Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/OlvML5C9amnZmPgvR3XFIALJosY.roa
File: OlvML5C9amnZmPgvR3XFIALJosY.roa (raw, json)
Hash identifier: VQFkwTR9HdsZpgZLN2QnD36hutFp667Cg2NLASV3J44=
Subject key identifier: 3A:5B:CC:2F:90:BD:6A:69:D9:98:F8:2F:47:75:C5:20:02:C9:A2:C6
Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F
Certificate serial: 0C23
Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/OlvML5C9amnZmPgvR3XFIALJosY.roa
Signing time: Mon 26 Aug 2024 05:12:14 +0000
ROA not before: Mon 26 Aug 2024 05:12:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131601
IP address blocks: 103.252.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:10:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3107 (0xc23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F
Validity
Not Before: Aug 26 05:12:14 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3A5BCC2F90BD6A69D998F82F4775C52002C9A2C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:92:02:2c:96:5c:5c:1e:c8:bb:ef:d9:04:e9:
5c:78:fa:97:11:fe:4c:89:ab:24:0e:cd:1b:ff:51:
02:99:3d:04:82:c9:89:70:c5:78:47:50:05:88:e5:
da:7d:42:d1:72:0b:0f:47:50:70:04:99:13:b6:88:
40:17:91:62:fa:3e:e9:f0:99:ee:cb:ce:15:d8:b7:
5a:e2:4e:6b:0c:76:9d:d3:b1:bf:71:ac:0a:7b:b2:
8d:76:61:d4:40:70:4b:3b:9f:fd:b5:d2:30:4f:9a:
d0:f8:1a:c4:a5:f1:de:c7:15:d4:5f:b2:0b:5c:98:
36:28:37:ac:0a:c3:85:93:45:c8:87:59:87:5c:cd:
1c:91:98:0d:65:c9:b9:b5:dc:d7:79:98:16:ae:97:
b2:b3:07:53:67:78:75:fb:ac:fa:58:20:37:22:28:
22:c5:11:84:30:3a:40:52:03:6e:4e:a1:71:27:0a:
f3:b4:7e:d9:b4:bb:57:36:9a:aa:7b:9d:c9:26:ae:
7f:3c:c1:95:71:58:fc:75:b1:7c:08:43:83:f9:d1:
1f:da:73:1f:68:85:18:3e:eb:2d:47:5a:dd:1d:5c:
64:02:e6:ed:79:13:c4:95:a9:f3:55:e0:83:97:83:
3d:26:0b:64:66:e6:b9:28:1f:cf:05:6a:5a:8f:de:
67:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5B:CC:2F:90:BD:6A:69:D9:98:F8:2F:47:75:C5:20:02:C9:A2:C6
X509v3 Authority Key Identifier:
keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/OlvML5C9amnZmPgvR3XFIALJosY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.196.0/22
Signature Algorithm: sha256WithRSAEncryption
03:04:63:3f:65:a9:e6:c6:89:04:c4:e5:b5:a7:c6:94:e4:83:
47:4e:16:9d:94:6c:8b:01:e3:5c:2f:6d:1a:69:c3:26:47:4e:
5a:14:44:7e:e9:b5:ae:41:62:d3:6e:17:79:54:67:f5:9e:06:
2b:a7:94:5b:55:be:0b:bc:44:ee:48:f6:1d:fe:b3:1f:99:be:
56:f9:7e:59:b1:44:dd:81:36:96:03:0d:1b:61:53:fc:03:b6:
e0:21:ce:8c:91:41:1e:6d:0d:c1:59:df:8b:eb:7a:c3:f4:08:
1d:b3:d9:4d:3a:29:d4:01:91:2f:a0:1d:2c:65:d6:b5:e6:9b:
1c:5b:ef:7a:71:54:ce:c3:f6:ec:20:d8:a0:d8:04:5a:03:ab:
c1:60:f9:07:d2:d3:a5:8e:82:4b:72:45:d4:5a:de:d5:e1:71:
52:3b:6b:eb:27:37:5e:cc:02:c6:9f:d6:01:c7:7e:fb:9f:9d:
f5:af:eb:ab:3e:3f:2e:39:17:9a:0e:35:56:e5:ed:9e:f6:5e:
d8:39:a6:fe:b8:8c:52:86:d1:49:aa:7d:82:5b:91:1d:1b:10:
29:c8:97:3b:d7:96:8e:20:ac:1a:5d:fa:1d:08:48:df:a5:c0:
12:94:46:81:65:6f:80:00:ee:a7:9a:db:db:9b:f9:1b:ea:d0:
e2:41:cd:a3
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw
NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yNDA4MjYw
NTEyMTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNBNUJDQzJGOTBCRDZB
NjlEOTk4RjgyRjQ3NzVDNTIwMDJDOUEyQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWkgIsllxcHsi779kE6Vx4+pcR/kyJqyQOzRv/UQKZPQSCyYlw
xXhHUAWI5dp9QtFyCw9HUHAEmRO2iEAXkWL6Punwme7LzhXYt1riTmsMdp3Tsb9x
rAp7so12YdRAcEs7n/210jBPmtD4GsSl8d7HFdRfsgtcmDYoN6wKw4WTRciHWYdc
zRyRmA1lybm13Nd5mBaul7KzB1NneHX7rPpYIDciKCLFEYQwOkBSA25OoXEnCvO0
ftm0u1c2mqp7nckmrn88wZVxWPx1sXwIQ4P50R/acx9ohRg+6y1HWt0dXGQC5u15
E8SVqfNV4IOXgz0mC2Rm5rkoH88FalqP3meZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUOlvML5C9amnZmPgvR3XFIALJosYwHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV
xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213
WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL09sdk1MNUM5YW1uWm1QZ3ZSM1hGSUFM
Sm9zWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/MQwDQYJ
KoZIhvcNAQELBQADggEBAAMEYz9lqebGiQTE5bWnxpTkg0dOFp2UbIsB41wvbRpp
wyZHTloURH7pta5BYtNuF3lUZ/WeBiunlFtVvgu8RO5I9h3+sx+Zvlb5flmxRN2B
NpYDDRthU/wDtuAhzoyRQR5tDcFZ34vresP0CB2z2U06KdQBkS+gHSxl1rXmmxxb
73pxVM7D9uwg2KDYBFoDq8Fg+QfS06WOgktyRdRa3tXhcVI7a+snN17MAsaf1gHH
fvufnfWv66s+Py45F5oONVbl7Z72Xtg5pv64jFKG0UmqfYJbkR0bECnIlzvXlo4g
rBpd+h0ISN+lwBKURoFlb4AA7qea29ub+Rvq0OJBzaM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:16 2025 by rpki-client