Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/AJ8hC88lNPxsJgh7S-ZLn-ktVKk.roa
File: AJ8hC88lNPxsJgh7S-ZLn-ktVKk.roa (raw, json)
Hash identifier: Mo5mK1eV+h0l/QUVqLIJl9kpb6sOGb+d6cZ/xUwW6+c=
Subject key identifier: 00:9F:21:0B:CF:25:34:FC:6C:26:08:7B:4B:E6:4B:9F:E9:2D:54:A9
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 0C97
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/AJ8hC88lNPxsJgh7S-ZLn-ktVKk.roa
Signing time: Mon 26 Aug 2024 05:12:27 +0000
ROA not before: Mon 26 Aug 2024 05:12:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 61.65.224.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:04:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3223 (0xc97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Aug 26 05:12:27 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=009F210BCF2534FC6C26087B4BE64B9FE92D54A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bd:75:c8:5c:06:ac:c2:19:a0:45:f6:c3:02:
2e:60:6c:3d:f4:46:3f:a9:24:87:a3:18:c3:1c:12:
18:b5:e7:3c:23:27:fe:ca:b9:8e:6b:09:4a:ad:65:
03:13:9c:0e:30:16:25:40:3a:3f:71:60:40:0a:0c:
54:f2:37:1e:bf:4a:8e:d2:23:c8:6e:e8:b4:a6:a6:
40:55:05:2f:17:73:c0:02:e5:57:d8:a4:56:05:8e:
31:17:c1:67:2c:c5:8d:35:38:3f:68:52:7c:14:8d:
8d:42:2d:1f:a9:c0:39:ad:5c:2e:7f:db:aa:c9:a6:
98:98:2e:92:2c:fd:61:88:e4:ad:6d:92:8c:51:20:
7c:e9:66:ee:af:07:ea:7b:63:6a:88:80:ad:14:74:
c8:35:8e:e3:92:64:7c:cf:2a:7d:f2:c6:56:12:3c:
84:96:00:55:11:14:da:65:77:10:82:45:7e:d3:ed:
00:18:d0:4a:af:ec:1f:f5:fd:7e:73:7a:00:f3:d9:
51:b2:a4:97:61:ea:7e:c6:8c:17:8a:ee:b1:62:b9:
d7:c2:e8:cf:e9:70:ff:5d:17:8b:a4:6b:d7:e9:85:
e6:38:22:45:20:df:57:0b:f8:6e:2b:92:15:ae:1a:
32:fa:29:d5:e7:ae:a8:f8:13:f7:d4:9e:89:97:d2:
13:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9F:21:0B:CF:25:34:FC:6C:26:08:7B:4B:E6:4B:9F:E9:2D:54:A9
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/AJ8hC88lNPxsJgh7S-ZLn-ktVKk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.224.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:fa:17:73:89:b8:80:00:5b:72:9c:7c:ca:8d:c7:9c:5f:0f:
80:91:74:1a:6d:89:21:74:23:88:f7:3f:52:e3:60:91:cf:9a:
69:55:72:0a:1c:37:ed:a7:e4:66:b4:2a:b3:38:df:4d:bc:64:
57:9f:c0:b0:cd:27:c5:4b:2c:e7:b4:b0:09:3c:0a:2e:3f:63:
5e:f1:12:e1:f2:d8:b8:ac:d8:e8:04:52:cf:4e:1e:3c:f0:3d:
e1:75:2b:fe:e1:bb:43:ea:15:bb:b3:9c:cd:1a:6b:63:03:1a:
65:28:b2:8a:7c:cc:d5:61:f5:fc:d9:50:c7:52:8e:0c:8c:c5:
c8:57:77:b0:31:92:c3:23:a3:07:b9:50:e5:fd:b9:e0:70:c2:
cb:bf:4f:47:71:b9:25:59:78:74:d6:97:7a:3d:85:5b:dc:72:
7a:ff:d5:0e:a0:ca:14:e5:9c:b8:76:01:da:67:49:6a:ce:67:
a6:aa:32:d5:74:4c:54:aa:17:59:33:40:84:05:3d:46:83:e0:
a2:08:7a:f8:f5:97:76:53:bc:72:c4:ec:5b:e5:a9:00:1b:8f:
49:95:b0:16:fe:41:94:d8:43:2d:57:2a:d2:4c:cd:dc:41:cd:
e8:10:9b:1a:26:a2:a7:a2:10:fd:29:2f:0c:01:36:e1:80:f9:
67:f4:ec:fc
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDJcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw
NTEyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAwOUYyMTBCQ0YyNTM0
RkM2QzI2MDg3QjRCRTY0QjlGRTkyRDU0QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8vXXIXAaswhmgRfbDAi5gbD30Rj+pJIejGMMcEhi15zwjJ/7K
uY5rCUqtZQMTnA4wFiVAOj9xYEAKDFTyNx6/So7SI8hu6LSmpkBVBS8Xc8AC5VfY
pFYFjjEXwWcsxY01OD9oUnwUjY1CLR+pwDmtXC5/26rJppiYLpIs/WGI5K1tkoxR
IHzpZu6vB+p7Y2qIgK0UdMg1juOSZHzPKn3yxlYSPISWAFURFNpldxCCRX7T7QAY
0Eqv7B/1/X5zegDz2VGypJdh6n7GjBeK7rFiudfC6M/pcP9dF4uka9fpheY4IkUg
31cL+G4rkhWuGjL6KdXnrqj4E/fUnomX0hM7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUAJ8hC88lNPxsJgh7S+ZLn+ktVKkwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9BSjhoQzg4bE5QeHNK
Z2g3Uy1aTG4ta3RWS2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDPUHgMA0GCSqGSIb3DQEBCwUAA4IBAQAd+hdzibiAAFtynHzKjcecXw+AkXQa
bYkhdCOI9z9S42CRz5ppVXIKHDftp+RmtCqzON9NvGRXn8CwzSfFSyzntLAJPAou
P2Ne8RLh8ti4rNjoBFLPTh488D3hdSv+4btD6hW7s5zNGmtjAxplKLKKfMzVYfX8
2VDHUo4MjMXIV3ewMZLDI6MHuVDl/bngcMLLv09HcbklWXh01pd6PYVb3HJ6/9UO
oMoU5Zy4dgHaZ0lqzmemqjLVdExUqhdZM0CEBT1Gg+CiCHr49Zd2U7xyxOxb5akA
G49JlbAW/kGU2EMtVyrSTM3cQc3oEJsaJqKnohD9KS8MATbhgPln9Oz8
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:53:41 2025 by rpki-client