Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/mmLam0LBNWJDxUod4bIxWruEwkA.roa
File: mmLam0LBNWJDxUod4bIxWruEwkA.roa (raw, json)
Hash identifier: kzn8sQgR7S3ET4B8xLxVgQFVRK1ElDMVKEE5ho+MsYI=
Subject key identifier: 9A:62:DA:9B:42:C1:35:62:43:C5:4A:1D:E1:B2:31:5A:BB:84:C2:40
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 0689
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/mmLam0LBNWJDxUod4bIxWruEwkA.roa
Signing time: Tue 10 Sep 2024 07:52:33 +0000
ROA not before: Tue 10 Sep 2024 07:52:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 45.123.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1673 (0x689)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Sep 10 07:52:33 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9A62DA9B42C1356243C54A1DE1B2315ABB84C240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a2:82:79:ab:90:9f:ac:9c:ea:4e:90:48:43:
65:04:ad:88:8d:55:43:40:84:96:80:38:a4:3b:90:
06:be:fa:3c:a0:59:42:91:da:75:40:54:a6:44:59:
fb:6d:90:0e:4e:c1:fe:80:fe:d7:8f:a2:42:20:86:
d4:5c:05:3a:da:26:9b:ce:81:e1:84:dc:23:fc:15:
68:0f:36:8c:2e:c2:68:e6:c2:6a:a4:49:f2:f9:8d:
83:d1:2f:8b:4d:0c:0f:28:ed:fd:5c:d4:bd:a1:9d:
b6:37:8f:df:4b:55:5b:fd:0f:ca:6f:db:55:0d:a1:
98:45:93:81:12:3c:26:78:1e:ce:13:a3:58:4d:45:
f3:65:b6:cb:8f:20:f2:93:8b:38:cb:dc:c3:c3:c5:
b9:79:3c:6d:77:22:6f:26:40:09:80:9c:b7:4b:55:
cc:5d:a1:04:9f:49:65:b6:30:eb:fa:04:7e:f0:20:
ea:36:8d:9b:d2:91:ce:48:28:18:4a:6a:21:f2:0a:
5b:f8:36:10:f2:1c:34:ac:2b:2a:92:c5:e4:4a:08:
5c:e3:76:23:ed:a0:cc:3c:c4:dc:2b:8a:31:ba:a9:
0a:24:14:a5:2d:f0:54:b4:67:fa:57:f7:f6:82:b1:
f5:96:f7:0c:61:10:ce:89:38:62:37:5f:fa:c6:ad:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:62:DA:9B:42:C1:35:62:43:C5:4A:1D:E1:B2:31:5A:BB:84:C2:40
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/mmLam0LBNWJDxUod4bIxWruEwkA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.117.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b3:59:0c:cb:a6:42:1f:d3:7a:53:ec:b3:64:5d:90:5a:ea:
41:65:22:19:4a:6f:29:5e:ed:49:55:52:7e:91:20:48:74:88:
df:75:84:93:9d:c5:15:53:a6:ce:1f:f0:de:cc:f7:c8:01:c4:
27:19:b7:44:e6:71:ec:eb:95:51:bf:99:90:59:02:bb:a8:0c:
af:c9:85:96:53:d4:a3:ae:a2:de:e8:56:5f:7f:1d:2b:ac:b3:
53:15:7d:ed:ae:58:24:58:66:34:d8:d3:c3:5c:42:f3:d9:e9:
b4:6e:8e:62:39:78:a2:5b:31:87:ae:1f:9c:b1:a9:6c:23:52:
3f:43:38:ac:ae:8c:ed:5a:2c:45:c1:e4:7d:8c:69:9c:8a:26:
b1:51:50:55:fb:d7:ad:cc:4a:7b:78:ef:57:59:8b:db:e7:a3:
89:42:ef:92:cc:60:e8:23:08:a5:39:87:e5:65:8b:d0:c9:ff:
18:33:7f:8c:d2:2d:60:f3:89:f4:75:e2:29:5e:98:3d:0f:f2:
ef:3e:fc:fc:6f:e2:07:bd:35:1e:75:5c:c9:84:9b:aa:53:3c:
cb:34:9b:82:1a:ef:43:6a:f3:cd:43:fa:e5:22:4d:27:71:12:
35:19:ef:03:fb:63:9b:d3:9b:1a:15:d6:89:2e:b0:77:29:7a:
0e:02:ba:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yNDA5MTAw
NzUyMzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlBNjJEQTlCNDJDMTM1
NjI0M0M1NEExREUxQjIzMTVBQkI4NEMyNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSooJ5q5CfrJzqTpBIQ2UErYiNVUNAhJaAOKQ7kAa++jygWUKR
2nVAVKZEWfttkA5Owf6A/tePokIghtRcBTraJpvOgeGE3CP8FWgPNowuwmjmwmqk
SfL5jYPRL4tNDA8o7f1c1L2hnbY3j99LVVv9D8pv21UNoZhFk4ESPCZ4Hs4To1hN
RfNltsuPIPKTizjL3MPDxbl5PG13Im8mQAmAnLdLVcxdoQSfSWW2MOv6BH7wIOo2
jZvSkc5IKBhKaiHyClv4NhDyHDSsKyqSxeRKCFzjdiPtoMw8xNwrijG6qQokFKUt
8FS0Z/pX9/aCsfWW9wxhEM6JOGI3X/rGrdTBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmmLam0LBNWJDxUod4bIxWruEwkAwHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL21tTGFtMExCTldKRHhVb2Q0
Ykl4V3J1RXdrQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAt
e3UwDQYJKoZIhvcNAQELBQADggEBABKzWQzLpkIf03pT7LNkXZBa6kFlIhlKbyle
7UlVUn6RIEh0iN91hJOdxRVTps4f8N7M98gBxCcZt0TmcezrlVG/mZBZAruoDK/J
hZZT1KOuot7oVl9/HSuss1MVfe2uWCRYZjTY08NcQvPZ6bRujmI5eKJbMYeuH5yx
qWwjUj9DOKyujO1aLEXB5H2MaZyKJrFRUFX7163MSnt471dZi9vno4lC75LMYOgj
CKU5h+Vli9DJ/xgzf4zSLWDzifR14ilemD0P8u8+/Pxv4ge9NR51XMmEm6pTPMs0
m4Ia70Nq881D+uUiTSdxEjUZ7wP7Y5vTmxoV1okusHcpeg4Cujg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:46 2025 by rpki-client