Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Xdy-KIl-aPRasoSYeDdKgzrF3x0.roa
File: Xdy-KIl-aPRasoSYeDdKgzrF3x0.roa (raw, json)
Hash identifier: Cis6vv9u+r/3eSdNynxVsY+14RDkgrFMhBqinijaAvo=
Subject key identifier: 5D:DC:BE:28:89:7E:68:F4:5A:B2:84:98:78:37:4A:83:3A:C5:DF:1D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0FD2
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Xdy-KIl-aPRasoSYeDdKgzrF3x0.roa
Signing time: Mon 26 Aug 2024 05:15:47 +0000
ROA not before: Mon 26 Aug 2024 05:15:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131142
IP address blocks: 210.200.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4050 (0xfd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:15:47 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5DDCBE28897E68F45AB2849878374A833AC5DF1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f6:ae:50:5e:49:32:47:32:dd:97:b0:e9:e3:
f8:41:82:12:2f:e6:4d:29:70:3a:99:13:b6:ee:40:
13:b3:a4:44:a0:62:6e:c5:1f:72:da:2c:a4:82:08:
1a:64:0c:0b:09:26:90:8a:60:a3:b1:df:0d:42:fc:
1a:4c:8f:4d:46:a2:39:e7:2f:d1:94:8e:6f:0b:e2:
51:1b:4c:fa:b4:bb:08:26:3d:2f:ff:b8:3e:af:03:
43:1d:0e:24:5b:95:e7:30:7f:26:e6:9a:31:14:32:
2a:d5:74:8d:a1:6e:92:49:c2:b3:cb:15:93:26:a6:
90:1a:0b:e7:88:12:24:c5:6d:64:4c:c2:1c:6a:78:
ac:21:d9:9f:41:27:f6:fe:7a:5f:b9:81:0d:ed:02:
fd:e8:37:71:d0:03:1e:71:75:f2:d7:de:2f:05:10:
ba:ed:d3:7e:d6:c3:d5:fc:f5:b9:35:68:57:b4:83:
5f:38:eb:51:ca:6d:a2:6c:c4:0f:f6:7b:02:7c:fe:
68:f2:f1:72:db:51:a0:48:2c:e4:11:03:a0:aa:cc:
a0:54:8b:88:0c:58:f7:30:a3:52:e1:b6:9a:3b:b1:
7d:2f:f1:85:f6:0b:07:bf:24:1e:a9:3a:07:50:cd:
ae:ca:18:8c:4d:83:9f:8e:8f:17:6f:e0:ad:b1:73:
27:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DC:BE:28:89:7E:68:F4:5A:B2:84:98:78:37:4A:83:3A:C5:DF:1D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Xdy-KIl-aPRasoSYeDdKgzrF3x0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.64.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:3e:59:d9:62:0f:d6:e8:a7:49:4c:13:4b:26:37:27:66:3e:
69:9f:ed:37:44:6b:af:1f:2e:c3:e5:61:ce:04:8c:b3:16:a5:
46:26:cd:20:56:7d:b4:8f:27:9d:e2:ed:3c:07:01:0e:c4:48:
0e:f7:0a:5f:26:2d:e4:49:29:78:a1:7e:db:44:c2:39:fa:a6:
ad:a6:45:d3:fd:6e:34:9e:d4:16:91:3e:58:4e:49:09:46:9e:
f4:a9:14:f3:53:4b:b4:cc:e6:87:12:01:31:49:c4:8d:31:fb:
58:18:e5:e7:39:3f:45:bc:2d:c0:95:b6:89:6a:02:25:36:cc:
4f:1a:aa:78:89:46:3c:7b:d7:aa:ef:6c:54:af:c1:b2:c0:da:
20:69:92:17:52:60:45:ec:dd:9f:47:93:54:00:bb:f0:8d:aa:
29:61:cb:71:1e:31:00:7a:57:d1:dc:4a:1c:97:12:3a:88:8f:
61:35:8d:b9:64:b7:9e:82:eb:07:f3:fa:f3:e4:e7:0d:60:e6:
e8:ef:cc:d5:a1:5a:17:c1:d0:8b:ca:66:a0:f1:f7:39:55:e0:
f8:db:3d:86:7d:18:e5:58:dc:b7:19:31:c4:33:fd:a1:2b:74:
54:72:c2:be:49:c5:5c:7d:a8:87:90:6d:b1:07:47:96:ba:f2:
31:61:76:b6
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVERENCRTI4ODk3RTY4
RjQ1QUIyODQ5ODc4Mzc0QTgzM0FDNURGMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn9q5QXkkyRzLdl7Dp4/hBghIv5k0pcDqZE7buQBOzpESgYm7F
H3LaLKSCCBpkDAsJJpCKYKOx3w1C/BpMj01GojnnL9GUjm8L4lEbTPq0uwgmPS//
uD6vA0MdDiRblecwfybmmjEUMirVdI2hbpJJwrPLFZMmppAaC+eIEiTFbWRMwhxq
eKwh2Z9BJ/b+el+5gQ3tAv3oN3HQAx5xdfLX3i8FELrt037Ww9X89bk1aFe0g184
61HKbaJsxA/2ewJ8/mjy8XLbUaBILOQRA6CqzKBUi4gMWPcwo1Lhtpo7sX0v8YX2
Cwe/JB6pOgdQza7KGIxNg5+Ojxdv4K2xcydzAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUXdy+KIl+aPRasoSYeDdKgzrF3x0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1hkeS1LSWwtYVBSYXNvU1llRGRLZ3py
RjN4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyEAwDQYJ
KoZIhvcNAQELBQADggEBAEs+WdliD9bop0lME0smNydmPmmf7TdEa68fLsPlYc4E
jLMWpUYmzSBWfbSPJ53i7TwHAQ7ESA73Cl8mLeRJKXihfttEwjn6pq2mRdP9bjSe
1BaRPlhOSQlGnvSpFPNTS7TM5ocSATFJxI0x+1gY5ec5P0W8LcCVtolqAiU2zE8a
qniJRjx716rvbFSvwbLA2iBpkhdSYEXs3Z9Hk1QAu/CNqilhy3EeMQB6V9HcShyX
EjqIj2E1jblkt56C6wfz+vPk5w1g5ujvzNWhWhfB0IvKZqDx9zlV4PjbPYZ9GOVY
3LcZMcQz/aErdFRywr5JxVx9qIeQbbEHR5a68jFhdrY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:00 2025 by rpki-client