Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa
File: KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa (raw, json)
Hash identifier: cdBIvBsG/PyM+behzm0COB0Q7dn2qUVEheFyRkMVMCo=
Subject key identifier: 29:FA:C7:3E:1E:18:86:F7:E7:E1:65:B2:F6:57:20:9A:64:A5:B9:3A
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0CEF
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa
Signing time: Mon 26 Aug 2024 05:12:50 +0000
ROA not before: Mon 26 Aug 2024 05:12:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9244
IP address blocks: 61.56.64.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3311 (0xcef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Aug 26 05:12:50 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=29FAC73E1E1886F7E7E165B2F657209A64A5B93A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:ed:b1:77:c2:8b:69:fc:15:de:a3:9e:87:
da:44:a4:e4:98:77:2a:ca:8b:91:c2:34:0e:0b:0d:
9c:a8:b7:b7:9d:22:db:5d:18:cf:13:90:79:f8:2a:
75:37:af:65:5e:51:37:8c:92:86:fc:c7:5b:65:78:
f1:20:d3:ba:ca:13:92:f6:64:84:6c:31:72:6b:98:
1d:5c:6f:9b:f1:aa:e0:33:72:77:b2:f7:b8:d3:d6:
21:4e:8a:ae:cf:37:3e:2c:ea:56:1f:ba:cb:33:b0:
55:83:a9:dc:3f:79:7e:83:b9:e4:d2:71:29:f0:62:
02:5f:0d:8b:46:a9:81:28:54:26:2a:94:77:34:29:
3f:9c:13:ca:15:eb:c3:2e:31:50:e1:15:50:23:8e:
08:5b:92:6d:7b:7b:fb:da:c5:e5:37:8a:5b:9e:9a:
11:f1:71:6a:6b:b8:f9:03:3a:11:8b:46:76:5f:ef:
21:73:93:2f:7b:29:c7:db:45:69:4c:38:7d:58:a0:
6e:dc:ca:11:55:11:a5:84:85:5a:85:1a:90:0d:98:
6a:51:40:23:bb:52:3b:5a:2b:25:01:ee:34:d3:e2:
06:f9:ea:34:f1:a8:28:fc:1b:1b:9d:ae:0f:3e:f3:
db:9e:f6:52:66:ca:f2:38:9c:87:5a:4d:93:0e:ef:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FA:C7:3E:1E:18:86:F7:E7:E1:65:B2:F6:57:20:9A:64:A5:B9:3A
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/KfrHPh4Yhvfn4WWy9lcgmmSluTo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.64.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:4b:f8:8b:72:bf:4f:d6:a6:6b:f9:26:72:f1:42:f5:3f:e4:
41:b9:dc:de:0a:a6:5d:50:97:7f:13:58:fa:fb:ef:c1:95:61:
4d:83:7a:b4:07:97:9a:29:93:38:68:b8:bb:ef:6a:06:11:5f:
90:dc:de:fb:3e:de:4d:c8:a3:09:b9:80:c4:d9:02:03:d2:c2:
e4:4a:5e:f9:03:e3:1d:7d:fa:27:07:95:28:90:52:b1:42:cd:
39:2c:1c:d4:55:02:ce:36:85:a1:3f:23:ca:ab:ab:ae:71:34:
32:7c:a0:8e:c8:c9:8d:85:9b:61:b7:f7:aa:88:4b:c0:13:aa:
f6:e4:be:6f:53:aa:45:d8:96:31:4b:4c:bc:09:47:3e:f7:66:
78:68:84:93:eb:c6:30:1d:45:e7:87:1e:8b:2a:1b:31:3f:f4:
02:56:a8:b5:85:33:85:4e:44:bd:85:20:cf:37:83:4c:89:e5:
19:f9:0c:5e:64:28:45:1a:e3:16:7e:06:13:23:c6:25:1b:01:
22:a6:d1:d4:11:1e:32:bc:c5:5a:41:9c:2a:58:d3:c1:f3:bd:
d4:91:5e:b2:62:c0:7d:41:8c:43:bf:06:4e:83:3c:d5:cf:38:
eb:52:e7:3a:b6:73:db:29:68:34:c7:dd:28:9e:ff:8c:f2:08:
0e:9d:29:0b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNDA4MjYw
NTEyNTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5RkFDNzNFMUUxODg2
RjdFN0UxNjVCMkY2NTcyMDlBNjRBNUI5M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwtu2xd8KLafwV3qOeh9pEpOSYdyrKi5HCNA4LDZyot7edIttd
GM8TkHn4KnU3r2VeUTeMkob8x1tlePEg07rKE5L2ZIRsMXJrmB1cb5vxquAzcney
97jT1iFOiq7PNz4s6lYfusszsFWDqdw/eX6DueTScSnwYgJfDYtGqYEoVCYqlHc0
KT+cE8oV68MuMVDhFVAjjghbkm17e/vaxeU3iluemhHxcWpruPkDOhGLRnZf7yFz
ky97KcfbRWlMOH1YoG7cyhFVEaWEhVqFGpANmGpRQCO7UjtaKyUB7jTT4gb56jTx
qCj8Gxudrg8+89ue9lJmyvI4nIdaTZMO72ZTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKfrHPh4Yhvfn4WWy9lcgmmSluTowHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL0tmckhQaDRZaHZmbjRXV3k5
bGNnbW1TbHVUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
OEAwDQYJKoZIhvcNAQELBQADggEBADtL+Ityv0/Wpmv5JnLxQvU/5EG53N4Kpl1Q
l38TWPr778GVYU2DerQHl5opkzhouLvvagYRX5Dc3vs+3k3Iowm5gMTZAgPSwuRK
XvkD4x19+icHlSiQUrFCzTksHNRVAs42haE/I8qrq65xNDJ8oI7IyY2Fm2G396qI
S8ATqvbkvm9TqkXYljFLTLwJRz73ZnhohJPrxjAdReeHHosqGzE/9AJWqLWFM4VO
RL2FIM83g0yJ5Rn5DF5kKEUa4xZ+BhMjxiUbASKm0dQRHjK8xVpBnCpY08HzvdSR
XrJiwH1BjEO/Bk6DPNXPOOtS5zq2c9spaDTH3Sie/4zyCA6dKQs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:11 2025 by rpki-client