Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ii1mGvYpVXnS8yqiOu56LbwfKBI.roa
File: ii1mGvYpVXnS8yqiOu56LbwfKBI.roa (raw, json)
Hash identifier: Bf8PdPoQxHVFMOUYkFyJmPLxBVaaDGsdp/nEwRtEOp8=
Subject key identifier: 8A:2D:66:1A:F6:29:55:79:D2:F3:2A:A2:3A:EE:7A:2D:BC:1F:28:12
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1131
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ii1mGvYpVXnS8yqiOu56LbwfKBI.roa
Signing time: Mon 18 Nov 2024 07:16:14 +0000
ROA not before: Mon 18 Nov 2024 07:16:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 218.35.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4401 (0x1131)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Nov 18 07:16:14 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8A2D661AF6295579D2F32AA23AEE7A2DBC1F2812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:b8:f5:5f:23:7c:25:58:04:ad:23:a0:ec:
e4:e1:bc:e7:23:4a:78:14:b4:da:c8:12:10:23:33:
7f:dd:0f:f4:1b:66:82:7d:24:21:76:4f:65:62:e6:
41:9b:7a:dd:64:b3:0c:eb:34:12:ca:39:be:d2:fd:
b0:a5:10:53:24:9b:e4:a9:ae:ed:02:be:7f:1f:95:
1d:56:06:a5:c1:29:3a:c2:62:41:53:05:0d:52:cc:
47:1d:12:59:c5:36:8c:af:b7:84:d6:ff:cd:f9:46:
5e:4b:fe:7f:1d:3e:50:27:45:40:77:97:a8:8e:7a:
bb:08:09:08:af:1e:dd:8e:1d:b3:67:ff:d7:77:97:
da:c3:f0:ed:3c:27:7a:3f:fd:ac:e8:1d:1f:06:89:
84:b2:d9:fc:84:04:7c:c4:d7:d5:a1:70:95:7b:2b:
0f:49:16:8e:14:05:d6:59:9b:42:86:2f:8e:4a:f6:
df:59:4c:c2:77:30:74:d5:2e:09:07:c7:3d:15:ab:
17:86:34:ab:32:79:cf:9f:f3:34:48:c4:06:ff:0e:
fe:32:f5:99:29:de:d2:90:c3:3a:e6:db:73:b1:3b:
b7:1d:43:6f:2c:0f:e1:70:6e:99:f1:0a:dd:bb:ae:
3f:56:80:e9:5c:e2:72:89:ce:3d:f7:12:4d:31:4b:
9e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2D:66:1A:F6:29:55:79:D2:F3:2A:A2:3A:EE:7A:2D:BC:1F:28:12
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ii1mGvYpVXnS8yqiOu56LbwfKBI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.16.0/21
Signature Algorithm: sha256WithRSAEncryption
64:40:41:90:02:d8:75:b4:46:44:70:eb:1b:b9:c9:c3:e2:c9:
c2:ad:80:f7:69:76:ee:84:af:5a:ff:b9:e8:c6:84:c3:df:8f:
01:55:ae:8c:71:99:68:1a:44:bf:5b:6e:ce:63:dd:08:e2:bc:
90:d4:ed:88:f5:1b:2c:3d:6e:9e:95:14:75:8b:ac:d5:a7:99:
56:e1:0d:36:22:05:eb:82:77:4a:b7:b5:9c:f5:59:b0:62:98:
6d:0c:7a:fa:04:bf:4c:74:fd:a2:41:9a:a7:e3:5b:b0:f6:f1:
f6:a4:25:6c:60:c3:93:ec:b5:20:af:fd:8e:04:5a:57:48:2c:
69:46:24:eb:b1:64:3c:01:08:70:9a:41:7f:22:15:94:08:1b:
14:19:20:22:ab:99:63:24:a8:00:31:59:c7:37:51:99:bb:14:
0b:7b:dd:f1:c8:9e:14:4e:c1:9f:39:86:64:2f:1e:21:c2:13:
45:9f:4a:9b:ca:35:f6:e9:d8:b2:0f:35:d5:a6:ed:60:c4:31:
4b:85:da:f7:24:e9:ee:9c:3e:fe:1c:c1:02:d9:9b:3f:db:eb:
c6:11:4f:47:c1:f0:ec:c3:c3:84:98:64:6d:17:f7:fc:d2:63:
39:ce:89:4d:22:d3:d1:71:92:c8:51:98:64:90:6b:51:1e:cc:
68:0d:65:7e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICETEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDExMTgw
NzE2MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhBMkQ2NjFBRjYyOTU1
NzlEMkYzMkFBMjNBRUU3QTJEQkMxRjI4MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5N7j1XyN8JVgErSOg7OThvOcjSngUtNrIEhAjM3/dD/QbZoJ9
JCF2T2Vi5kGbet1kswzrNBLKOb7S/bClEFMkm+Spru0Cvn8flR1WBqXBKTrCYkFT
BQ1SzEcdElnFNoyvt4TW/835Rl5L/n8dPlAnRUB3l6iOersICQivHt2OHbNn/9d3
l9rD8O08J3o//azoHR8GiYSy2fyEBHzE19WhcJV7Kw9JFo4UBdZZm0KGL45K9t9Z
TMJ3MHTVLgkHxz0VqxeGNKsyec+f8zRIxAb/Dv4y9Zkp3tKQwzrm23OxO7cdQ28s
D+FwbpnxCt27rj9WgOlc4nKJzj33Ek0xS565AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUii1mGvYpVXnS8yqiOu56LbwfKBIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2lpMW1HdllwVlhuUzh5cWlPdTU2TGJ3
ZktCSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPaIxAwDQYJ
KoZIhvcNAQELBQADggEBAGRAQZAC2HW0RkRw6xu5ycPiycKtgPdpdu6Er1r/uejG
hMPfjwFVroxxmWgaRL9bbs5j3QjivJDU7Yj1Gyw9bp6VFHWLrNWnmVbhDTYiBeuC
d0q3tZz1WbBimG0MevoEv0x0/aJBmqfjW7D28fakJWxgw5PstSCv/Y4EWldILGlG
JOuxZDwBCHCaQX8iFZQIGxQZICKrmWMkqAAxWcc3UZm7FAt73fHInhROwZ85hmQv
HiHCE0WfSpvKNfbp2LIPNdWm7WDEMUuF2vck6e6cPv4cwQLZmz/b68YRT0fB8OzD
w4SYZG0X9/zSYznOiU0i09FxkshRmGSQa1EezGgNZX4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:56:16 2025 by rpki-client