Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/qBcnXPrNXlmHqIQMy9NZzfWTi6I.roa
File: qBcnXPrNXlmHqIQMy9NZzfWTi6I.roa (raw, json)
Hash identifier: waItL06dth12tUmbhQdW/Xb7wWF+Q/3WkK9OD24mACM=
Subject key identifier: A8:17:27:5C:FA:CD:5E:59:87:A8:84:0C:CB:D3:59:CD:F5:93:8B:A2
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 10D8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/qBcnXPrNXlmHqIQMy9NZzfWTi6I.roa
Signing time: Mon 26 Aug 2024 05:16:50 +0000
ROA not before: Mon 26 Aug 2024 05:16:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 203.79.196.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:27:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4312 (0x10d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 26 05:16:50 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A817275CFACD5E5987A8840CCBD359CDF5938BA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:ab:10:05:1a:19:e9:9d:91:98:89:18:c7:
cb:5d:3c:94:e5:0b:98:7d:e1:3c:ae:25:73:e6:10:
a4:f1:11:41:58:56:46:af:c7:0c:d3:c2:1d:0b:fc:
71:8a:fc:e3:9c:ae:bb:92:70:2a:51:62:c3:b4:c3:
8b:80:b9:a7:11:14:4f:8b:5d:fc:3d:70:f0:62:b1:
05:4a:60:80:aa:c3:a8:e7:53:18:a6:7b:c3:3f:19:
79:9f:55:8d:ea:e8:22:62:e9:f3:d8:3f:fe:b4:40:
0c:17:ae:2e:6e:b6:44:ed:73:b8:43:07:0b:e1:13:
45:db:4c:f8:bf:85:94:83:79:e7:b0:e6:f2:70:c4:
39:e1:09:0c:c7:c7:8e:60:d4:a3:d4:0f:fc:4f:e0:
4d:e5:9d:d0:24:8a:6e:08:a1:8a:e6:1c:58:f6:18:
1e:de:7e:c0:a1:c3:fe:a8:7b:89:24:28:e6:f6:62:
b5:d5:f8:1d:7f:b6:59:15:59:5a:25:a6:92:14:ca:
43:29:aa:22:7c:d2:f0:7d:34:db:17:07:9f:04:0b:
ef:ee:f7:6e:07:61:5f:3a:41:8e:30:7c:f7:08:36:
b9:e2:68:b4:38:91:30:79:b3:0f:f6:0d:d9:35:b9:
06:b9:81:46:ae:7e:48:16:28:84:03:03:7b:a9:f0:
ce:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:17:27:5C:FA:CD:5E:59:87:A8:84:0C:CB:D3:59:CD:F5:93:8B:A2
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/qBcnXPrNXlmHqIQMy9NZzfWTi6I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.196.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d1:3d:5c:d0:bf:76:c1:e3:dc:b1:13:5c:dd:9b:e3:8e:05:
12:92:f5:5a:63:d0:b0:3d:36:bf:ec:09:6b:9d:3f:5b:9d:cd:
a7:9f:3a:04:4c:9d:f0:98:a9:a4:b7:d1:63:fc:71:23:42:a1:
76:d0:3d:2e:4e:30:9f:c3:fa:85:ef:4e:30:1e:f3:f1:d8:11:
8b:86:34:e4:d5:9f:0e:c8:62:4a:c8:71:17:2c:d3:34:20:20:
b3:c8:8c:76:33:ea:41:92:5d:23:85:31:0b:57:ba:a6:24:61:
96:79:87:3f:16:4d:45:89:2b:12:2b:84:1a:ee:bc:47:df:6d:
81:a6:ab:b3:b2:c2:4d:62:82:99:e4:c7:51:1f:1c:e7:8b:d5:
b6:73:35:86:c2:bf:fa:39:8a:73:65:aa:90:aa:17:1c:ec:0f:
a4:8c:26:e8:24:01:04:5a:d9:38:9e:17:a6:49:29:1c:1c:7c:
a2:f5:64:f2:e7:d3:ac:13:ee:bf:70:72:6e:91:84:53:06:cd:
a0:23:dc:06:10:51:27:86:e0:1d:3d:a5:34:4a:bd:90:b3:c1:
91:dd:8a:19:02:ab:3e:d6:31:7d:3d:fd:a6:b2:83:25:36:48:
92:9c:ef:f7:96:e2:9e:ff:4b:d3:b7:f5:1b:78:4b:e7:57:5b:
74:c5:fd:98
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICENgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA4MjYw
NTE2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4MTcyNzVDRkFDRDVF
NTk4N0E4ODQwQ0NCRDM1OUNERjU5MzhCQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIw6sQBRoZ6Z2RmIkYx8tdPJTlC5h94TyuJXPmEKTxEUFYVkav
xwzTwh0L/HGK/OOcrruScCpRYsO0w4uAuacRFE+LXfw9cPBisQVKYICqw6jnUxim
e8M/GXmfVY3q6CJi6fPYP/60QAwXri5utkTtc7hDBwvhE0XbTPi/hZSDeeew5vJw
xDnhCQzHx45g1KPUD/xP4E3lndAkim4IoYrmHFj2GB7efsChw/6oe4kkKOb2YrXV
+B1/tlkVWVolppIUykMpqiJ80vB9NNsXB58EC+/u924HYV86QY4wfPcINrniaLQ4
kTB5sw/2Ddk1uQa5gUaufkgWKIQDA3up8M4jAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUqBcnXPrNXlmHqIQMy9NZzfWTi6IwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3FCY25YUHJOWGxtSHFJUU15OU5aemZX
VGk2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLT8QwDQYJ
KoZIhvcNAQELBQADggEBABfRPVzQv3bB49yxE1zdm+OOBRKS9Vpj0LA9Nr/sCWud
P1udzaefOgRMnfCYqaS30WP8cSNCoXbQPS5OMJ/D+oXvTjAe8/HYEYuGNOTVnw7I
YkrIcRcs0zQgILPIjHYz6kGSXSOFMQtXuqYkYZZ5hz8WTUWJKxIrhBruvEffbYGm
q7Oywk1igpnkx1EfHOeL1bZzNYbCv/o5inNlqpCqFxzsD6SMJugkAQRa2TieF6ZJ
KRwcfKL1ZPLn06wT7r9wcm6RhFMGzaAj3AYQUSeG4B09pTRKvZCzwZHdihkCqz7W
MX09/aaygyU2SJKc7/eW4p7/S9O39Rt4S+dXW3TF/Zg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:59 2025 by rpki-client