Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/KrVh04X7XNgtW2ny1P46iLAafho.roa
File: KrVh04X7XNgtW2ny1P46iLAafho.roa (raw, json)
Hash identifier: EKJAbW3P+EOhB+9RWPB0e54cvVp8ecZzU6bYIg5ydBU=
Subject key identifier: 2A:B5:61:D3:85:FB:5C:D8:2D:5B:69:F2:D4:FE:3A:88:B0:1A:7E:1A
Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Certificate serial: 0BF6
Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/KrVh04X7XNgtW2ny1P46iLAafho.roa
Signing time: Mon 26 Aug 2024 05:11:27 +0000
ROA not before: Mon 26 Aug 2024 05:11:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131629
IP address blocks: 103.119.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3062 (0xbf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Validity
Not Before: Aug 26 05:11:27 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2AB561D385FB5CD82D5B69F2D4FE3A88B01A7E1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:00:15:c8:ef:b1:f2:41:f9:c6:97:0f:81:ae:
8e:28:1c:c4:37:77:7b:55:76:c3:da:f7:ff:61:c3:
b4:97:f9:88:82:c7:08:ae:4e:ac:c0:4a:53:83:09:
d0:69:ba:89:16:7e:26:94:1e:41:08:b3:78:86:2c:
a1:6f:46:99:e7:dd:f9:4b:b4:cb:44:ac:8e:09:2e:
73:a2:59:d4:ca:94:5b:28:3a:1d:28:3c:bf:81:8b:
c3:75:0b:9c:43:f6:bc:e7:55:b8:0b:1a:34:07:12:
c4:66:10:24:1d:4d:b7:df:d7:2f:c8:d3:ff:d2:24:
9d:25:00:9a:f5:1b:3a:f8:99:f7:48:47:80:d0:65:
f8:37:57:5b:f0:4c:e3:c2:d2:4c:2a:46:53:d6:b5:
4c:04:9c:08:49:7e:d9:36:cf:44:83:70:76:9c:e7:
16:14:61:3e:bb:0f:2c:5f:cb:c5:02:12:60:10:c5:
89:9a:98:e3:ad:93:3a:42:02:69:f8:4d:bd:e9:da:
aa:47:51:c4:5a:50:d3:de:18:7f:32:36:3c:c9:f7:
12:7c:a7:70:2f:a2:7a:15:28:5a:f3:6f:30:79:83:
5f:aa:6c:96:09:70:5b:11:08:6a:58:4d:f0:25:97:
61:33:cb:ae:fc:e8:a8:d2:52:48:da:fa:4f:aa:7a:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B5:61:D3:85:FB:5C:D8:2D:5B:69:F2:D4:FE:3A:88:B0:1A:7E:1A
X509v3 Authority Key Identifier:
keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/KrVh04X7XNgtW2ny1P46iLAafho.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.212.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:73:d6:af:ce:65:f8:e5:b9:f5:93:66:c2:3a:db:06:8f:60:
d4:b0:44:fc:37:b6:6a:e7:c8:dd:7b:20:8c:53:34:84:6f:b3:
5c:f6:40:02:1d:00:39:66:d7:64:be:de:e9:da:cd:db:80:77:
8f:e8:9d:a3:9c:0f:67:14:5c:58:ed:65:ec:75:bb:d6:3f:15:
9d:4d:98:7a:1b:22:51:07:6c:8a:77:72:1f:69:a5:da:b5:a2:
6c:76:41:bb:6f:84:df:51:49:40:d6:6e:8c:25:9f:da:3c:7e:
2a:40:01:a7:f1:13:9a:be:aa:60:51:83:9b:73:28:40:76:f6:
37:43:ed:ae:e4:ee:36:37:0a:04:fb:a5:a9:f8:5f:49:da:e2:
2c:8a:f3:9e:fa:b6:82:d1:8d:61:4d:fb:7c:29:5a:ed:22:97:
19:2f:ab:96:30:77:8d:15:e1:eb:03:ae:bc:64:f6:16:ad:dc:
2c:d9:e3:c2:be:d0:b1:a3:1a:5f:ce:9b:9b:05:0d:51:91:60:
fb:c6:9f:ed:37:74:3e:85:bb:51:a8:32:be:22:3d:57:30:54:
03:64:81:07:72:8b:3e:d6:0a:a2:e7:2d:5e:c3:05:e0:f0:14:
76:bb:e9:1d:47:99:61:00:71:42:72:ec:ee:96:09:ca:02:83:
f1:90:36:4e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE
MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNDA4MjYw
NTExMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJBQjU2MUQzODVGQjVD
RDgyRDVCNjlGMkQ0RkUzQTg4QjAxQTdFMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHABXI77HyQfnGlw+Bro4oHMQ3d3tVdsPa9/9hw7SX+YiCxwiu
TqzASlODCdBpuokWfiaUHkEIs3iGLKFvRpnn3flLtMtErI4JLnOiWdTKlFsoOh0o
PL+Bi8N1C5xD9rznVbgLGjQHEsRmECQdTbff1y/I0//SJJ0lAJr1Gzr4mfdIR4DQ
Zfg3V1vwTOPC0kwqRlPWtUwEnAhJftk2z0SDcHac5xYUYT67Dyxfy8UCEmAQxYma
mOOtkzpCAmn4Tb3p2qpHUcRaUNPeGH8yNjzJ9xJ8p3AvonoVKFrzbzB5g1+qbJYJ
cFsRCGpYTfAll2Ezy6786KjSUkja+k+qerV9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKrVh04X7XNgtW2ny1P46iLAafhowHwYDVR0jBBgwFoAUXNEK1bakd108UE1m
EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF
Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvS3JWaDA0WDdYTmd0VzJu
eTFQNDZpTEFhZmhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd31DANBgkqhkiG9w0BAQsFAAOCAQEAHnPWr85l+OW59ZNmwjrbBo9g1LBE/De2
aufI3XsgjFM0hG+zXPZAAh0AOWbXZL7e6drN24B3j+ido5wPZxRcWO1l7HW71j8V
nU2YehsiUQdsindyH2ml2rWibHZBu2+E31FJQNZujCWf2jx+KkABp/ETmr6qYFGD
m3MoQHb2N0PtruTuNjcKBPulqfhfSdriLIrznvq2gtGNYU37fCla7SKXGS+rljB3
jRXh6wOuvGT2Fq3cLNnjwr7QsaMaX86bmwUNUZFg+8af7Td0PoW7UagyviI9VzBU
A2SBB3KLPtYKouctXsMF4PAUdrvpHUeZYQBxQnLs7pYJygKD8ZA2Tg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:04:29 2025 by rpki-client