Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/fY3ico_mQ2mSUGz1l-m_cVO51NE.roa
File: fY3ico_mQ2mSUGz1l-m_cVO51NE.roa (raw, json)
Hash identifier: purSts2iNl2SBPpzGWDTlVcMDPKqEM89q1hlDW29nko=
Subject key identifier: 7D:8D:E2:72:8F:E6:43:69:92:50:6C:F5:97:E9:BF:71:53:B9:D4:D1
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 06CE
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/fY3ico_mQ2mSUGz1l-m_cVO51NE.roa
Signing time: Mon 26 Aug 2024 05:18:29 +0000
ROA not before: Mon 26 Aug 2024 05:18:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131657
IP address blocks: 103.153.176.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:33:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1742 (0x6ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Aug 26 05:18:29 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7D8DE2728FE6436992506CF597E9BF7153B9D4D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b6:f1:64:9d:a9:73:d7:08:a0:6d:49:21:cc:
bb:b8:bd:1a:5d:89:1b:37:ce:d1:37:9d:ab:2a:48:
67:74:af:f3:3b:fc:0a:e8:83:f4:e6:e4:63:af:17:
12:e9:09:15:01:2e:96:e9:98:0d:74:40:ea:44:fd:
2f:8d:54:97:2b:d6:aa:74:3a:81:c0:1a:0f:eb:e1:
a2:06:9d:29:75:ea:af:1f:51:4c:33:cf:ec:10:a7:
b5:f0:1e:81:aa:97:39:ee:97:96:f3:71:60:02:c8:
a7:7c:51:2b:9d:63:bc:de:f5:f2:25:b0:ac:b5:3e:
55:3e:aa:d8:53:43:03:f3:77:9c:3c:16:58:c1:8a:
be:c3:c8:25:05:2f:86:16:24:0a:2f:06:89:b7:1a:
6b:80:3a:be:7f:65:72:53:f5:ec:71:ab:26:43:36:
a8:d0:06:88:2a:4e:de:77:a5:7a:9f:55:84:66:71:
67:85:ba:4f:23:f7:a4:a8:3c:90:db:4d:f3:ad:f3:
b7:db:4e:d3:1e:e1:c3:26:d6:29:04:67:d9:cf:3a:
72:ca:8a:1c:46:05:b9:70:8e:10:aa:44:a5:38:41:
de:a1:2f:4d:62:b9:20:7b:3b:22:1e:59:02:09:80:
60:06:de:39:b5:0f:a4:b5:cd:04:dc:46:4e:74:92:
c8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8D:E2:72:8F:E6:43:69:92:50:6C:F5:97:E9:BF:71:53:B9:D4:D1
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/fY3ico_mQ2mSUGz1l-m_cVO51NE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.176.0/23
Signature Algorithm: sha256WithRSAEncryption
43:7e:c0:dd:7e:8e:60:2a:86:fb:a0:1e:9a:e7:ec:b6:38:ab:
a8:2e:a2:ab:b7:14:b7:45:14:64:a9:86:e0:1e:f1:0c:c9:40:
33:81:c2:04:c5:35:4a:56:7d:b2:af:0f:33:a8:55:5e:f7:30:
2e:6e:00:3f:5b:f7:09:4f:cf:99:86:25:ca:d4:e7:5f:e6:1f:
49:b2:3a:43:26:c7:fb:4a:b9:5f:27:b3:fc:4d:63:96:bc:f5:
db:25:35:de:59:43:d9:54:54:b7:ab:f4:c5:ad:33:4e:65:13:
ec:f3:fa:ac:fa:28:92:bb:ac:46:f5:61:93:59:9f:a7:78:1b:
01:9d:80:1f:df:eb:87:0a:b4:4a:2f:26:22:81:ed:69:2b:77:
06:fe:db:c8:bc:aa:96:66:8a:e7:54:56:29:19:da:c7:9e:68:
83:18:67:4a:8d:f9:b7:9a:15:7d:33:d6:89:5e:9d:ec:a8:05:
9c:ee:ad:0f:f2:4b:0a:68:63:54:79:a9:21:5f:20:62:d3:f8:
f1:e4:13:32:c8:57:76:e6:79:1a:e5:ab:c6:fe:b7:bb:2c:32:
9a:39:fc:ad:5c:af:6a:d1:2c:e7:ca:79:e2:b2:36:f7:07:cc:
29:b2:77:d8:02:1b:87:30:21:b2:da:f9:6d:da:3a:be:d0:cb:
7f:a8:de:7a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yNDA4MjYw
NTE4MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdEOERFMjcyOEZFNjQz
Njk5MjUwNkNGNTk3RTlCRjcxNTNCOUQ0RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDltvFknalz1wigbUkhzLu4vRpdiRs3ztE3nasqSGd0r/M7/Aro
g/Tm5GOvFxLpCRUBLpbpmA10QOpE/S+NVJcr1qp0OoHAGg/r4aIGnSl16q8fUUwz
z+wQp7XwHoGqlznul5bzcWACyKd8USudY7ze9fIlsKy1PlU+qthTQwPzd5w8FljB
ir7DyCUFL4YWJAovBom3GmuAOr5/ZXJT9exxqyZDNqjQBogqTt53pXqfVYRmcWeF
uk8j96SoPJDbTfOt87fbTtMe4cMm1ikEZ9nPOnLKihxGBblwjhCqRKU4Qd6hL01i
uSB7OyIeWQIJgGAG3jm1D6S1zQTcRk50ksj7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfY3ico/mQ2mSUGz1l+m/cVO51NEwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL2ZZM2ljb19tUTJtU1VHejFs
LW1fY1ZPNTFORS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn
mbAwDQYJKoZIhvcNAQELBQADggEBAEN+wN1+jmAqhvugHprn7LY4q6guoqu3FLdF
FGSphuAe8QzJQDOBwgTFNUpWfbKvDzOoVV73MC5uAD9b9wlPz5mGJcrU51/mH0my
OkMmx/tKuV8ns/xNY5a89dslNd5ZQ9lUVLer9MWtM05lE+zz+qz6KJK7rEb1YZNZ
n6d4GwGdgB/f64cKtEovJiKB7Wkrdwb+28i8qpZmiudUVikZ2seeaIMYZ0qN+bea
FX0z1oleneyoBZzurQ/ySwpoY1R5qSFfIGLT+PHkEzLIV3bmeRrlq8b+t7ssMpo5
/K1cr2rRLOfKeeKyNvcHzCmyd9gCG4cwIbLa+W3aOr7Qy3+o3no=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:52:52 2025 by rpki-client