Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kfZAFhyAdZYHVntRXoodTDmQRNU.roa
File: kfZAFhyAdZYHVntRXoodTDmQRNU.roa (raw, json)
Hash identifier: K0QbErZi2ejxPeDU77XkHuOhQJkhUQnUq9x03DKlH8k=
Subject key identifier: 91:F6:40:16:1C:80:75:96:07:56:7B:51:5E:8A:1D:4C:39:90:44:D5
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1094
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kfZAFhyAdZYHVntRXoodTDmQRNU.roa
Signing time: Mon 26 Aug 2024 05:16:35 +0000
ROA not before: Mon 26 Aug 2024 05:16:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 124.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4244 (0x1094)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:34 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=91F640161C80759607567B515E8A1D4C399044D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:35:0d:05:ec:0c:ac:58:8a:81:8c:ed:8c:7e:
b7:cc:8b:6e:77:07:13:c6:f9:c4:d5:8c:6f:1b:0b:
28:49:b6:d2:95:fd:98:69:d4:83:97:50:f7:56:15:
09:e0:ee:67:b1:9e:76:4d:19:77:b2:2d:50:24:0f:
ef:55:bc:3e:c4:25:d4:d2:f1:f6:96:f3:ec:da:27:
d2:22:b5:94:5c:02:c1:9d:1b:78:a0:ca:c6:c1:8c:
06:aa:20:29:21:27:b7:7d:08:9d:e1:46:07:be:d5:
41:8d:7a:f0:a2:c5:29:b9:b5:7b:5d:1e:9a:2a:31:
3c:1b:b6:db:83:ab:b2:8f:4a:0f:48:1f:60:cc:9c:
de:3e:4a:c5:27:ac:e4:98:d3:ce:98:61:a7:41:c7:
f7:fe:77:b6:0c:d4:ca:8b:07:ae:a7:b5:2b:e7:8f:
23:42:78:d0:5d:6d:99:8d:38:d7:14:52:80:41:fc:
2e:4d:d9:97:3a:d1:9b:5b:d0:23:89:90:12:0d:34:
6d:38:e9:a5:b9:63:43:63:55:5c:c4:50:4e:19:de:
36:42:1d:aa:98:e8:6a:0a:4e:cd:48:cc:b0:0b:a6:
76:41:84:45:f8:77:5c:29:fe:fd:9f:a5:43:f7:ee:
7f:38:50:b3:d5:e4:5a:bc:95:41:4c:62:c3:79:ee:
f9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F6:40:16:1C:80:75:96:07:56:7B:51:5E:8A:1D:4C:39:90:44:D5
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kfZAFhyAdZYHVntRXoodTDmQRNU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
75:26:c8:de:87:fa:a7:a8:e4:c3:f5:c1:94:7c:47:e1:df:93:
da:5b:fc:50:5c:70:fd:18:86:44:32:24:94:c9:a9:16:56:86:
cb:07:86:39:0d:dd:12:19:85:3f:25:14:f4:d7:eb:dd:8b:4f:
c6:cf:c3:38:bf:34:db:f8:0d:d4:79:4f:3f:2c:00:be:83:10:
ec:50:02:29:8f:1b:64:4d:31:24:93:be:5b:19:07:6e:f4:18:
25:6a:0c:fd:a2:88:0f:98:6c:42:5d:eb:cd:c5:04:cf:1b:bf:
d1:ca:a8:a7:d2:c8:e8:a3:96:ce:c6:8d:f5:71:f2:c7:b1:4a:
c4:e4:39:fb:36:b9:d6:19:a1:f1:46:d4:a1:c1:ac:5d:1d:7c:
7c:78:0e:35:b7:3c:07:24:8f:c7:0a:8b:9a:f4:de:16:f1:48:
30:42:fd:6e:c3:67:76:68:ac:10:38:5d:6d:3a:5a:40:63:c5:
e6:27:48:58:ab:cc:e3:4a:20:b2:e3:87:31:25:a5:04:cd:2d:
55:8e:02:f3:a0:ea:85:dd:ed:15:f9:21:3a:01:62:c1:ee:dd:
2d:bb:57:a5:5e:ec:0c:1f:a9:67:78:67:85:5d:ba:8f:e3:79:
c1:ae:13:74:51:3e:f3:f7:2d:a8:8c:81:41:8e:c2:92:e7:a9:
a2:24:5b:b7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkxRjY0MDE2MUM4MDc1
OTYwNzU2N0I1MTVFOEExRDRDMzk5MDQ0RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0NQ0F7AysWIqBjO2MfrfMi253BxPG+cTVjG8bCyhJttKV/Zhp
1IOXUPdWFQng7mexnnZNGXeyLVAkD+9VvD7EJdTS8faW8+zaJ9IitZRcAsGdG3ig
ysbBjAaqICkhJ7d9CJ3hRge+1UGNevCixSm5tXtdHpoqMTwbttuDq7KPSg9IH2DM
nN4+SsUnrOSY086YYadBx/f+d7YM1MqLB66ntSvnjyNCeNBdbZmNONcUUoBB/C5N
2Zc60Ztb0COJkBINNG046aW5Y0NjVVzEUE4Z3jZCHaqY6GoKTs1IzLALpnZBhEX4
d1wp/v2fpUP37n84ULPV5Fq8lUFMYsN57vl1AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkfZAFhyAdZYHVntRXoodTDmQRNUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2tmWkFGaHlBZFpZSFZudFJYb29kVERt
UVJOVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB82q0wDQYJ
KoZIhvcNAQELBQADggEBAHUmyN6H+qeo5MP1wZR8R+Hfk9pb/FBccP0YhkQyJJTJ
qRZWhssHhjkN3RIZhT8lFPTX692LT8bPwzi/NNv4DdR5Tz8sAL6DEOxQAimPG2RN
MSSTvlsZB270GCVqDP2iiA+YbEJd683FBM8bv9HKqKfSyOijls7GjfVx8sexSsTk
Ofs2udYZofFG1KHBrF0dfHx4DjW3PAckj8cKi5r03hbxSDBC/W7DZ3ZorBA4XW06
WkBjxeYnSFirzONKILLjhzElpQTNLVWOAvOg6oXd7RX5IToBYsHu3S27V6Ve7Awf
qWd4Z4Vduo/jecGuE3RRPvP3LaiMgUGOwpLnqaIkW7c=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:36 2025 by rpki-client