Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MKY/ghY4bUi-aqq_2RgHhBWDaKyuJr8.roa
File: ghY4bUi-aqq_2RgHhBWDaKyuJr8.roa (raw, json)
Hash identifier: OCuKOnbPQvueBKRs6SX5Ac4hiBa35fF5WDNmkUDZhyM=
Subject key identifier: 82:16:38:6D:48:BE:6A:AA:BF:D9:18:07:84:15:83:68:AC:AE:26:BF
Certificate issuer: /CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1
Certificate serial: 0C2E
Authority key identifier: 9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/ghY4bUi-aqq_2RgHhBWDaKyuJr8.roa
Signing time: Mon 26 Aug 2024 05:21:05 +0000
ROA not before: Mon 26 Aug 2024 05:21:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7478
IP address blocks: 211.76.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3118 (0xc2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9D9E97B00D2E15C41AE7071732018C2B137E53A1
Validity
Not Before: Aug 26 05:21:05 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8216386D48BE6AAABFD9180784158368ACAE26BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c6:97:70:2a:90:7d:b4:48:6b:22:60:b3:ba:
3b:1b:1d:4d:17:5b:59:18:ce:69:eb:a7:58:a7:39:
f1:f7:4f:2a:49:a3:cc:91:07:07:a4:96:50:b6:7b:
3c:da:2d:38:25:41:69:11:33:a8:aa:d7:77:4c:ed:
d0:2b:f7:ac:7f:a3:85:60:5c:6a:8e:d4:eb:08:dd:
76:d5:fc:21:a7:b0:70:f7:ab:47:f5:84:3a:55:c6:
d0:36:71:d0:16:7d:8b:e5:df:88:55:63:63:69:29:
f1:a6:c9:2c:eb:93:0a:d9:bc:57:2c:cb:bf:64:fa:
fa:9a:9b:03:41:fb:f6:90:b2:17:2d:13:29:12:eb:
1b:e6:de:92:29:43:28:72:39:f5:18:ec:ae:fa:dd:
14:ca:3b:fa:63:4e:b7:17:dc:e3:64:e0:4a:90:e7:
14:bd:e7:f7:82:80:01:9b:27:5b:30:6a:5d:6e:36:
60:95:02:41:83:89:0d:4b:74:2e:5d:99:07:f4:7c:
87:df:2c:6b:fd:4c:68:9e:aa:d1:04:9b:43:74:64:
93:9c:82:5b:5a:9d:11:8d:5a:f8:30:1e:3c:f4:5f:
00:f9:7f:1f:8b:da:ee:ec:3a:49:bb:3a:7e:77:1a:
ef:d0:29:21:2f:70:42:fd:0f:69:a3:c9:6b:9e:07:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:16:38:6D:48:BE:6A:AA:BF:D9:18:07:84:15:83:68:AC:AE:26:BF
X509v3 Authority Key Identifier:
keyid:9D:9E:97:B0:0D:2E:15:C4:1A:E7:07:17:32:01:8C:2B:13:7E:53:A1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/nZ6XsA0uFcQa5wcXMgGMKxN-U6E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MKY/ghY4bUi-aqq_2RgHhBWDaKyuJr8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.0.0/19
Signature Algorithm: sha256WithRSAEncryption
90:3d:b0:64:94:dc:5c:ef:a5:29:d3:2a:97:24:06:a3:d0:84:
9e:73:43:ff:49:b7:30:2c:38:50:70:25:f6:25:3e:96:e7:f4:
f4:53:58:2b:9f:b3:60:93:ad:f4:2b:68:fa:90:9f:ee:9f:ef:
06:d2:b8:3c:22:82:a7:39:38:96:44:72:8f:56:04:7e:50:c4:
8c:28:25:a0:af:e4:c8:ba:95:60:c3:69:50:64:2c:6c:65:f4:
34:11:78:53:b2:07:9e:83:d9:1a:ed:fd:3f:f0:e5:c6:1a:95:
3a:ac:3e:76:5a:cb:44:c2:7e:40:f1:80:b1:30:fd:4a:b3:ed:
59:51:57:4a:40:ff:1a:4c:53:cf:78:97:c6:f4:2c:df:26:a4:
94:6d:02:4a:27:c4:2d:c3:4a:b6:42:92:c5:7e:39:72:c9:0a:
e8:72:79:bb:cf:4a:01:82:85:3a:aa:80:a0:0e:66:de:cc:31:
72:7b:1b:a3:ff:10:22:78:3c:19:05:77:09:47:30:98:71:43:
e3:f7:ff:9b:ff:9a:5a:99:2e:34:36:18:7e:8b:3b:4c:6f:b3:
3f:c7:3b:fa:77:92:50:da:9c:f3:14:78:18:25:d2:6d:a1:53:
be:f6:b7:71:57:d2:66:4d:2f:d9:ec:00:96:6f:0f:bd:ef:7c:
d2:8e:a6:6d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUQ5
RTk3QjAwRDJFMTVDNDFBRTcwNzE3MzIwMThDMkIxMzdFNTNBMTAeFw0yNDA4MjYw
NTIxMDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgyMTYzODZENDhCRTZB
QUFCRkQ5MTgwNzg0MTU4MzY4QUNBRTI2QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDExpdwKpB9tEhrImCzujsbHU0XW1kYzmnrp1inOfH3TypJo8yR
BwekllC2ezzaLTglQWkRM6iq13dM7dAr96x/o4VgXGqO1OsI3XbV/CGnsHD3q0f1
hDpVxtA2cdAWfYvl34hVY2NpKfGmySzrkwrZvFcsy79k+vqamwNB+/aQshctEykS
6xvm3pIpQyhyOfUY7K763RTKO/pjTrcX3ONk4EqQ5xS95/eCgAGbJ1swal1uNmCV
AkGDiQ1LdC5dmQf0fIffLGv9TGieqtEEm0N0ZJOcgltanRGNWvgwHjz0XwD5fx+L
2u7sOkm7On53Gu/QKSEvcEL9D2mjyWueByXBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUghY4bUi+aqq/2RgHhBWDaKyuJr8wHwYDVR0jBBgwFoAUnZ6XsA0uFcQa5wcX
MgGMKxN+U6EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL25a
NlhzQTB1RmNRYTV3Y1hNZ0dNS3hOLVU2RS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
blo2WHNBMHVGY1FhNXdjWE1nR01LeE4tVTZFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUtZL2doWTRiVWktYXFxXzJSZ0hoQldEYUt5
dUpyOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXTTAAwDQYJ
KoZIhvcNAQELBQADggEBAJA9sGSU3FzvpSnTKpckBqPQhJ5zQ/9JtzAsOFBwJfYl
Ppbn9PRTWCufs2CTrfQraPqQn+6f7wbSuDwigqc5OJZEco9WBH5QxIwoJaCv5Mi6
lWDDaVBkLGxl9DQReFOyB56D2Rrt/T/w5cYalTqsPnZay0TCfkDxgLEw/Uqz7VlR
V0pA/xpMU894l8b0LN8mpJRtAkonxC3DSrZCksV+OXLJCuhyebvPSgGChTqqgKAO
Zt7MMXJ7G6P/ECJ4PBkFdwlHMJhxQ+P3/5v/mlqZLjQ2GH6LO0xvsz/HO/p3klDa
nPMUeBgl0m2hU772t3FX0mZNL9nsAJZvD73vfNKOpm0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:20:21 2025 by rpki-client