Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CJME/mq2F8gpAWjLsZD7T3r-QppQLdqU.roa
File: mq2F8gpAWjLsZD7T3r-QppQLdqU.roa (raw, json)
Hash identifier: tbNXeWixuvrApOPy0Cgkh5zIR8kykzjsIfRRcFvJauI=
Subject key identifier: 9A:AD:85:F2:0A:40:5A:32:EC:64:3E:D3:DE:BF:90:A6:94:0B:76:A5
Certificate issuer: /CN=E214623FD129CB972740D391DAF39196F2ADF2BD
Certificate serial: 03
Authority key identifier: E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/mq2F8gpAWjLsZD7T3r-QppQLdqU.roa
Signing time: Thu 29 Aug 2024 05:11:16 +0000
ROA not before: Thu 29 Aug 2024 05:11:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 63897
IP address blocks: 157.20.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:34:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E214623FD129CB972740D391DAF39196F2ADF2BD
Validity
Not Before: Aug 29 05:11:16 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9AAD85F20A405A32EC643ED3DEBF90A6940B76A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:96:7a:a3:b4:6f:50:05:e1:02:43:d7:38:
00:86:f7:28:10:a3:d7:ac:6f:4b:bf:c2:c2:d7:a8:
5f:84:4f:85:64:d2:18:53:7e:31:f2:84:6e:51:31:
3f:91:ed:7e:e7:5b:28:cc:92:56:6e:9a:3a:2d:f6:
98:9b:a7:4a:52:c8:f3:c3:3a:85:8d:34:b9:74:d1:
54:63:81:3f:a9:33:f7:e9:91:9b:a1:f1:0b:81:78:
b4:0e:0d:5e:e8:9b:78:4b:90:66:3c:d9:25:69:35:
99:c2:39:5e:15:ba:15:ce:7f:b5:68:1c:2d:f3:73:
71:c8:02:17:96:ac:cd:be:ce:36:d6:00:7f:2f:e1:
9a:27:bb:17:84:56:78:62:5c:5a:d5:cb:14:0a:2f:
cb:e1:41:63:3b:f5:9d:ae:14:c8:fb:77:9f:e5:75:
70:14:af:91:4b:f0:cd:23:5b:f9:01:e0:8a:b1:ce:
e2:83:ce:03:70:40:6d:82:2e:aa:34:6c:0b:e3:4d:
75:5d:25:a1:63:37:d2:75:e1:6c:a2:3d:41:b6:6a:
63:03:a2:e7:5f:9b:4b:a5:22:b2:26:f5:23:9d:67:
63:b4:83:62:50:b0:f7:d2:e8:c5:6b:ab:e1:0b:1c:
a8:3f:97:81:e7:c3:51:f0:83:f1:df:ae:33:69:91:
da:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AD:85:F2:0A:40:5A:32:EC:64:3E:D3:DE:BF:90:A6:94:0B:76:A5
X509v3 Authority Key Identifier:
keyid:E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/mq2F8gpAWjLsZD7T3r-QppQLdqU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.199.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:89:d6:a2:10:95:5b:dd:76:0a:2c:27:17:9f:05:b7:6a:9b:
0d:c9:89:b1:33:85:ec:df:8f:34:c2:2e:9f:d9:40:8c:30:41:
d9:f9:f9:5f:4c:7c:93:26:a2:db:5f:5a:e6:00:24:08:72:f7:
5f:77:1c:bb:52:77:75:0e:ae:6a:c4:b2:3e:2d:4f:8e:3e:ab:
20:77:d6:0c:c2:f2:d7:f7:a1:d3:c6:ef:58:88:dc:94:5a:f8:
f7:47:dd:8f:ff:f2:47:ed:e8:2f:f2:f3:51:4b:bb:81:6d:31:
95:93:13:89:8e:13:80:7a:c8:37:c7:5b:35:91:1e:3e:b5:9e:
80:17:47:90:55:08:93:d3:c6:fa:07:83:65:e0:65:ad:7a:79:
65:16:c3:00:e9:14:2e:59:d2:6f:a4:15:7f:dc:65:67:85:38:
44:f0:ba:15:b1:8c:c3:bb:28:e0:4d:2b:cc:df:8b:b6:92:27:
d2:11:2e:9a:f6:96:82:e7:3f:08:6e:86:05:c4:49:66:b8:fd:
d2:d3:40:a3:4f:90:86:8d:4f:63:84:13:b7:7d:25:41:a9:9e:
90:f5:2f:65:01:09:d6:12:78:84:3f:10:4f:f6:67:f2:6d:c5:
a1:dc:cc:8f:66:53:4a:ac:3c:e0:29:2f:c1:a8:f9:fd:b9:7f:
6c:1f:54:7c
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMjE0
NjIzRkQxMjlDQjk3Mjc0MEQzOTFEQUYzOTE5NkYyQURGMkJEMB4XDTI0MDgyOTA1
MTExNloXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoOUFBRDg1RjIwQTQwNUEz
MkVDNjQzRUQzREVCRjkwQTY5NDBCNzZBNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANBMlnqjtG9QBeECQ9c4AIb3KBCj16xvS7/CwteoX4RPhWTSGFN+
MfKEblExP5HtfudbKMySVm6aOi32mJunSlLI88M6hY00uXTRVGOBP6kz9+mRm6Hx
C4F4tA4NXuibeEuQZjzZJWk1mcI5XhW6Fc5/tWgcLfNzccgCF5aszb7ONtYAfy/h
mie7F4RWeGJcWtXLFAovy+FBYzv1na4UyPt3n+V1cBSvkUvwzSNb+QHgirHO4oPO
A3BAbYIuqjRsC+NNdV0loWM30nXhbKI9QbZqYwOi51+bS6Uisib1I51nY7SDYlCw
99LoxWur4QscqD+XgefDUfCD8d+uM2mR2rMCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBSarYXyCkBaMuxkPtPev5CmlAt2pTAfBgNVHSMEGDAWgBTiFGI/0SnLlydA05Ha
85GW8q3yvTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSk1FLzRo
UmlQOUVweTVjblFOT1Iydk9SbHZLdDhyMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
NGhSaVA5RXB5NWNuUU5PUjJ2T1Jsdkt0OHIwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQ0pNRS9tcTJGOGdwQVdqTHNaRDdUM3ItUXBw
UUxkcVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTHMA0G
CSqGSIb3DQEBCwUAA4IBAQChidaiEJVb3XYKLCcXnwW3apsNyYmxM4Xs3480wi6f
2UCMMEHZ+flfTHyTJqLbX1rmACQIcvdfdxy7Und1Dq5qxLI+LU+OPqsgd9YMwvLX
96HTxu9YiNyUWvj3R92P//JH7egv8vNRS7uBbTGVkxOJjhOAesg3x1s1kR4+tZ6A
F0eQVQiT08b6B4Nl4GWtenllFsMA6RQuWdJvpBV/3GVnhThE8LoVsYzDuyjgTSvM
34u2kifSES6a9paC5z8IboYFxElmuP3S00CjT5CGjU9jhBO3fSVBqZ6Q9S9lAQnW
EniEPxBP9mfybcWh3MyPZlNKrDzgKS/BqPn9uX9sH1R8
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:50 2025 by rpki-client