Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NARL/QDMmYqXt8fBjCSJpTy_-aSWUvjE.roa
File: QDMmYqXt8fBjCSJpTy_-aSWUvjE.roa (raw, json)
Hash identifier: QNxxX+fCGf5zchP2tuWBY7nLQUIuhtWjV8nwiD1eosc=
Subject key identifier: 40:33:26:62:A5:ED:F1:F0:63:09:22:69:4F:2F:FE:69:25:94:BE:31
Certificate issuer: /CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
Certificate serial: 0C3E
Authority key identifier: 45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/QDMmYqXt8fBjCSJpTy_-aSWUvjE.roa
Signing time: Mon 26 Aug 2024 05:21:23 +0000
ROA not before: Mon 26 Aug 2024 05:21:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7539
IP address blocks: 203.145.200.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 11:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3134 (0xc3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=451EF9359A984F6A4CF91FE9004EAEB089A984C0
Validity
Not Before: Aug 26 05:21:23 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=40332662A5EDF1F0630922694F2FFE692594BE31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:50:e4:cd:0a:22:02:94:74:f3:74:57:34:0d:
02:cc:7d:db:af:85:c5:9b:22:f1:bc:a5:0c:97:7f:
7c:db:e1:b5:e7:1b:9e:2e:b7:77:c7:37:54:d8:c2:
34:a4:a6:7c:9b:1f:8c:81:e6:b7:63:e3:31:8d:4d:
ec:ad:36:02:fd:e0:84:01:60:a7:2f:b3:96:e7:73:
cc:d1:8b:9f:24:74:f4:eb:85:2a:83:0b:4e:76:4f:
ec:6a:c6:86:b8:54:f0:58:88:4b:21:e7:ee:5e:2d:
7d:70:55:d5:bf:9d:0d:ed:8f:fb:a4:67:69:f1:79:
00:21:50:81:0a:88:9e:a9:d1:31:30:57:c7:af:51:
84:7f:ef:d0:17:62:28:cf:49:61:60:08:93:c2:d7:
88:47:19:da:9e:85:04:d9:57:8e:b9:4a:55:93:25:
f3:f9:f4:02:50:59:32:50:74:de:ef:d1:0d:08:f5:
87:98:cd:03:69:3c:5f:30:f0:4e:8b:8d:d1:4d:f3:
8d:e7:7a:00:b0:41:a5:ca:b7:20:38:b6:3a:5a:c1:
23:10:19:da:9b:65:35:29:be:5a:b7:a0:ce:98:58:
48:f4:ea:82:c4:a6:09:41:1c:e0:a9:20:92:8f:fa:
53:f2:e0:cf:7a:ab:16:c4:d4:67:f3:14:e4:fe:e6:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:33:26:62:A5:ED:F1:F0:63:09:22:69:4F:2F:FE:69:25:94:BE:31
X509v3 Authority Key Identifier:
keyid:45:1E:F9:35:9A:98:4F:6A:4C:F9:1F:E9:00:4E:AE:B0:89:A9:84:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/RR75NZqYT2pM-R_pAE6usImphMA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RR75NZqYT2pM-R_pAE6usImphMA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NARL/QDMmYqXt8fBjCSJpTy_-aSWUvjE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.145.200.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:0b:fe:f1:c6:2d:4f:83:26:20:67:9c:35:54:4f:79:47:09:
75:69:d5:a6:ff:c4:14:2e:86:45:5b:b2:f7:b3:dc:c8:2a:64:
e5:bb:71:51:37:01:dd:35:42:5d:c4:13:6a:66:a5:8b:60:42:
67:37:8a:fd:5e:72:90:97:fa:ac:c3:d3:ea:2e:fa:46:8e:4d:
1d:82:cf:bd:1a:be:59:a9:91:db:28:70:b8:68:d1:c7:c4:4d:
f7:c3:63:f2:af:db:47:7b:ac:66:9d:50:7a:d1:2f:87:f8:84:
23:b3:d6:1c:23:e2:9f:18:11:31:87:72:0e:d6:52:e3:04:bb:
82:48:92:d8:10:ec:18:10:c5:bc:a8:37:d7:94:e1:5f:ba:c1:
7d:e9:9a:51:6d:f0:64:e9:e8:da:7e:72:54:7a:8d:b7:83:96:
36:87:93:ea:e4:16:c8:d2:96:4e:1b:d4:47:d6:f1:cc:49:37:
28:02:e1:ac:82:1c:8b:46:ea:7e:6c:1e:e5:c5:56:7b:77:8f:
31:7f:b2:9f:e5:b5:bc:5f:ed:43:1b:8e:57:3d:a3:d1:c5:a3:
92:51:bd:c0:53:3d:5a:23:f5:fd:c5:65:d2:85:7f:bb:98:71:
63:9b:d7:73:0f:aa:3c:21:65:99:1b:2c:7b:21:6b:a1:82:65:
e5:8e:a9:22
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDD4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDUx
RUY5MzU5QTk4NEY2QTRDRjkxRkU5MDA0RUFFQjA4OUE5ODRDMDAeFw0yNDA4MjYw
NTIxMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwMzMyNjYyQTVFREYx
RjA2MzA5MjI2OTRGMkZGRTY5MjU5NEJFMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwUOTNCiIClHTzdFc0DQLMfduvhcWbIvG8pQyXf3zb4bXnG54u
t3fHN1TYwjSkpnybH4yB5rdj4zGNTeytNgL94IQBYKcvs5bnc8zRi58kdPTrhSqD
C052T+xqxoa4VPBYiEsh5+5eLX1wVdW/nQ3tj/ukZ2nxeQAhUIEKiJ6p0TEwV8ev
UYR/79AXYijPSWFgCJPC14hHGdqehQTZV465SlWTJfP59AJQWTJQdN7v0Q0I9YeY
zQNpPF8w8E6LjdFN843negCwQaXKtyA4tjpawSMQGdqbZTUpvlq3oM6YWEj06oLE
pglBHOCpIJKP+lPy4M96qxbE1GfzFOT+5vxxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQDMmYqXt8fBjCSJpTy/+aSWUvjEwHwYDVR0jBBgwFoAURR75NZqYT2pM+R/p
AE6usImphMAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkFSTC9S
Ujc1TlpxWVQycE0tUl9wQUU2dXNJbXBoTUEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1JSNzVOWnFZVDJwTS1SX3BBRTZ1c0ltcGhNQS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05BUkwvUURNbVlxWHQ4ZkJqQ1NKcFR5Xy1h
U1dVdmpFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8uRyDAN
BgkqhkiG9w0BAQsFAAOCAQEASwv+8cYtT4MmIGecNVRPeUcJdWnVpv/EFC6GRVuy
97PcyCpk5btxUTcB3TVCXcQTamali2BCZzeK/V5ykJf6rMPT6i76Ro5NHYLPvRq+
WamR2yhwuGjRx8RN98Nj8q/bR3usZp1QetEvh/iEI7PWHCPinxgRMYdyDtZS4wS7
gkiS2BDsGBDFvKg315ThX7rBfemaUW3wZOno2n5yVHqNt4OWNoeT6uQWyNKWThvU
R9bxzEk3KALhrIIci0bqfmwe5cVWe3ePMX+yn+W1vF/tQxuOVz2j0cWjklG9wFM9
WiP1/cVl0oV/u5hxY5vXcw+qPCFlmRsseyFroYJl5Y6pIg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:40:34 2025 by rpki-client