Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/I7z4U_47XC2PLP-s7Kdn0K11w24.roa
File: I7z4U_47XC2PLP-s7Kdn0K11w24.roa (raw, json)
Hash identifier: HzPz2YI5PKZZgZQTjkjGGfbzfRLZwf+wrQB1SbYGhj4=
Subject key identifier: 23:BC:F8:53:FE:3B:5C:2D:8F:2C:FF:AC:EC:A7:67:D0:AD:75:C3:6E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 100D
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/I7z4U_47XC2PLP-s7Kdn0K11w24.roa
Signing time: Mon 26 Aug 2024 05:16:00 +0000
ROA not before: Mon 26 Aug 2024 05:16:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 60.244.0.0/17 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4109 (0x100d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:00 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=23BCF853FE3B5C2D8F2CFFACECA767D0AD75C36E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8c:d2:02:d3:26:81:48:8b:ae:dd:0a:b1:f5:
8a:fe:a3:46:de:36:c6:74:ef:c2:98:58:10:b2:f0:
13:8f:af:95:e9:14:7c:ae:eb:81:a4:8a:d7:be:a7:
e8:53:cf:ee:4d:a5:21:21:df:96:3a:a0:cb:ed:3d:
cc:45:22:7b:5b:12:79:e0:23:c2:8a:cf:56:73:22:
96:f4:73:5f:30:17:52:df:70:41:79:92:5d:3b:d4:
70:eb:92:fe:f6:82:27:e1:c2:2a:f1:ae:27:0f:e8:
69:67:57:63:e3:69:c8:ea:b2:06:e7:bb:74:7a:6b:
83:87:35:f9:bd:44:7a:0e:be:75:b0:bf:bd:99:87:
e8:cf:41:7e:a2:44:f6:c9:4e:fd:74:74:da:22:1e:
2a:0e:07:6e:bd:94:19:28:63:30:57:f2:6c:99:fd:
f0:3e:7e:0e:d4:ba:d7:62:ee:25:5d:0d:59:78:4f:
a4:64:9f:bd:23:e5:4a:d6:9d:4e:b2:a5:41:45:47:
b5:fc:31:20:52:de:fa:02:40:24:8c:38:93:69:a3:
e6:d7:98:3f:ff:bc:1d:91:4e:12:bc:0b:1b:2c:b2:
09:92:63:d6:9f:ce:2a:d5:4f:83:82:00:f8:e9:48:
77:de:3e:09:f7:98:54:e2:a4:57:6d:5a:24:3b:1f:
a0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BC:F8:53:FE:3B:5C:2D:8F:2C:FF:AC:EC:A7:67:D0:AD:75:C3:6E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/I7z4U_47XC2PLP-s7Kdn0K11w24.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/17
Signature Algorithm: sha256WithRSAEncryption
31:e8:80:e0:a5:49:e4:06:12:71:31:9c:89:d9:36:4e:46:54:
1a:ed:50:a9:59:12:e9:45:8f:6d:27:b2:2e:e8:b7:7a:fc:44:
a0:f6:73:10:e6:94:0c:6b:3b:8a:c9:5b:9a:4e:dc:53:de:09:
cb:19:b5:e2:e8:63:37:f8:38:34:8e:bc:4e:26:74:52:35:df:
a4:85:8e:31:03:9f:7b:6f:8c:04:35:3a:20:e8:5f:1a:8b:73:
a4:9e:7e:d8:7b:a9:73:b8:8f:44:5c:57:9a:b4:e4:ba:c8:af:
86:68:da:dd:cf:15:87:0a:5f:11:b7:bb:e2:35:11:3e:41:32:
ca:a7:77:f1:3b:e2:8a:0f:3a:f2:56:b6:03:7d:3f:c0:af:55:
8d:7d:0e:12:27:38:cd:b7:e4:da:1f:0a:fa:3f:4d:99:97:5e:
ce:03:8d:20:41:3a:f2:f3:88:c3:d9:2e:bc:5b:b0:2b:96:05:
eb:b7:71:f9:f5:da:e1:45:75:ae:38:26:dc:d1:16:89:46:b3:
ad:e0:7a:fb:c6:8b:d1:d0:24:56:20:29:4e:37:78:e0:65:7e:
57:f1:3f:72:3b:48:23:a8:3e:01:0a:ed:bd:a2:45:1d:e2:30:
1e:30:42:b3:9b:74:32:ca:ab:56:3c:d0:a8:26:6a:d2:fa:76:
5a:2e:43:e1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzQkNGODUzRkUzQjVD
MkQ4RjJDRkZBQ0VDQTc2N0QwQUQ3NUMzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcjNIC0yaBSIuu3Qqx9Yr+o0beNsZ078KYWBCy8BOPr5XpFHyu
64Gkite+p+hTz+5NpSEh35Y6oMvtPcxFIntbEnngI8KKz1ZzIpb0c18wF1LfcEF5
kl071HDrkv72gifhwirxricP6GlnV2Pjacjqsgbnu3R6a4OHNfm9RHoOvnWwv72Z
h+jPQX6iRPbJTv10dNoiHioOB269lBkoYzBX8myZ/fA+fg7Uutdi7iVdDVl4T6Rk
n70j5UrWnU6ypUFFR7X8MSBS3voCQCSMOJNpo+bXmD//vB2RThK8CxsssgmSY9af
zirVT4OCAPjpSHfePgn3mFTipFdtWiQ7H6ApAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUI7z4U/47XC2PLP+s7Kdn0K11w24wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0k3ejRVXzQ3WEMyUExQLXM3S2RuMEsx
MXcyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc89AAwDQYJ
KoZIhvcNAQELBQADggEBADHogOClSeQGEnExnInZNk5GVBrtUKlZEulFj20nsi7o
t3r8RKD2cxDmlAxrO4rJW5pO3FPeCcsZteLoYzf4ODSOvE4mdFI136SFjjEDn3tv
jAQ1OiDoXxqLc6Sefth7qXO4j0RcV5q05LrIr4Zo2t3PFYcKXxG3u+I1ET5BMsqn
d/E74ooPOvJWtgN9P8CvVY19DhInOM235NofCvo/TZmXXs4DjSBBOvLziMPZLrxb
sCuWBeu3cfn12uFFda44JtzRFolGs63gevvGi9HQJFYgKU43eOBlflfxP3I7SCOo
PgEK7b2iRR3iMB4wQrObdDLKq1Y80KgmatL6dlouQ+E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:16 2025 by rpki-client