Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kp1cps1xdwTf-DvHbFnFkCWHwmA.roa
File: kp1cps1xdwTf-DvHbFnFkCWHwmA.roa (raw, json)
Hash identifier: 6oAjm2+e+QS3A971TuJ8H/pxBEiJtbpztKf8UA/L16Y=
Subject key identifier: 92:9D:5C:A6:CD:71:77:04:DF:F8:3B:C7:6C:59:C5:90:25:87:C2:60
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10C4
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kp1cps1xdwTf-DvHbFnFkCWHwmA.roa
Signing time: Mon 26 Aug 2024 05:16:46 +0000
ROA not before: Mon 26 Aug 2024 05:16:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9311
IP address blocks: 210.63.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4292 (0x10c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:46 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=929D5CA6CD717704DFF83BC76C59C5902587C260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:97:d6:f4:86:ab:13:f7:37:15:a4:8d:b1:a7:
b0:1d:ec:68:cd:65:6b:f6:14:3d:2e:ad:45:fc:bb:
7e:c4:64:5d:64:af:4c:7a:8a:28:75:89:72:44:13:
6e:bf:15:ce:e1:e3:8e:1b:0a:e6:ae:79:49:e3:0f:
05:44:8c:1a:32:d0:3f:67:30:3a:fd:d0:a9:8d:26:
60:3f:88:3a:e6:68:91:22:de:69:80:36:e9:25:ec:
22:9e:7a:fb:74:a9:0e:c4:6b:c1:26:4c:9b:5f:f3:
9f:9b:d1:10:ae:60:33:d6:d0:b5:20:d4:a4:fe:de:
13:61:e2:d1:9c:2a:e9:4e:1a:8e:1e:ca:48:7d:46:
c7:35:5f:88:5a:40:42:9b:6c:d3:16:71:f1:51:47:
8f:a9:2b:3e:78:92:cb:78:49:1f:63:dd:33:73:88:
d7:14:33:0c:cc:7f:f4:ed:b8:31:ba:45:2a:9d:e2:
4e:d1:f4:51:48:ad:91:31:91:22:0c:dc:c8:d0:91:
57:41:40:db:b8:b5:fd:30:c0:34:30:bd:e5:ea:c9:
0a:60:09:b1:42:3c:fe:4b:96:98:f3:fb:64:d5:31:
7b:c1:c7:dc:99:3c:c5:b5:97:f9:6d:7b:77:7d:e6:
2e:00:02:a1:23:9c:a4:14:bb:d3:ee:35:3b:49:66:
63:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9D:5C:A6:CD:71:77:04:DF:F8:3B:C7:6C:59:C5:90:25:87:C2:60
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kp1cps1xdwTf-DvHbFnFkCWHwmA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:46:ff:51:9b:85:93:e3:10:1d:29:30:b2:7d:2e:ed:0d:f0:
51:70:af:80:70:d4:77:31:ec:ae:0f:e8:69:dc:8f:d7:5a:f6:
89:c9:84:6a:03:eb:de:a7:58:0f:1e:a7:54:3b:d7:3c:40:d9:
f8:54:7a:a1:fc:aa:ab:c5:96:f9:0f:a5:a4:66:42:b8:1b:58:
a1:4e:9a:01:23:b4:94:e2:b5:70:2a:92:0f:91:ca:31:21:67:
65:38:a6:f7:c6:f7:4d:ed:e0:cf:45:54:68:23:b4:2f:c2:74:
d1:4f:01:32:3e:01:76:9f:4a:6d:1e:77:37:17:a0:51:31:a2:
ce:c7:c4:35:ef:b4:44:a7:10:85:65:cc:60:f9:4f:6e:0a:af:
d1:c2:b7:b7:f5:b7:a6:eb:9b:2b:ae:c1:01:c8:ef:15:81:51:
aa:36:08:b2:1c:5d:1e:56:c6:87:2c:c1:80:a8:c4:86:42:84:
4f:a3:43:e0:3f:99:74:ec:33:b5:77:21:33:86:dc:8f:94:3c:
04:01:b7:13:27:00:15:42:a6:b4:ae:e6:40:be:1f:ca:35:39:
46:09:9c:0f:98:bb:b7:e0:c3:7c:55:09:6b:5c:dd:9c:d7:59:
2c:41:4e:d3:ac:f6:39:59:d1:26:3a:ad:8f:b5:f9:9a:55:50:
4f:35:07:fc
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkyOUQ1Q0E2Q0Q3MTc3
MDRERkY4M0JDNzZDNTlDNTkwMjU4N0MyNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQl9b0hqsT9zcVpI2xp7Ad7GjNZWv2FD0urUX8u37EZF1kr0x6
iih1iXJEE26/Fc7h444bCuaueUnjDwVEjBoy0D9nMDr90KmNJmA/iDrmaJEi3mmA
Nukl7CKeevt0qQ7Ea8EmTJtf85+b0RCuYDPW0LUg1KT+3hNh4tGcKulOGo4eykh9
Rsc1X4haQEKbbNMWcfFRR4+pKz54kst4SR9j3TNziNcUMwzMf/TtuDG6RSqd4k7R
9FFIrZExkSIM3MjQkVdBQNu4tf0wwDQwveXqyQpgCbFCPP5Llpjz+2TVMXvBx9yZ
PMW1l/lte3d95i4AAqEjnKQUu9PuNTtJZmPjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkp1cps1xdwTf+DvHbFnFkCWHwmAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2twMWNwczF4ZHdUZi1EdkhiRm5Ga0NX
SHdtQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSP/AwDQYJ
KoZIhvcNAQELBQADggEBAGpG/1GbhZPjEB0pMLJ9Lu0N8FFwr4Bw1Hcx7K4P6Gnc
j9da9onJhGoD696nWA8ep1Q71zxA2fhUeqH8qqvFlvkPpaRmQrgbWKFOmgEjtJTi
tXAqkg+RyjEhZ2U4pvfG903t4M9FVGgjtC/CdNFPATI+AXafSm0edzcXoFExos7H
xDXvtESnEIVlzGD5T24Kr9HCt7f1t6brmyuuwQHI7xWBUao2CLIcXR5WxocswYCo
xIZChE+jQ+A/mXTsM7V3ITOG3I+UPAQBtxMnABVCprSu5kC+H8o1OUYJnA+Yu7fg
w3xVCWtc3ZzXWSxBTtOs9jlZ0SY6rY+1+ZpVUE81B/w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:00 2025 by rpki-client