Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ToadhRbUKx19YhXkQsoMXK4QLQM.roa
File: ToadhRbUKx19YhXkQsoMXK4QLQM.roa (raw, json)
Hash identifier: KOEghzMc7YJ0ohzml3IyNfVYXu/kdiNQrjtOtjCJ+a4=
Subject key identifier: 4E:86:9D:85:16:D4:2B:1D:7D:62:15:E4:42:CA:0C:5C:AE:10:2D:03
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10D3
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ToadhRbUKx19YhXkQsoMXK4QLQM.roa
Signing time: Mon 26 Aug 2024 05:16:49 +0000
ROA not before: Mon 26 Aug 2024 05:16:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 124.219.0.0/17 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4307 (0x10d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:49 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4E869D8516D42B1D7D6215E442CA0C5CAE102D03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:19:03:43:e8:30:e1:09:a8:3f:01:9a:fb:7d:
fa:8f:66:e3:07:fa:a7:f3:51:e2:fb:80:69:78:e2:
17:50:e7:97:f3:27:43:48:a8:ac:23:4a:3c:fc:32:
fe:b7:59:fc:3e:9c:43:f6:c8:3b:94:97:d5:73:52:
5b:e7:dc:54:cc:4a:b0:6b:cd:56:ce:80:0b:43:58:
ea:c2:4b:f3:6e:4b:9a:44:0b:b0:c7:ee:ae:13:e4:
87:59:4e:57:6b:c9:14:4e:7a:44:55:7b:c4:65:0a:
4f:6d:5c:6c:d4:67:5d:8d:0e:7d:f0:ec:e0:ff:d5:
b5:38:5d:d5:04:61:87:1e:e7:8f:2f:7a:d7:66:4e:
5f:02:f5:0a:3d:03:00:d6:0c:0b:ee:a0:1b:69:91:
d6:4e:9a:8d:c3:36:a4:5d:5d:a0:b3:4f:0e:b0:4e:
b9:0c:20:83:d8:6e:18:9e:d0:18:65:f0:34:5e:4c:
6b:32:eb:39:c2:60:aa:61:96:f1:14:b9:df:bb:a5:
b6:3e:a9:e2:f7:65:33:76:90:12:ea:a2:86:65:5d:
51:75:39:71:5d:08:f2:7e:f4:30:87:a7:fb:00:68:
9c:e2:bd:52:f3:8e:fc:93:07:9b:6e:0c:4c:89:99:
26:e1:46:ca:87:c9:28:a9:09:dc:ed:af:7f:04:a2:
bd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:86:9D:85:16:D4:2B:1D:7D:62:15:E4:42:CA:0C:5C:AE:10:2D:03
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ToadhRbUKx19YhXkQsoMXK4QLQM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
b6:31:99:cf:87:a8:4f:d2:ab:f4:19:36:77:1e:98:16:22:11:
90:2e:55:97:bb:73:0b:2a:31:4a:97:f1:22:16:c7:ce:4f:f1:
bc:f5:22:d4:a9:e6:f6:2b:3e:91:af:d8:cb:f4:6b:82:9e:2a:
38:9c:52:45:a3:be:6f:f7:26:cf:c7:49:50:a3:43:b8:59:b8:
65:4c:08:11:ff:ec:82:23:1c:d7:28:8d:0f:54:a0:10:84:b9:
87:05:5c:8e:99:f5:ec:62:f2:ed:25:46:da:a1:37:82:01:14:
d2:00:fd:0a:4a:c4:41:03:83:b9:51:45:6b:49:f7:d1:77:90:
7a:ae:76:b8:23:b9:63:7b:f2:e7:86:65:14:53:18:44:05:31:
b3:24:41:20:18:4c:22:22:d7:72:97:57:f3:0b:20:2b:41:08:
c2:82:ee:5a:71:39:15:56:47:9a:84:cc:df:2d:39:fb:d2:5d:
d5:c9:e5:4f:4e:cc:fc:fb:1d:8f:89:b7:5e:94:fd:2c:de:22:
0c:5a:2e:c1:4b:40:f1:80:86:5a:3d:2e:54:05:f9:96:3e:ca:
f5:ca:2d:aa:d8:a9:5d:3f:e7:52:6c:c3:0b:63:45:a3:55:03:
75:e2:dd:59:71:0a:47:42:5b:14:54:3b:72:a8:65:33:24:3f:
a9:2e:c4:20
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICENMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRFODY5RDg1MTZENDJC
MUQ3RDYyMTVFNDQyQ0EwQzVDQUUxMDJEMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXGQND6DDhCag/AZr7ffqPZuMH+qfzUeL7gGl44hdQ55fzJ0NI
qKwjSjz8Mv63Wfw+nEP2yDuUl9VzUlvn3FTMSrBrzVbOgAtDWOrCS/NuS5pEC7DH
7q4T5IdZTldryRROekRVe8RlCk9tXGzUZ12NDn3w7OD/1bU4XdUEYYce548vetdm
Tl8C9Qo9AwDWDAvuoBtpkdZOmo3DNqRdXaCzTw6wTrkMIIPYbhie0Bhl8DReTGsy
6znCYKphlvEUud+7pbY+qeL3ZTN2kBLqooZlXVF1OXFdCPJ+9DCHp/sAaJzivVLz
jvyTB5tuDEyJmSbhRsqHySipCdztr38Eor0vAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUToadhRbUKx19YhXkQsoMXK4QLQMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1RvYWRoUmJVS3gxOVloWGtRc29NWEs0
UUxRTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd82wAwDQYJ
KoZIhvcNAQELBQADggEBALYxmc+HqE/Sq/QZNncemBYiEZAuVZe7cwsqMUqX8SIW
x85P8bz1ItSp5vYrPpGv2Mv0a4KeKjicUkWjvm/3Js/HSVCjQ7hZuGVMCBH/7IIj
HNcojQ9UoBCEuYcFXI6Z9exi8u0lRtqhN4IBFNIA/QpKxEEDg7lRRWtJ99F3kHqu
drgjuWN78ueGZRRTGEQFMbMkQSAYTCIi13KXV/MLICtBCMKC7lpxORVWR5qEzN8t
OfvSXdXJ5U9OzPz7HY+Jt16U/SzeIgxaLsFLQPGAhlo9LlQF+ZY+yvXKLarYqV0/
51JswwtjRaNVA3Xi3VlxCkdCWxRUO3KoZTMkP6kuxCA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:19 2025 by rpki-client