Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/g5LcAtXoW-pI4I6MjM3LfVmZgsM.roa
File: g5LcAtXoW-pI4I6MjM3LfVmZgsM.roa (raw, json)
Hash identifier: owLF5bKRLX7uRLCw+/Tj25LYX+e2pl21By5z+W/sjTo=
Subject key identifier: 83:92:DC:02:D5:E8:5B:EA:48:E0:8E:8C:8C:CD:CB:7D:59:99:82:C3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10EF
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/g5LcAtXoW-pI4I6MjM3LfVmZgsM.roa
Signing time: Fri 30 Aug 2024 08:00:55 +0000
ROA not before: Fri 30 Aug 2024 08:00:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 218.34.160.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4335 (0x10ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 30 08:00:55 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8392DC02D5E85BEA48E08E8C8CCDCB7D599982C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:14:25:cd:ac:95:72:d5:6f:b2:00:47:54:
d4:58:29:1a:ee:ea:f2:b8:d3:94:a9:3b:0f:ba:c2:
d1:bd:67:f8:2c:6b:07:d2:5a:d8:d2:40:09:fa:02:
45:b3:e8:57:7c:0f:61:d5:d7:ea:b6:fe:fb:25:21:
97:01:e1:a0:22:4c:ac:76:b8:48:e8:7d:84:b7:e9:
71:a5:0b:92:85:8e:84:b2:2e:01:48:65:e0:fa:dc:
3f:b0:57:bd:23:5a:f3:c9:15:46:21:0e:ea:c2:4f:
d2:4f:34:2e:ee:3c:73:e7:c1:0f:b2:14:c9:0b:a1:
d7:32:b7:c3:80:84:b2:9d:a1:33:42:91:c4:a0:ba:
32:65:b5:89:3d:22:a8:5a:34:1b:ad:70:e2:c9:57:
49:36:44:42:f4:86:8e:43:f3:e9:61:55:bb:cb:8b:
ef:79:0f:aa:2e:aa:39:26:f5:e4:eb:e7:ec:ad:ef:
c0:d9:1a:f6:a6:e5:96:15:c1:9e:79:69:5b:b0:2a:
e7:2b:24:20:9d:c5:a0:57:0c:b9:26:98:b5:bb:d9:
95:17:fb:6b:03:1f:79:5d:7f:72:1c:2d:3d:33:e8:
01:71:82:c4:f3:42:e6:6d:30:3f:bf:d6:fc:02:cd:
46:e1:39:f5:77:27:e7:f4:6b:e1:dd:e5:8f:15:ec:
87:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:92:DC:02:D5:E8:5B:EA:48:E0:8E:8C:8C:CD:CB:7D:59:99:82:C3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/g5LcAtXoW-pI4I6MjM3LfVmZgsM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.160.0/19
Signature Algorithm: sha256WithRSAEncryption
bf:29:66:5e:e1:17:ca:34:de:18:cd:11:f6:f9:ef:a3:3f:7f:
fd:66:a1:b8:62:d1:5c:70:80:9a:0a:a5:5d:bd:16:46:13:56:
ad:b8:ba:83:0c:ca:7f:d8:cb:22:d3:da:18:e9:12:59:a0:3c:
d0:35:82:20:23:ce:28:c5:53:73:2f:a0:f2:34:d0:03:13:6c:
5d:7d:09:57:98:ac:ee:c2:4a:19:ae:53:16:d9:91:30:43:af:
ce:ba:d3:cc:f6:cf:36:b2:34:ba:aa:9b:4b:ee:5c:d3:da:6b:
00:ff:d0:b3:8b:c2:52:c2:92:d0:e9:58:29:f4:1e:53:94:81:
57:e2:67:a9:f5:d5:ae:16:36:ad:d9:43:93:5a:3c:10:7c:0e:
7b:2d:09:8c:bd:ae:50:93:3e:67:60:b7:b0:c5:60:b7:54:c8:
f0:07:79:a5:a7:9a:2e:2c:f0:89:15:73:1b:26:59:fa:4a:a0:
d2:0f:2c:6e:e3:6f:f2:0d:2d:3a:7d:55:4a:f6:67:f6:54:73:
4e:29:3f:f8:ce:7b:ab:f7:22:55:79:10:ad:c6:46:6f:ad:cb:
a2:40:62:da:20:f2:45:36:b4:00:61:2a:54:b8:a8:be:b2:9c:
36:88:6b:06:2f:b3:52:6c:53:7f:36:fe:3d:80:29:5c:01:a6:
e3:40:9d:b4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MzAw
ODAwNTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgzOTJEQzAyRDVFODVC
RUE0OEUwOEU4QzhDQ0RDQjdENTk5OTgyQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC89BQlzayVctVvsgBHVNRYKRru6vK405SpOw+6wtG9Z/gsawfS
WtjSQAn6AkWz6Fd8D2HV1+q2/vslIZcB4aAiTKx2uEjofYS36XGlC5KFjoSyLgFI
ZeD63D+wV70jWvPJFUYhDurCT9JPNC7uPHPnwQ+yFMkLodcyt8OAhLKdoTNCkcSg
ujJltYk9IqhaNButcOLJV0k2REL0ho5D8+lhVbvLi+95D6ouqjkm9eTr5+yt78DZ
Gvam5ZYVwZ55aVuwKucrJCCdxaBXDLkmmLW72ZUX+2sDH3ldf3IcLT0z6AFxgsTz
QuZtMD+/1vwCzUbhOfV3J+f0a+Hd5Y8V7IePAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUg5LcAtXoW+pI4I6MjM3LfVmZgsMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2c1TGNBdFhvVy1wSTRJNk1qTTNMZlZt
WmdzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXaIqAwDQYJ
KoZIhvcNAQELBQADggEBAL8pZl7hF8o03hjNEfb576M/f/1mobhi0VxwgJoKpV29
FkYTVq24uoMMyn/YyyLT2hjpElmgPNA1giAjzijFU3MvoPI00AMTbF19CVeYrO7C
ShmuUxbZkTBDr86608z2zzayNLqqm0vuXNPaawD/0LOLwlLCktDpWCn0HlOUgVfi
Z6n11a4WNq3ZQ5NaPBB8DnstCYy9rlCTPmdgt7DFYLdUyPAHeaWnmi4s8IkVcxsm
WfpKoNIPLG7jb/INLTp9VUr2Z/ZUc04pP/jOe6v3IlV5EK3GRm+ty6JAYtog8kU2
tABhKlS4qL6ynDaIawYvs1JsU382/j2AKVwBpuNAnbQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:06:16 2025 by rpki-client