Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa
File: BrFlO8WQselaYPNxu97POxrpucs.roa (raw, json)
Hash identifier: KF8zXAtSY2gEqZOY6db+hgWM4AXQQLg3uMga/L7PpsA=
Subject key identifier: 06:B1:65:3B:C5:90:B1:E9:5A:60:F3:71:BB:DE:CF:3B:1A:E9:B9:CB
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 0C96
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa
Signing time: Mon 26 Aug 2024 05:12:27 +0000
ROA not before: Mon 26 Aug 2024 05:12:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 61.65.240.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3222 (0xc96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Aug 26 05:12:27 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=06B1653BC590B1E95A60F371BBDECF3B1AE9B9CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:36:f3:d4:72:7c:e7:48:7b:6f:8f:36:ca:
94:53:da:cc:08:91:14:70:70:91:9c:e1:96:02:a9:
8b:8c:a4:41:db:93:f7:04:4e:ed:85:59:ff:65:0d:
dd:50:89:f3:c4:3f:b7:62:40:3d:da:6b:c9:bd:00:
1e:0a:61:51:71:f3:dd:08:88:a3:d6:c1:be:c2:14:
1f:7a:7f:71:5b:d7:37:8b:ad:88:4b:b3:ac:5a:31:
5e:2a:e5:03:93:67:b3:b6:bd:4b:eb:9d:fd:fb:55:
23:3e:f8:39:82:25:89:b2:ae:a6:72:e4:06:a1:e3:
ad:e7:b2:aa:c6:d3:3c:8a:ff:94:69:07:80:48:cc:
f2:1c:fc:7c:1c:00:ce:1b:d0:77:de:49:26:1c:77:
b6:c7:fe:08:32:b6:f2:82:8f:e9:b8:3d:6c:d7:1a:
32:0b:15:67:fd:32:ec:f3:94:2f:8e:38:a7:7f:d2:
08:44:d6:3c:be:bf:01:51:3f:52:29:66:7a:fa:34:
c3:32:c7:c3:21:57:fd:ce:2f:79:4d:58:98:2d:ec:
3d:bb:0d:1e:fc:a6:1f:4b:2a:68:97:d1:32:cc:3d:
26:1a:79:d8:1d:df:aa:4b:15:73:cc:8d:e4:2e:a5:
26:27:0b:10:1d:78:d3:69:21:44:f0:04:62:7c:8e:
8c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B1:65:3B:C5:90:B1:E9:5A:60:F3:71:BB:DE:CF:3B:1A:E9:B9:CB
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/BrFlO8WQselaYPNxu97POxrpucs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:42:ab:ff:6a:79:9a:34:30:ba:4e:d3:a1:a8:05:de:70:b1:
ef:dd:91:bc:06:e9:ad:37:b3:96:d4:31:e9:c8:61:78:c6:14:
d6:13:b0:bc:1f:ec:db:79:05:35:44:af:24:a1:ea:d8:f2:7d:
e2:9d:76:57:b3:86:ee:db:96:b1:a3:9b:86:93:98:ee:28:e3:
69:d7:87:b4:d8:fa:c3:ca:e4:c7:63:54:e9:b9:5e:06:f3:05:
4a:c5:47:a1:03:4a:21:ad:2a:6f:d7:26:a2:5d:5a:c8:70:d4:
5f:f3:fc:b1:dd:d1:1b:51:fa:31:a6:19:31:4e:c2:ee:96:19:
22:44:d1:65:60:ab:d6:00:1d:47:58:06:11:f9:d4:0b:7f:ec:
6e:a9:bb:83:3e:3d:d6:c4:6c:db:33:6e:d6:2a:12:87:ab:f7:
39:e0:14:8a:1c:60:1c:51:c2:70:ad:98:81:b0:86:12:87:58:
33:14:f5:bc:99:a7:55:7c:7d:06:d5:d1:23:ab:5d:7d:7b:0c:
14:77:d4:2e:9b:92:4d:9f:b4:c6:2b:54:2b:5c:68:15:f2:cd:
5e:31:87:d7:1e:ea:b5:2c:24:df:f5:9b:04:bd:61:22:82:ca:
d3:70:14:b1:53:5b:43:6b:03:18:af:89:a1:4a:96:b5:bb:88:
ca:13:fe:39
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNDA4MjYw
NTEyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA2QjE2NTNCQzU5MEIx
RTk1QTYwRjM3MUJCREVDRjNCMUFFOUI5Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC39Dbz1HJ850h7b482ypRT2swIkRRwcJGc4ZYCqYuMpEHbk/cE
Tu2FWf9lDd1QifPEP7diQD3aa8m9AB4KYVFx890IiKPWwb7CFB96f3Fb1zeLrYhL
s6xaMV4q5QOTZ7O2vUvrnf37VSM++DmCJYmyrqZy5Aah463nsqrG0zyK/5RpB4BI
zPIc/HwcAM4b0HfeSSYcd7bH/ggytvKCj+m4PWzXGjILFWf9MuzzlC+OOKd/0ghE
1jy+vwFRP1IpZnr6NMMyx8MhV/3OL3lNWJgt7D27DR78ph9LKmiX0TLMPSYaedgd
36pLFXPMjeQupSYnCxAdeNNpIUTwBGJ8jow7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUBrFlO8WQselaYPNxu97POxrpucswHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9CckZsTzhXUXNlbGFZ
UE54dTk3UE94cnB1Y3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQEPUHwMA0GCSqGSIb3DQEBCwUAA4IBAQBMQqv/anmaNDC6TtOhqAXecLHv3ZG8
BumtN7OW1DHpyGF4xhTWE7C8H+zbeQU1RK8koerY8n3inXZXs4bu25axo5uGk5ju
KONp14e02PrDyuTHY1TpuV4G8wVKxUehA0ohrSpv1yaiXVrIcNRf8/yx3dEbUfox
phkxTsLulhkiRNFlYKvWAB1HWAYR+dQLf+xuqbuDPj3WxGzbM27WKhKHq/c54BSK
HGAcUcJwrZiBsIYSh1gzFPW8madVfH0G1dEjq119ewwUd9Qum5JNn7TGK1QrXGgV
8s1eMYfXHuq1LCTf9ZsEvWEigsrTcBSxU1tDawMYr4mhSpa1u4jKE/45
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:14:49 2025 by rpki-client