Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa
File: 2HkOljt6PitKWNiSGTEpEraUVVY.roa (raw, json)
Hash identifier: xnoYuT+fGYB3RO6jLzZmUPbJ4uWglUHFNe5S398UZLU=
Subject key identifier: D8:79:0E:96:3B:7A:3E:2B:4A:58:D8:92:19:31:29:12:B6:94:55:56
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 0C99
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa
Signing time: Mon 26 Aug 2024 05:12:27 +0000
ROA not before: Mon 26 Aug 2024 05:12:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 198949
IP address blocks: 61.65.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3225 (0xc99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Aug 26 05:12:27 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D8790E963B7A3E2B4A58D89219312912B6945556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:cc:2b:71:86:ae:4b:81:27:cc:51:a2:c9:13:
36:5b:a8:8b:54:79:f1:bd:fc:e3:38:c4:62:0f:9e:
01:a6:30:d6:87:f9:5f:54:ab:4e:6d:8c:dc:3e:e1:
6c:c7:00:5a:47:a1:c3:ac:71:cf:c8:cc:1e:34:e5:
82:c0:3d:51:13:89:fd:18:08:62:d7:fd:c5:45:6d:
4b:f8:02:bb:1a:e1:c1:67:f5:9f:0d:c2:c2:db:c2:
5a:c1:81:d2:77:d2:3e:2e:f1:1f:ec:43:ca:95:09:
0c:de:db:c0:19:7e:36:c1:d8:44:ee:bc:08:c4:03:
ff:c5:f9:72:21:1e:72:60:6d:4f:d8:4d:1d:75:c4:
a3:be:d5:9f:f5:18:d6:89:6a:61:1c:e6:8c:6a:8f:
32:71:cc:ec:98:61:bb:df:80:20:cb:f1:89:fa:4c:
c0:9d:f2:b6:a3:93:28:8d:0d:e0:af:11:2b:8c:03:
b1:24:ad:20:50:4b:e7:13:22:8c:d0:51:01:38:15:
26:fa:e3:c5:00:0d:e8:a8:e2:05:40:67:31:c9:fc:
b6:74:bd:9a:65:b7:af:37:a8:00:c2:c8:af:6f:06:
d8:bf:26:27:f8:95:99:44:ba:e2:df:38:50:c5:52:
6b:f0:8c:8f:b0:f8:56:15:79:d1:56:04:a4:0d:31:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:79:0E:96:3B:7A:3E:2B:4A:58:D8:92:19:31:29:12:B6:94:55:56
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/2HkOljt6PitKWNiSGTEpEraUVVY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.237.0/24
Signature Algorithm: sha256WithRSAEncryption
43:29:e3:b9:37:63:c7:2b:71:dd:b5:ac:f0:43:7b:c8:15:c6:
43:af:5c:15:b5:91:37:f1:6b:5e:37:92:0a:76:f6:df:7b:0e:
e5:cf:bb:15:11:bd:ce:f4:a6:83:1f:a3:a6:6e:fb:96:03:13:
5c:37:b2:fd:a1:fa:ce:70:85:3e:50:96:95:d4:a5:48:5b:d9:
ea:0b:21:ab:f7:0d:59:4f:5e:04:08:a8:a1:56:08:6b:64:a0:
6a:37:bf:cf:e0:91:5f:02:1d:33:ee:30:d1:47:e0:dd:ba:ca:
fa:67:a4:cf:60:fb:b1:1f:ca:c8:b7:c8:18:18:8f:e7:5b:b2:
24:10:58:4b:89:94:ab:5c:8b:6a:d0:fe:05:d8:9d:59:6b:ae:
57:00:a6:3b:da:8d:89:eb:6b:25:f0:50:fe:51:cb:d0:0c:9f:
7d:40:19:1b:f1:26:42:ec:7c:ed:3b:13:c9:96:7d:ad:36:4d:
82:e9:02:52:8c:87:c3:8b:45:f5:8a:bf:94:38:c9:89:ab:e9:
e3:b1:da:a9:fb:df:0d:ad:3f:12:29:69:c1:03:0a:44:2b:01:
ff:83:77:62:f7:1e:06:5b:fa:9e:0f:fc:d2:e7:0e:69:88:f3:
93:d7:f9:4b:c5:f3:cb:50:86:6f:cf:1e:8c:5b:32:17:46:ae:
6b:54:c4:9e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw
NTEyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4NzkwRTk2M0I3QTNF
MkI0QTU4RDg5MjE5MzEyOTEyQjY5NDU1NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvzCtxhq5LgSfMUaLJEzZbqItUefG9/OM4xGIPngGmMNaH+V9U
q05tjNw+4WzHAFpHocOscc/IzB405YLAPVETif0YCGLX/cVFbUv4Arsa4cFn9Z8N
wsLbwlrBgdJ30j4u8R/sQ8qVCQze28AZfjbB2ETuvAjEA//F+XIhHnJgbU/YTR11
xKO+1Z/1GNaJamEc5oxqjzJxzOyYYbvfgCDL8Yn6TMCd8rajkyiNDeCvESuMA7Ek
rSBQS+cTIozQUQE4FSb648UADeio4gVAZzHJ/LZ0vZplt683qADCyK9vBti/Jif4
lZlEuuLfOFDFUmvwjI+w+FYVedFWBKQNMXN9AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU2HkOljt6PitKWNiSGTEpEraUVVYwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy8ySGtPbGp0NlBpdEtX
TmlTR1RFcEVyYVVWVlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAPUHtMA0GCSqGSIb3DQEBCwUAA4IBAQBDKeO5N2PHK3HdtazwQ3vIFcZDr1wV
tZE38WteN5IKdvbfew7lz7sVEb3O9KaDH6OmbvuWAxNcN7L9ofrOcIU+UJaV1KVI
W9nqCyGr9w1ZT14ECKihVghrZKBqN7/P4JFfAh0z7jDRR+Ddusr6Z6TPYPuxH8rI
t8gYGI/nW7IkEFhLiZSrXItq0P4F2J1Za65XAKY72o2J62sl8FD+UcvQDJ99QBkb
8SZC7HztOxPJln2tNk2C6QJSjIfDi0X1ir+UOMmJq+njsdqp+98NrT8SKWnBAwpE
KwH/g3di9x4GW/qeD/zS5w5piPOT1/lLxfPLUIZvzx6MWzIXRq5rVMSe
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:14:49 2025 by rpki-client