Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/3c8iVA8Ln24kipb0ZX6MchW15HE.roa
File: 3c8iVA8Ln24kipb0ZX6MchW15HE.roa (raw, json)
Hash identifier: 4k5H9oBX6mUVip0Zxiir027FSAiU395oFMnhYA56C7M=
Subject key identifier: DD:CF:22:54:0F:0B:9F:6E:24:8A:96:F4:65:7E:8C:72:15:B5:E4:71
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 0C25
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/3c8iVA8Ln24kipb0ZX6MchW15HE.roa
Signing time: Mon 26 Aug 2024 05:11:12 +0000
ROA not before: Mon 26 Aug 2024 05:11:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 103.123.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:24:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3109 (0xc25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Aug 26 05:11:12 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DDCF22540F0B9F6E248A96F4657E8C7215B5E471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:cd:a6:52:45:f4:b6:d5:25:de:9d:48:3d:
73:cb:af:01:18:43:d2:21:33:a1:ba:ce:e3:ad:1b:
8c:c2:cb:cc:de:cd:b5:90:4d:f9:05:79:bf:46:33:
30:50:55:54:5c:90:6d:5e:50:95:95:e1:65:95:b5:
95:ba:d7:fb:d0:fe:5b:d5:d7:cf:7c:24:f9:92:74:
5b:16:46:42:ab:c3:5b:c0:ff:9d:66:97:4e:f5:a7:
52:a1:82:c0:b5:b1:db:40:70:a9:6c:20:f9:5e:ba:
0c:5d:63:f3:21:d7:0c:1a:d8:7a:8e:26:52:66:18:
9d:3b:12:71:6d:00:03:94:c5:df:6a:9d:00:76:5c:
ba:01:35:fe:cb:69:a1:d5:e8:5b:34:d0:db:02:77:
89:08:cd:b7:d0:38:c0:5b:a1:ba:ea:46:3f:db:05:
88:85:08:c3:8c:80:0b:66:b1:76:5c:b8:b9:68:14:
37:6d:c4:aa:5a:91:2e:1d:5a:9d:5e:ae:d4:73:45:
61:60:47:86:7c:9b:f0:82:83:86:d7:ed:e0:84:f4:
ca:54:d7:69:4f:73:6e:99:a8:de:5b:69:b5:b4:d1:
f4:4b:1f:f3:4e:7c:0d:2a:1b:25:15:4d:96:cf:e3:
27:fa:bb:f0:73:81:a0:61:35:75:41:bf:7e:7b:4c:
01:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CF:22:54:0F:0B:9F:6E:24:8A:96:F4:65:7E:8C:72:15:B5:E4:71
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/3c8iVA8Ln24kipb0ZX6MchW15HE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.189.0/24
Signature Algorithm: sha256WithRSAEncryption
33:6c:f9:5d:70:a1:0c:d5:3f:fc:c4:75:22:88:c9:6f:9e:c2:
a9:ac:7f:37:b7:f6:85:18:27:ed:82:37:d0:1d:02:24:39:a5:
f8:c4:b6:9a:36:dd:b2:84:0a:02:74:45:04:18:41:17:db:fc:
4d:86:9d:cb:d5:9e:3a:a8:99:41:63:da:ad:6e:a0:52:c1:0d:
c3:d6:dd:5b:ff:86:3a:18:71:09:d8:ea:b0:10:3a:8e:0b:31:
c4:1c:3e:f6:e6:08:31:c4:4d:84:be:53:91:77:00:7b:01:14:
57:f3:88:51:f5:e5:24:41:6c:b4:24:a2:46:cf:93:bd:81:e4:
cb:ba:2c:5c:f8:45:e3:2f:04:58:12:13:96:a9:fb:b9:ed:21:
b3:68:c1:06:fc:14:3a:7c:bb:ff:f4:2b:b6:e9:c5:e4:4f:f9:
89:ac:53:78:63:fe:33:bb:7e:35:3f:7a:46:e1:a8:7f:30:02:
70:3a:dc:64:c4:db:69:00:6e:9b:18:80:58:46:19:4b:68:56:
0f:e4:d6:88:0e:3b:bd:a0:34:e1:a2:72:4a:ec:dd:ee:5d:7b:
29:ef:f8:94:ef:64:bc:8f:10:7b:d0:80:2f:72:00:44:4e:60:
02:33:30:47:d3:55:f1:26:3e:c3:6b:16:df:f4:55:41:9a:38:
0d:58:b1:ed
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yNDA4MjYw
NTExMTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREQ0YyMjU0MEYwQjlG
NkUyNDhBOTZGNDY1N0U4QzcyMTVCNUU0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfcM2mUkX0ttUl3p1IPXPLrwEYQ9IhM6G6zuOtG4zCy8zezbWQ
TfkFeb9GMzBQVVRckG1eUJWV4WWVtZW61/vQ/lvV1898JPmSdFsWRkKrw1vA/51m
l071p1KhgsC1sdtAcKlsIPleugxdY/Mh1wwa2HqOJlJmGJ07EnFtAAOUxd9qnQB2
XLoBNf7LaaHV6Fs00NsCd4kIzbfQOMBbobrqRj/bBYiFCMOMgAtmsXZcuLloFDdt
xKpakS4dWp1ertRzRWFgR4Z8m/CCg4bX7eCE9MpU12lPc26ZqN5babW00fRLH/NO
fA0qGyUVTZbP4yf6u/BzgaBhNXVBv357TAE/AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU3c8iVA8Ln24kipb0ZX6MchW15HEwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFLzNjOGlWQThMbjI0
a2lwYjBaWDZNY2hXMTVIRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne70wDQYJKoZIhvcNAQELBQADggEBADNs+V1woQzVP/zEdSKIyW+ewqms
fze39oUYJ+2CN9AdAiQ5pfjEtpo23bKECgJ0RQQYQRfb/E2GncvVnjqomUFj2q1u
oFLBDcPW3Vv/hjoYcQnY6rAQOo4LMcQcPvbmCDHETYS+U5F3AHsBFFfziFH15SRB
bLQkokbPk72B5Mu6LFz4ReMvBFgSE5ap+7ntIbNowQb8FDp8u//0K7bpxeRP+Yms
U3hj/jO7fjU/ekbhqH8wAnA63GTE22kAbpsYgFhGGUtoVg/k1ogOO72gNOGickrs
3e5deynv+JTvZLyPEHvQgC9yAEROYAIzMEfTVfEmPsNrFt/0VUGaOA1Yse0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:14 2025 by rpki-client