Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Nh1d53FlK3KU2HQEsh9hjBqiq94.roa
File: Nh1d53FlK3KU2HQEsh9hjBqiq94.roa (raw, json)
Hash identifier: 0ntCqnPBVgxOwhrpnfPuOiRzA8R2oLJpSKXqFitSJKM=
Subject key identifier: 36:1D:5D:E7:71:65:2B:72:94:D8:74:04:B2:1F:61:8C:1A:A2:AB:DE
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 11A1
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Nh1d53FlK3KU2HQEsh9hjBqiq94.roa
Signing time: Mon 26 Aug 2024 05:10:59 +0000
ROA not before: Mon 26 Aug 2024 05:10:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.117.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4513 (0x11a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Aug 26 05:10:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=361D5DE771652B7294D87404B21F618C1AA2ABDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:40:9a:70:16:48:f2:57:09:9b:94:45:24:
1c:cd:27:d7:19:ca:1d:e1:ba:76:c1:01:1a:59:8e:
57:8c:96:e1:55:a6:95:a5:93:b8:45:0e:8e:51:2d:
eb:16:a0:c1:0d:33:9e:a7:21:e1:3c:15:09:b5:91:
c1:a8:36:ae:85:0a:9a:95:7e:43:81:ed:0c:92:0f:
d3:73:06:1a:bd:ff:8e:8e:cf:51:ce:c3:e9:71:63:
33:c5:6c:50:53:a0:b6:6b:34:14:ce:58:11:13:ad:
fb:a0:1d:b1:ca:46:2d:51:9c:b6:9f:df:1e:3d:a1:
2e:4d:61:99:e6:19:76:5e:ef:28:59:92:65:12:f1:
85:00:0d:3f:38:bf:37:89:d5:f5:c2:c0:c5:6b:4e:
3e:66:ba:bb:75:cf:b3:19:89:e8:f3:30:d2:1a:94:
01:f9:e0:62:d1:57:7a:26:08:35:97:e8:3b:32:aa:
73:0b:a9:1a:7b:63:b2:a1:79:cb:8b:24:64:93:88:
f1:93:62:29:06:c8:9c:df:46:bd:08:dd:78:94:ce:
cd:91:14:e6:fc:c1:18:b1:36:f6:98:25:fb:de:7e:
1e:e6:6a:e2:26:75:01:dc:a4:4b:b1:be:d5:4d:e9:
c4:4e:4a:d2:0a:25:87:c8:16:29:b8:df:3c:f2:37:
a7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:1D:5D:E7:71:65:2B:72:94:D8:74:04:B2:1F:61:8C:1A:A2:AB:DE
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Nh1d53FlK3KU2HQEsh9hjBqiq94.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.232.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:67:96:fb:f5:6a:6e:b1:86:b0:fc:89:54:b3:b2:d1:e0:00:
06:ac:3b:3d:2e:82:ef:af:d4:6d:6f:d2:6c:5b:22:9c:67:b0:
4c:f3:ea:09:69:a4:7b:82:e0:fa:b9:93:d8:ff:91:69:73:53:
57:47:70:64:84:27:4c:8b:d2:23:66:9c:84:89:b2:38:ef:68:
97:f6:e5:3a:99:ca:84:22:2c:cc:51:63:50:dd:55:fb:77:20:
aa:f6:c5:a1:bd:0b:43:8a:02:fa:aa:6b:fe:d9:65:2b:12:63:
3c:ed:95:1a:78:07:ca:9d:d2:1c:b5:3e:3c:da:71:f9:a4:e9:
af:97:00:51:c6:6d:7b:65:8c:1c:ac:f4:13:c3:5e:90:09:ab:
ac:45:ef:6a:99:8b:fd:f3:6d:0b:9c:92:59:75:9e:f1:01:53:
01:9a:46:9e:41:8f:b0:16:ea:80:e6:bf:d7:62:6f:5c:c9:a4:
73:77:e8:ab:2c:1b:90:92:f6:d3:a6:9b:65:1f:88:0f:93:04:
57:de:8f:b9:20:95:9f:5c:ef:4c:70:98:1b:82:d0:57:f6:e6:
9a:ca:ee:8a:1c:5e:ff:89:47:52:92:31:b2:77:de:6f:73:0a:
01:99:34:32:e1:cd:9f:3a:50:2f:1f:f4:d5:ca:25:b9:4a:9a:
07:02:24:cc
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw
NTEwNTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM2MUQ1REU3NzE2NTJC
NzI5NEQ4NzQwNEIyMUY2MThDMUFBMkFCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC98kCacBZI8lcJm5RFJBzNJ9cZyh3hunbBARpZjleMluFVppWl
k7hFDo5RLesWoMENM56nIeE8FQm1kcGoNq6FCpqVfkOB7QySD9NzBhq9/46Oz1HO
w+lxYzPFbFBToLZrNBTOWBETrfugHbHKRi1RnLaf3x49oS5NYZnmGXZe7yhZkmUS
8YUADT84vzeJ1fXCwMVrTj5murt1z7MZiejzMNIalAH54GLRV3omCDWX6DsyqnML
qRp7Y7KhecuLJGSTiPGTYikGyJzfRr0I3XiUzs2RFOb8wRixNvaYJfvefh7mauIm
dQHcpEuxvtVN6cROStIKJYfIFim43zzyN6d7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUNh1d53FlK3KU2HQEsh9hjBqiq94wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9OaDFkNTNGbEszS1Uy
SFFFc2g5aGpCcWlxOTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnXoMA0GCSqGSIb3DQEBCwUAA4IBAQCKZ5b79WpusYaw/IlUs7LR4AAGrDs9
LoLvr9Rtb9JsWyKcZ7BM8+oJaaR7guD6uZPY/5Fpc1NXR3BkhCdMi9IjZpyEibI4
72iX9uU6mcqEIizMUWNQ3VX7dyCq9sWhvQtDigL6qmv+2WUrEmM87ZUaeAfKndIc
tT482nH5pOmvlwBRxm17ZYwcrPQTw16QCausRe9qmYv9820LnJJZdZ7xAVMBmkae
QY+wFuqA5r/XYm9cyaRzd+irLBuQkvbTpptlH4gPkwRX3o+5IJWfXO9McJgbgtBX
9uaayu6KHF7/iUdSkjGyd95vcwoBmTQy4c2fOlAvH/TVyiW5SpoHAiTM
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:59 2025 by rpki-client