Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/sH1bWXAgAeOI5qhKhxsr4k_EcOM.roa
File: sH1bWXAgAeOI5qhKhxsr4k_EcOM.roa (raw, json)
Hash identifier: x76OPsHsdUFkhI1/bEXyIXqrZ2pZZ0MjoIxF1rvjf0A=
Subject key identifier: B0:7D:5B:59:70:20:01:E3:88:E6:A8:4A:87:1B:2B:E2:4F:C4:70:E3
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1182
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/sH1bWXAgAeOI5qhKhxsr4k_EcOM.roa
Signing time: Mon 26 Aug 2024 05:10:51 +0000
ROA not before: Mon 26 Aug 2024 05:10:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 10085
IP address blocks: 203.163.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:14:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4482 (0x1182)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Aug 26 05:10:51 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B07D5B59702001E388E6A84A871B2BE24FC470E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:70:32:2f:be:3a:e1:e7:82:f8:9a:01:fc:69:
94:02:0c:8a:8b:cb:9c:d9:36:b5:5f:89:66:81:78:
02:4b:b0:91:ed:28:41:8b:e9:aa:2f:11:91:62:f0:
a0:12:37:dd:27:88:ed:3d:23:a1:61:31:f3:06:d4:
f2:d5:38:3d:ce:37:6a:1d:7a:b1:2b:a0:cd:f9:0d:
d6:04:b1:92:25:c2:7a:69:ee:37:b4:fa:45:42:72:
47:d8:cd:98:15:bd:05:ad:a9:eb:0a:86:76:6f:44:
c2:7d:e6:f8:d1:9b:54:2b:7d:40:f2:c0:d2:5e:c9:
fa:45:7a:f5:a4:15:00:3c:f5:a3:7d:41:f8:c4:66:
2b:e6:2a:9a:b1:fb:9f:36:82:b6:c1:63:b7:a4:78:
cd:0c:03:a7:05:79:2f:3f:f2:a1:04:5c:60:91:d6:
98:16:90:ec:77:c2:09:45:23:fc:77:98:41:95:95:
29:8d:41:e3:ea:a2:e2:e8:38:83:6b:2d:47:b7:01:
4c:b0:01:83:51:38:f3:d0:e4:68:29:33:4e:9f:84:
a6:2f:b1:f7:f3:12:b6:0d:fb:82:9c:9d:16:14:f4:
5a:00:04:4e:0a:aa:da:c0:76:f6:53:99:a7:c9:b6:
d9:b4:e0:3e:41:a7:2f:d2:a5:b0:c2:93:64:6f:1a:
e1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7D:5B:59:70:20:01:E3:88:E6:A8:4A:87:1B:2B:E2:4F:C4:70:E3
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/sH1bWXAgAeOI5qhKhxsr4k_EcOM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.163.214.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:4d:8d:04:d9:b3:20:bf:00:58:dd:b9:26:f2:a0:87:b9:c1:
98:d9:1f:33:35:ca:78:45:6a:37:bd:61:3e:60:4d:27:7d:26:
99:cc:b3:5b:2b:35:f1:04:3c:81:49:d2:9f:7f:06:7b:62:bd:
5f:d8:b3:50:a8:f5:10:62:84:02:b9:0c:31:9a:e3:da:a6:81:
5a:56:05:40:0e:32:22:25:88:d5:83:f7:8c:ff:e9:0d:c3:9b:
7b:d9:18:f8:af:c6:cf:55:3d:fa:e1:4c:0d:3e:e9:3d:b3:18:
43:06:66:b0:1d:81:d1:e1:0b:35:1c:fc:03:d6:a6:20:8d:db:
04:97:a2:51:a8:95:55:6c:29:bd:b3:47:a8:f4:6e:72:81:4c:
83:f0:0f:5a:3d:0d:28:83:66:1c:79:55:7f:54:2e:50:6a:03:
9f:e3:10:5d:29:40:5d:50:03:64:c0:3a:44:87:63:58:2b:4a:
e5:8c:54:9f:f5:1f:76:8d:f0:e5:9b:f7:d4:d9:49:6e:1a:15:
02:3c:ee:00:32:bb:6a:53:6b:09:30:64:00:f8:71:b6:3e:58:
05:64:21:d2:2a:e8:4e:fe:17:89:fc:0a:66:b5:b2:71:d5:f0:
52:ca:aa:6f:f1:d2:1f:33:49:6e:ff:ea:4b:58:c9:87:72:d0:
eb:f7:42:7c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw
NTEwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIwN0Q1QjU5NzAyMDAx
RTM4OEU2QTg0QTg3MUIyQkUyNEZDNDcwRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYcDIvvjrh54L4mgH8aZQCDIqLy5zZNrVfiWaBeAJLsJHtKEGL
6aovEZFi8KASN90niO09I6FhMfMG1PLVOD3ON2oderEroM35DdYEsZIlwnpp7je0
+kVCckfYzZgVvQWtqesKhnZvRMJ95vjRm1QrfUDywNJeyfpFevWkFQA89aN9QfjE
ZivmKpqx+582grbBY7ekeM0MA6cFeS8/8qEEXGCR1pgWkOx3wglFI/x3mEGVlSmN
QePqouLoOINrLUe3AUywAYNROPPQ5GgpM06fhKYvsffzErYN+4KcnRYU9FoABE4K
qtrAdvZTmafJttm04D5Bpy/SpbDCk2RvGuEjAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUsH1bWXAgAeOI5qhKhxsr4k/EcOMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9zSDFiV1hBZ0FlT0k1
cWhLaHhzcjRrX0VjT00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAy6PWMA0GCSqGSIb3DQEBCwUAA4IBAQCbTY0E2bMgvwBY3bkm8qCHucGY2R8z
Ncp4RWo3vWE+YE0nfSaZzLNbKzXxBDyBSdKffwZ7Yr1f2LNQqPUQYoQCuQwxmuPa
poFaVgVADjIiJYjVg/eM/+kNw5t72Rj4r8bPVT364UwNPuk9sxhDBmawHYHR4Qs1
HPwD1qYgjdsEl6JRqJVVbCm9s0eo9G5ygUyD8A9aPQ0og2YceVV/VC5QagOf4xBd
KUBdUANkwDpEh2NYK0rljFSf9R92jfDlm/fU2UluGhUCPO4AMrtqU2sJMGQA+HG2
PlgFZCHSKuhO/heJ/ApmtbJx1fBSyqpv8dIfM0lu/+pLWMmHctDr90J8
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:47 2025 by rpki-client