Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/-nU4r8a7aUdmsK__Y-rmueYnyq4.roa
File: -nU4r8a7aUdmsK__Y-rmueYnyq4.roa (raw, json)
Hash identifier: 09ib0dBBivVOM+GvvUfakOc0iT4y7yD8qVRUsICpa/A=
Subject key identifier: FA:75:38:AF:C6:BB:69:47:66:B0:AF:FF:63:EA:E6:B9:E6:27:CA:AE
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10A8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-nU4r8a7aUdmsK__Y-rmueYnyq4.roa
Signing time: Mon 26 Aug 2024 05:16:39 +0000
ROA not before: Mon 26 Aug 2024 05:16:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 124.218.192.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4264 (0x10a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:39 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FA7538AFC6BB694766B0AFFF63EAE6B9E627CAAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:58:4a:3b:9c:85:47:dd:ed:67:58:60:74:
6f:69:47:0a:0a:43:57:ac:23:0f:01:ac:ef:81:2e:
00:af:0e:a3:53:44:6f:92:ab:66:92:2e:99:80:73:
a1:84:c0:86:db:7a:5c:e0:38:7e:9d:9a:31:35:61:
cd:31:48:54:39:0a:1d:d8:f8:e1:e2:a7:7c:40:d2:
7a:a9:9e:30:45:90:f4:1a:8e:07:6c:7e:a8:8d:59:
a4:94:da:be:59:e0:61:e7:df:c0:9c:57:45:cb:81:
15:54:c3:8d:b1:8a:82:6b:c6:43:d4:e2:f0:0c:8a:
4e:9c:71:75:48:fc:91:8a:e1:5a:85:3a:b4:ba:49:
45:78:ea:5d:08:70:06:c2:b5:bc:77:e1:00:dc:3d:
dc:35:80:d5:54:be:e0:24:56:a8:18:6c:4a:d4:8a:
7b:82:da:a9:ef:8a:6f:12:8b:72:8a:51:96:0d:31:
d4:44:3e:78:75:bb:73:f5:ec:ab:92:40:bc:a3:7d:
cb:bc:0c:ca:b5:55:37:5a:ff:f6:5d:ea:84:f5:75:
68:21:c7:9f:3d:1e:ee:ee:97:df:0f:8f:37:b5:4d:
6c:5d:7d:8b:c0:02:96:25:65:6d:f2:2f:ae:5c:74:
17:61:7e:b5:5d:9c:c1:42:70:ed:42:c3:5e:c8:c5:
3b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:75:38:AF:C6:BB:69:47:66:B0:AF:FF:63:EA:E6:B9:E6:27:CA:AE
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-nU4r8a7aUdmsK__Y-rmueYnyq4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.192.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:a3:02:b0:87:d6:4d:5b:db:81:56:ed:95:f1:df:a5:2e:3b:
0d:26:7f:c0:fa:9d:d3:e5:f5:f1:bf:20:b4:da:eb:6e:80:ff:
ab:20:0a:97:88:4d:83:62:e4:07:1c:02:fc:56:e6:c1:a4:34:
31:ed:ad:0d:f4:7a:c2:e6:51:88:90:37:6c:0f:ba:c8:c9:87:
28:e8:5b:57:7c:10:90:90:59:ae:2d:ee:a7:01:01:d2:0c:59:
bb:83:c1:b0:d3:84:e6:5f:3f:ef:cc:83:be:26:9a:1c:0f:8a:
bc:6c:4e:ea:29:f1:a8:d3:8d:8d:b9:f4:7b:d4:11:86:99:ae:
01:42:9f:0f:16:79:36:c3:fb:f3:6d:d9:da:fe:ed:38:c1:99:
c7:de:69:fa:7c:3d:e4:9b:8b:f1:92:b3:c6:94:6c:91:7c:6a:
41:ca:cb:6a:fb:d4:ed:bb:3b:50:a2:ad:79:77:81:dc:25:40:
a4:6e:3f:c2:c2:e0:d0:fc:b4:1e:41:cb:fc:80:de:81:17:6c:
2a:57:3b:39:c4:86:97:fc:c5:1b:b1:69:c7:ca:c7:89:96:57:
a2:7e:a2:b5:92:5f:4a:fc:68:e3:7b:43:e4:3c:c6:44:6e:13:
44:82:bf:37:46:a5:11:54:de:a7:ac:b2:7a:59:32:25:d4:93:
82:90:ba:81
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZBNzUzOEFGQzZCQjY5
NDc2NkIwQUZGRjYzRUFFNkI5RTYyN0NBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy9lhKO5yFR93tZ1hgdG9pRwoKQ1esIw8BrO+BLgCvDqNTRG+S
q2aSLpmAc6GEwIbbelzgOH6dmjE1Yc0xSFQ5Ch3Y+OHip3xA0nqpnjBFkPQajgds
fqiNWaSU2r5Z4GHn38CcV0XLgRVUw42xioJrxkPU4vAMik6ccXVI/JGK4VqFOrS6
SUV46l0IcAbCtbx34QDcPdw1gNVUvuAkVqgYbErUinuC2qnvim8Si3KKUZYNMdRE
Pnh1u3P17KuSQLyjfcu8DMq1VTda//Zd6oT1dWghx589Hu7ul98Pjze1TWxdfYvA
ApYlZW3yL65cdBdhfrVdnMFCcO1Cw17IxTtJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU+nU4r8a7aUdmsK//Y+rmueYnyq4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULy1uVTRyOGE3YVVkbXNLX19ZLXJtdWVZ
bnlxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAV82sAwDQYJ
KoZIhvcNAQELBQADggEBADyjArCH1k1b24FW7ZXx36UuOw0mf8D6ndPl9fG/ILTa
626A/6sgCpeITYNi5AccAvxW5sGkNDHtrQ30esLmUYiQN2wPusjJhyjoW1d8EJCQ
Wa4t7qcBAdIMWbuDwbDThOZfP+/Mg74mmhwPirxsTuop8ajTjY259HvUEYaZrgFC
nw8WeTbD+/Nt2dr+7TjBmcfeafp8PeSbi/GSs8aUbJF8akHKy2r71O27O1CirXl3
gdwlQKRuP8LC4ND8tB5By/yA3oEXbCpXOznEhpf8xRuxacfKx4mWV6J+orWSX0r8
aON7Q+Q8xkRuE0SCvzdGpRFU3qessnpZMiXUk4KQuoE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:26 2025 by rpki-client