Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/MQhZ5jmalVvNVJHO4OH5ZAia3dA.roa
File: MQhZ5jmalVvNVJHO4OH5ZAia3dA.roa (raw, json)
Hash identifier: nsU7r+qTW6/juBoXkesAO8WA8/ufxJQYcZIG53j6br8=
Subject key identifier: 31:08:59:E6:39:9A:95:5B:CD:54:91:CE:E0:E1:F9:64:08:9A:DD:D0
Certificate issuer: /CN=18133C9A82B6428B8BE77F62804D22E218A45745
Certificate serial: 03
Authority key identifier: 18:13:3C:9A:82:B6:42:8B:8B:E7:7F:62:80:4D:22:E2:18:A4:57:45
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GBM8moK2QouL539igE0i4hikV0U.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/MQhZ5jmalVvNVJHO4OH5ZAia3dA.roa
Signing time: Fri 13 Dec 2024 04:17:33 +0000
ROA not before: Fri 13 Dec 2024 04:17:33 +0000
ROA not after: Thu 27 Nov 2025 15:30:38 +0000
asID: 17413
IP address blocks: 160.250.98.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18133C9A82B6428B8BE77F62804D22E218A45745
Validity
Not Before: Dec 13 04:17:33 2024 GMT
Not After : Nov 27 15:30:38 2025 GMT
Subject: CN=310859E6399A955BCD5491CEE0E1F964089ADDD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:23:81:26:87:e2:9d:9f:a2:dd:02:03:78:
08:71:00:2a:0c:b2:83:8b:38:55:1a:43:44:ad:30:
80:56:22:44:6d:99:64:d8:d2:d6:06:3d:c6:0c:41:
64:bf:38:2e:88:3d:67:c4:55:59:73:aa:8c:55:77:
84:22:91:bc:6c:60:d1:9e:70:00:e0:b8:a7:35:47:
3f:99:fa:f5:d2:44:3b:b0:a0:36:d1:44:ad:89:60:
ca:76:b9:4d:d0:3c:46:8e:a7:26:f7:03:76:16:db:
7b:45:b4:8e:6d:85:ab:83:54:ae:5d:d1:55:3b:b5:
cf:04:6f:d2:82:69:8f:93:6f:ba:6f:d6:4f:dc:02:
0b:c0:23:19:03:7e:d0:f1:ca:e2:c1:a7:f6:2e:c0:
cb:89:57:d2:e5:03:57:ce:24:fa:94:4c:fd:e3:29:
65:ec:56:2d:4a:77:c3:ec:d3:b7:fe:ad:fc:f9:e0:
60:da:3b:0f:97:9e:5b:21:e9:3f:98:76:fe:57:de:
f2:fd:7d:9b:c2:5c:0a:1d:ad:1f:3d:13:20:f2:b1:
d4:bb:bb:1c:76:d2:28:37:60:aa:30:f7:6b:58:f4:
8b:5f:b6:ea:87:67:bc:cf:6b:3b:b7:a9:13:04:ef:
1a:6c:76:16:a9:bf:67:19:41:20:c8:08:96:8d:a6:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:08:59:E6:39:9A:95:5B:CD:54:91:CE:E0:E1:F9:64:08:9A:DD:D0
X509v3 Authority Key Identifier:
keyid:18:13:3C:9A:82:B6:42:8B:8B:E7:7F:62:80:4D:22:E2:18:A4:57:45
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/GBM8moK2QouL539igE0i4hikV0U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GBM8moK2QouL539igE0i4hikV0U.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DODOLTD/MQhZ5jmalVvNVJHO4OH5ZAia3dA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.98.0/23
