Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/-QE4XZgG_OPiX8vIobSEhS8dNE0.roa
File: -QE4XZgG_OPiX8vIobSEhS8dNE0.roa (raw, json)
Hash identifier: PZPXtF8ZkZNykOX1dWvasWad4cw2osmJXX1Hf7/VPnk=
Subject key identifier: F9:01:38:5D:98:06:FC:E3:E2:5F:CB:C8:A1:B4:84:85:2F:1D:34:4D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0FF8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-QE4XZgG_OPiX8vIobSEhS8dNE0.roa
Signing time: Mon 26 Aug 2024 05:15:56 +0000
ROA not before: Mon 26 Aug 2024 05:15:56 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131584
IP address blocks: 210.203.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4088 (0xff8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:15:56 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F901385D9806FCE3E25FCBC8A1B484852F1D344D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:68:17:47:03:77:5a:f0:4e:7b:1a:b8:19:e4:
1f:78:94:6a:0c:37:d9:b4:ec:e9:a7:73:ed:6f:1f:
63:55:16:02:b3:5f:99:51:4a:31:4a:13:e8:b7:82:
52:2d:3f:21:53:7e:c1:97:34:fb:e0:00:d9:1e:1a:
50:6d:f7:93:44:d2:e2:7e:90:1d:45:44:5f:16:11:
72:a2:1d:26:db:23:98:8f:f1:24:0f:99:49:c3:a4:
0e:a9:01:c0:24:35:99:de:7f:2f:26:e9:fc:ba:f2:
cb:1a:99:e5:2f:bb:b1:dd:f1:c3:97:d9:8c:08:b0:
8d:54:17:a5:69:b8:01:81:f0:63:d0:93:4f:3c:26:
a8:b3:39:31:8e:93:32:69:d5:04:a0:c6:33:f5:f3:
84:81:c7:50:c5:55:fe:38:21:fc:3e:ca:7c:a8:d6:
b5:6a:f1:9b:f8:5e:85:4c:1f:38:60:95:4c:e8:3d:
0d:1f:6e:c0:ee:b3:6e:43:7d:0a:55:c6:91:88:dd:
b6:94:56:e9:bc:d1:e7:a6:8d:83:53:c3:aa:bb:94:
13:3f:40:7b:98:d8:56:d7:24:2b:2c:9f:4b:29:74:
53:60:9f:98:78:09:00:70:83:a5:10:00:69:0b:ae:
05:5c:43:74:b8:4a:0c:72:f4:95:c9:88:60:da:03:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:01:38:5D:98:06:FC:E3:E2:5F:CB:C8:A1:B4:84:85:2F:1D:34:4D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-QE4XZgG_OPiX8vIobSEhS8dNE0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.48.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:4e:4e:e3:51:ae:c3:c5:e4:b4:d4:04:f5:59:d1:f0:05:3a:
97:cf:1c:47:02:2b:3c:48:9d:78:e5:d6:4c:f8:9c:8e:eb:56:
6a:cb:81:ec:45:75:18:08:05:23:8d:7d:de:a2:9f:96:e8:84:
1e:f9:a5:df:e3:c4:c7:8c:40:27:8b:85:53:17:8a:cf:a8:12:
07:ba:b3:29:0c:d7:cf:77:57:6a:48:68:3a:00:61:06:b9:4b:
34:fc:5b:4d:79:1c:7b:69:59:ef:eb:3f:3a:91:59:b1:b1:38:
da:73:ba:e0:0e:a9:eb:ed:07:ee:77:4e:33:43:5b:80:bb:8a:
34:a1:1f:a8:36:2e:d9:67:31:67:4a:5c:4a:60:4c:e5:c6:4f:
71:20:0d:32:fd:2c:40:13:7e:e9:34:3e:a2:96:3d:4d:6f:19:
35:89:62:24:3f:19:25:cb:59:4b:4e:97:e9:04:5d:c8:62:15:
de:82:ae:67:5d:df:f6:bb:cf:74:0a:10:c1:ad:9b:48:22:57:
b3:57:78:34:f9:a8:d2:67:90:c8:0a:1a:6d:88:7b:6d:6b:45:
5d:93:08:b1:b1:89:28:7a:34:c3:0c:53:d1:4f:9a:e7:30:ea:
b9:08:4a:e8:bb:96:f3:4a:58:a2:44:0d:e6:6f:aa:d6:0e:3d:
67:21:c4:1f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE1NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY5MDEzODVEOTgwNkZD
RTNFMjVGQ0JDOEExQjQ4NDg1MkYxRDM0NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzaBdHA3da8E57GrgZ5B94lGoMN9m07Omnc+1vH2NVFgKzX5lR
SjFKE+i3glItPyFTfsGXNPvgANkeGlBt95NE0uJ+kB1FRF8WEXKiHSbbI5iP8SQP
mUnDpA6pAcAkNZnefy8m6fy68ssameUvu7Hd8cOX2YwIsI1UF6VpuAGB8GPQk088
JqizOTGOkzJp1QSgxjP184SBx1DFVf44Ifw+ynyo1rVq8Zv4XoVMHzhglUzoPQ0f
bsDus25DfQpVxpGI3baUVum80eemjYNTw6q7lBM/QHuY2FbXJCssn0spdFNgn5h4
CQBwg6UQAGkLrgVcQ3S4Sgxy9JXJiGDaAwcfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU+QE4XZgG/OPiX8vIobSEhS8dNE0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULy1RRTRYWmdHX09QaVg4dklvYlNFaFM4
ZE5FMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyzAwDQYJ
KoZIhvcNAQELBQADggEBAF9OTuNRrsPF5LTUBPVZ0fAFOpfPHEcCKzxInXjl1kz4
nI7rVmrLgexFdRgIBSONfd6in5bohB75pd/jxMeMQCeLhVMXis+oEge6sykM1893
V2pIaDoAYQa5SzT8W015HHtpWe/rPzqRWbGxONpzuuAOqevtB+53TjNDW4C7ijSh
H6g2LtlnMWdKXEpgTOXGT3EgDTL9LEATfuk0PqKWPU1vGTWJYiQ/GSXLWUtOl+kE
XchiFd6Crmdd3/a7z3QKEMGtm0giV7NXeDT5qNJnkMgKGm2Ie21rRV2TCLGxiSh6
NMMMU9FPmucw6rkISui7lvNKWKJEDeZvqtYOPWchxB8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:51 2025 by rpki-client