0A:14:F1:3E:D0:A8:64:59:22:4D:00:7D:D0:A1:48
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIAOCHIAO/ij_YnOcKFPE-0KhkWSJNAH3QoUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ij_YnOcKFPE-0KhkWSJNAH3QoUg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIAOCHIAO/39UFxv-3xQYdjUeFd5Ljd0ywj2g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.146.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2e:f2:cb:7a:3b:b4:f5:e0:71:70:da:9c:68:29:02:24:0b:
5e:14:e8:15:e2:7a:fa:d1:57:04:21:4f:16:5c:5b:96:52:4a:
a3:fe:5b:78:f0:f6:8b:5b:51:b0:d3:61:af:ff:22:ed:f6:87:
85:87:3a:ec:5b:b0:a9:0d:4c:df:d2:db:e7:18:eb:f4:da:65:
a2:74:7b:17:ed:a8:ad:88:69:28:96:ac:48:86:cf:39:a3:be:
18:d3:d1:2e:e0:2b:aa:ce:10:18:71:52:81:d9:40:21:a8:e8:
b7:3f:09:d5:b9:af:d2:38:e4:2e:34:ce:65:4b:dc:36:be:7c:
65:bb:31:6f:7d:e3:2b:b2:09:fd:0a:48:6c:ff:e1:85:94:91:
d1:00:09:d2:cb:31:14:92:a6:7b:ea:5d:55:db:eb:ee:73:0c:
32:6c:46:a4:44:32:96:1d:25:cc:42:d5:fd:da:df:b0:38:0b:
ab:76:19:8b:71:9c:1c:84:ee:48:2f:a9:60:f8:23:d5:1e:4b:
b5:30:c0:a4:23:a0:10:7e:6a:1c:cf:01:c1:e4:59:77:26:f0:
69:62:c4:eb:0a:20:24:52:a0:74:2e:de:ee:9a:dc:1a:d3:be:
9f:33:8d:02:7a:d4:3c:ad:0b:7e:b5:b2:82:eb:32:d9:97:35:
3e:69:40:78
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCJwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEEz
RkQ4OUNFNzBBMTRGMTNFRDBBODY0NTkyMjREMDA3REQwQTE0ODAeFw0yNTAyMTAx
NDExNTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERGRDUwNUM2RkZCN0M1
MDYxRDhENDc4NTc3OTJFMzc3NENCMDhGNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCe0DtlEwsiuh7pd9FWLaJrmZCHTDSMp0iyksFICpjz3v2nRBTi
F/VJrEBU3aGXfpvkHIS0eKhqAjVrb68fZkCHF3msU/t34m5+TLLLokhQFKVCvWXt
WPgxpkgG8kQHompHQY9eEfi0kTUR2wpCKMiOw9HbNL1gOItOntikFFNoREUSyV0e
VHxBBUGxS68UFoGrh//ttErQhRds9lrHRk/2T8UrukibNgRzjPAMc3g2ynM+QRC5
9hPw6ipSCbHCxMEGKypC5NyowXSzII3Ht4Y0atkCEfoOSQw3EWPOsXM9M51z2oNc
MYD6nrPY5ZePWLNkXuPUdsvNcYFpd8VYCyBBAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQU39UFxv+3xQYdjUeFd5Ljd0ywj2gwHwYDVR0jBBgwFoAUij/YnOcKFPE+0Khk
WSJNAH3QoUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJQU9D
SElBTy9pal9Zbk9jS0ZQRS0wS2hrV1NKTkFIM1FvVWcuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL2lqX1luT2NLRlBFLTBLaGtXU0pOQUgzUW9VZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISUFPQ0hJQU8vMzlVRnh2LTN4
UVlkalVlRmQ1TGpkMHl3ajJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGeUkjANBgkqhkiG9w0BAQsFAAOCAQEAWy7yy3o7tPXgcXDanGgpAiQL
XhToFeJ6+tFXBCFPFlxbllJKo/5bePD2i1tRsNNhr/8i7faHhYc67FuwqQ1M39Lb
5xjr9NplonR7F+2orYhpKJasSIbPOaO+GNPRLuArqs4QGHFSgdlAIajotz8J1bmv
0jjkLjTOZUvcNr58Zbsxb33jK7IJ/QpIbP/hhZSR0QAJ0ssxFJKme+pdVdvr7nMM
MmxGpEQylh0lzELV/drfsDgLq3YZi3GcHITuSC+pYPgj1R5LtTDApCOgEH5qHM8B
weRZdybwaWLE6wogJFKgdC7e7prcGtO+nzONAnrUPK0LfrWygusy2Zc1PmlAeA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:37:14 2025 by rpki-client