Signature Algorithm: sha256WithRSAEncryption
20:96:0a:28:74:8f:c8:94:94:96:b8:04:8d:80:45:ff:2f:23:
63:8a:18:87:a5:04:43:ea:83:0e:94:27:b5:32:e0:b1:9e:17:
8c:9c:05:75:e7:45:66:40:af:f4:51:e2:69:b7:46:60:3b:27:
fb:96:3d:7a:e0:c2:1d:c5:48:f3:5b:3e:fd:e0:37:57:5a:47:
05:76:f5:61:3b:4c:eb:eb:bd:a5:db:cc:ad:39:51:8c:d9:c9:
19:7b:52:99:0d:04:04:a9:07:a3:f8:47:d4:aa:19:0a:ee:93:
51:89:d8:61:3e:99:a7:05:67:f7:3f:63:73:0d:32:4b:16:72:
34:49:41:6a:69:62:98:94:4e:79:70:30:29:fd:40:40:ba:b1:
a3:23:5b:35:8b:3f:f2:2c:43:f0:18:a4:21:0b:24:5e:cd:94:
34:d7:fd:4a:11:d0:f5:cc:da:d0:fb:a9:d3:2e:7d:8c:38:69:
23:f3:83:6f:90:91:39:be:6d:b8:04:71:e5:ad:85:08:c4:e2:
3d:a7:a0:6c:20:28:a5:bd:e2:e2:ff:66:25:ab:3a:26:e2:bb:
8f:a8:f4:97:b5:a4:ae:cf:4f:0c:a6:03:3a:aa:13:c0:20:9e:
82:da:28:45:a7:de:23:27:9d:60:61:29:31:2d:e2:53:17:a4:
d7:ea:e6:4f
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxODEz
M0M5QTgyQjY0MjhCOEJFNzdGNjI4MDREMjJFMjE4QTQ1NzQ1MB4XDTI0MTIxMzA0
MTczM1oXDTI1MTEyNzE1MzAzOFowMzExMC8GA1UEAxMoMzEwODU5RTYzOTlBOTU1
QkNENTQ5MUNFRTBFMUY5NjQwODlBREREMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMukI4Emh+Kdn6LdAgN4CHEAKgyyg4s4VRpDRK0wgFYiRG2ZZNjS
1gY9xgxBZL84Log9Z8RVWXOqjFV3hCKRvGxg0Z5wAOC4pzVHP5n69dJEO7CgNtFE
rYlgyna5TdA8Ro6nJvcDdhbbe0W0jm2Fq4NUrl3RVTu1zwRv0oJpj5Nvum/WT9wC
C8AjGQN+0PHK4sGn9i7Ay4lX0uUDV84k+pRM/eMpZexWLUp3w+zTt/6t/PngYNo7
D5eeWyHpP5h2/lfe8v19m8JcCh2tHz0TIPKx1Lu7HHbSKDdgqjD3a1j0i1+26odn
vM9rO7epEwTvGmx2Fqm/ZxlBIMgIlo2m3yECAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBQxCFnmOZqVW81Ukc7g4flkCJrd0DAfBgNVHSMEGDAWgBQYEzyagrZCi4vnf2KA
TSLiGKRXRTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET0RPTFRE
L0dCTThtb0syUW91TDUzOWlnRTBpNGhpa1YwVS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvR0JNOG1vSzJRb3VMNTM5aWdFMGk0aGlrVjBVLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9ET0xURC9NUWhaNWptYWxWdk5WSkhP
NE9INVpBaWEzZEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
oPpiMA0GCSqGSIb3DQEBCwUAA4IBAQAglgoodI/IlJSWuASNgEX/LyNjihiHpQRD
6oMOlCe1MuCxnheMnAV150VmQK/0UeJpt0ZgOyf7lj164MIdxUjzWz794DdXWkcF
dvVhO0zr672l28ytOVGM2ckZe1KZDQQEqQej+EfUqhkK7pNRidhhPpmnBWf3P2Nz
DTJLFnI0SUFqaWKYlE55cDAp/UBAurGjI1s1iz/yLEPwGKQhCyRezZQ01/1KEdD1
zNrQ+6nTLn2MOGkj84NvkJE5vm24BHHlrYUIxOI9p6BsICilveLi/2Ylqzom4ruP
qPSXtaSuz08MpgM6qhPAIJ6C2ihFp94jJ51gYSkxLeJTF6TX6uZP
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:02:05 2025 by rpki-client