Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/3g8_DqTxa7znEs_SzJIK-Q5iXMo.roa
File: 3g8_DqTxa7znEs_SzJIK-Q5iXMo.roa (raw, json)
Hash identifier: I50J3eTt1B+LFCuYj8aBgz2FM5bQKxabkhgfi2ssbP8=
Subject key identifier: DE:0F:3F:0E:A4:F1:6B:BC:E7:12:CF:D2:CC:92:0A:F9:0E:62:5C:CA
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 0C9C
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/3g8_DqTxa7znEs_SzJIK-Q5iXMo.roa
Signing time: Mon 26 Aug 2024 05:17:14 +0000
ROA not before: Mon 26 Aug 2024 05:17:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4782
IP address blocks: 61.67.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3228 (0xc9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Aug 26 05:17:14 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DE0F3F0EA4F16BBCE712CFD2CC920AF90E625CCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:20:f3:a7:6c:a7:dd:58:69:95:db:57:66:42:
c9:fa:4b:6e:0b:69:39:a6:76:b7:45:52:c1:78:ff:
0b:c6:e6:0a:14:02:90:a5:0a:97:4c:b1:4c:c8:17:
63:15:50:2b:3a:89:f2:8d:ba:fb:cf:6c:6c:ae:bf:
1b:a9:35:ac:85:e7:6c:f5:7f:a1:e3:25:32:80:e6:
6a:5f:88:35:2a:ff:04:a5:9c:4a:d7:b9:78:11:3e:
27:c1:af:71:ec:4f:ac:5e:ff:43:a8:22:41:fa:60:
7e:99:cd:4b:f4:89:a1:6a:bf:7b:f0:a4:74:d1:30:
b2:95:e6:21:4c:d0:52:5f:98:26:69:df:62:2b:f6:
97:71:9e:fa:4f:3b:69:ba:00:c8:4e:dd:3c:2d:08:
d0:8d:d8:77:ca:83:af:25:9a:96:a9:76:e2:d0:9d:
51:83:5a:08:f2:91:c0:4f:73:6e:95:cf:d7:0a:3c:
b2:a8:cf:a8:30:23:a9:ff:a3:a0:04:e8:b3:9c:fa:
9b:a8:98:9c:6e:b2:e4:58:2c:23:d6:6d:b1:2f:64:
37:cb:14:3d:fa:f8:c8:ab:c2:40:9e:1b:fb:10:91:
b3:bf:81:11:5c:5c:e0:92:31:89:a6:fa:f1:ea:a0:
12:5a:a0:a0:57:51:14:a8:96:47:92:62:84:3a:bc:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0F:3F:0E:A4:F1:6B:BC:E7:12:CF:D2:CC:92:0A:F9:0E:62:5C:CA
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/3g8_DqTxa7znEs_SzJIK-Q5iXMo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.64.0/19
Signature Algorithm: sha256WithRSAEncryption
20:01:b2:b9:26:b0:87:cb:69:43:80:0f:2c:fe:3c:f3:db:af:
a9:d8:23:aa:b2:3f:24:e8:ed:fc:fe:f4:57:a1:0b:2a:b7:8a:
42:6d:b2:bd:54:0b:8b:6c:28:d6:e1:e4:81:b7:5f:ca:c5:b5:
53:2d:01:40:cc:57:20:9e:7b:7a:a0:8a:03:09:eb:f8:e3:00:
ee:d8:32:7e:a1:1a:7c:94:b6:9b:d4:0b:57:bb:ca:57:a1:8f:
1e:93:0b:91:9c:44:3b:5a:92:02:78:91:07:49:92:7c:83:62:
dc:29:2e:e6:7b:50:04:5d:03:80:46:c5:54:ab:56:ed:5b:b0:
df:03:c3:ec:2d:87:c4:7f:c8:66:04:dc:76:54:51:0b:08:61:
cf:eb:2a:25:a7:61:52:3b:86:33:83:21:1f:ae:29:0b:dc:df:
00:e4:4b:db:3d:7a:0f:91:82:b2:1b:41:d0:e2:0c:d6:10:f5:
14:67:ed:59:9b:a1:a9:6d:12:13:75:52:5b:45:c6:45:8b:de:
c6:df:3d:fe:21:e3:7f:a4:e5:44:a0:93:a0:69:35:34:1f:39:
ae:8b:12:0e:df:12:1d:74:4e:9a:7d:01:ec:dc:01:07:20:8b:
20:7b:b1:e3:df:45:56:7a:ac:6d:b0:0a:29:1f:1c:bf:9b:d7:
74:25:9e:63
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDJwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yNDA4MjYw
NTE3MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERFMEYzRjBFQTRGMTZC
QkNFNzEyQ0ZEMkNDOTIwQUY5MEU2MjVDQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGIPOnbKfdWGmV21dmQsn6S24LaTmmdrdFUsF4/wvG5goUApCl
CpdMsUzIF2MVUCs6ifKNuvvPbGyuvxupNayF52z1f6HjJTKA5mpfiDUq/wSlnErX
uXgRPifBr3HsT6xe/0OoIkH6YH6ZzUv0iaFqv3vwpHTRMLKV5iFM0FJfmCZp32Ir
9pdxnvpPO2m6AMhO3TwtCNCN2HfKg68lmpapduLQnVGDWgjykcBPc26Vz9cKPLKo
z6gwI6n/o6AE6LOc+puomJxusuRYLCPWbbEvZDfLFD36+MirwkCeG/sQkbO/gRFc
XOCSMYmm+vHqoBJaoKBXURSolkeSYoQ6vP9FAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3g8/DqTxa7znEs/SzJIK+Q5iXMowHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOLzNnOF9EcVR4YTd6bkVzX1N6SklLLVE1
aVhNby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9Q0AwDQYJ
KoZIhvcNAQELBQADggEBACABsrkmsIfLaUOADyz+PPPbr6nYI6qyPyTo7fz+9Feh
Cyq3ikJtsr1UC4tsKNbh5IG3X8rFtVMtAUDMVyCee3qgigMJ6/jjAO7YMn6hGnyU
tpvUC1e7ylehjx6TC5GcRDtakgJ4kQdJknyDYtwpLuZ7UARdA4BGxVSrVu1bsN8D
w+wth8R/yGYE3HZUUQsIYc/rKiWnYVI7hjODIR+uKQvc3wDkS9s9eg+RgrIbQdDi
DNYQ9RRn7VmboaltEhN1UltFxkWL3sbfPf4h43+k5USgk6BpNTQfOa6LEg7fEh10
Tpp9AezcAQcgiyB7sePfRVZ6rG2wCikfHL+b13QlnmM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:58 2025 by rpki-client