Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM-khAd8UJiTc9vAB2O_BiFRWGY.roa
File: PM-khAd8UJiTc9vAB2O_BiFRWGY.roa (raw, json)
Hash identifier: q4L+u6+7RAfYaxws35syJ0pFlz1XhZyBRDIbg8dojmY=
Subject key identifier: 3C:CF:A4:84:07:7C:50:98:93:73:DB:C0:07:63:BF:06:21:51:58:66
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0ED7
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM-khAd8UJiTc9vAB2O_BiFRWGY.roa
Signing time: Mon 26 Aug 2024 05:21:53 +0000
ROA not before: Mon 26 Aug 2024 05:21:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 192.72.8.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3799 (0xed7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Aug 26 05:21:53 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3CCFA484077C50989373DBC00763BF0621515866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c9:c3:cf:ce:5c:71:9a:35:58:09:bd:42:11:
e7:28:65:54:16:84:5b:42:25:83:74:ec:e8:2f:7a:
3f:78:0b:05:c6:3a:fe:7b:e5:c7:b1:48:72:5e:72:
0e:5d:f3:d3:ff:2f:1b:7a:7f:e4:58:35:a2:83:66:
db:b2:d9:3a:23:3a:10:df:26:1e:af:e8:90:f4:da:
2c:ba:fb:81:5d:ed:31:f4:43:03:6c:9f:9f:c2:9f:
e3:e0:a0:77:18:a3:b7:ce:81:64:b5:cf:df:8b:7e:
46:59:ac:32:d5:7f:08:e8:27:66:0c:8e:fc:79:c1:
c7:30:24:37:ea:1c:ce:52:f3:51:90:01:5d:f4:4e:
cf:38:54:25:ed:dc:ff:a7:51:f2:4e:dd:4c:12:48:
1c:ee:01:2d:47:37:40:37:f2:6d:cd:9e:60:d0:e1:
4e:39:dc:df:8f:59:2d:ac:e0:c5:18:63:b6:4d:f6:
a0:51:10:fd:36:8d:81:8f:20:e8:55:97:0f:46:c3:
42:23:29:3d:6e:00:18:f5:fe:ab:07:67:0d:31:b9:
e7:83:bb:d3:90:ad:2c:89:5f:9b:7b:e8:1b:6a:47:
9c:c8:fe:f5:63:cc:2e:61:9d:4f:19:61:29:95:6c:
44:e4:e2:99:6f:82:11:57:fd:6b:fe:7b:fe:1f:3c:
98:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:A4:84:07:7C:50:98:93:73:DB:C0:07:63:BF:06:21:51:58:66
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/PM-khAd8UJiTc9vAB2O_BiFRWGY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.8.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:40:22:73:1f:4c:63:1c:a5:13:78:71:34:43:ad:0e:2c:28:
de:5d:0a:83:8e:e6:10:64:81:8a:c2:8e:16:04:56:f2:2d:c8:
97:a0:2e:c2:f7:8d:18:7b:b8:82:77:67:b7:d9:39:e9:78:45:
97:00:42:02:2f:ab:4c:93:04:ef:05:50:a2:be:7d:7a:82:31:
a8:94:b8:76:86:67:05:1f:60:6b:d0:bb:28:d3:d8:8d:5b:ba:
f2:44:42:c5:46:bf:9d:4d:97:3c:e7:b6:69:1e:5d:b8:60:61:
72:1a:3b:34:42:19:07:6a:6f:3c:29:c7:95:95:b0:16:1f:2d:
f9:4b:07:82:7b:fd:2c:90:26:1e:96:36:2f:df:cd:b3:37:c2:
48:71:0f:fa:54:a7:32:44:17:d4:a6:bc:48:b1:56:98:a0:f5:
e6:5d:70:cf:39:ce:d7:6e:90:07:9f:8e:0a:54:1c:75:89:77:
09:4b:29:04:b4:ee:f8:3e:72:f9:b9:f5:45:32:62:9d:e6:96:
e4:75:9a:73:d2:ee:23:45:ab:dd:33:b9:73:da:7e:1d:27:e2:
03:d6:bf:cd:86:25:2e:c2:83:66:8d:69:00:51:91:4c:3d:05:
41:f6:c1:f7:48:5d:a8:d8:53:de:e4:22:3d:57:0a:3b:6e:e7:
15:1f:f8:0b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNDA4MjYw
NTIxNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNDQ0ZBNDg0MDc3QzUw
OTg5MzczREJDMDA3NjNCRjA2MjE1MTU4NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9ycPPzlxxmjVYCb1CEecoZVQWhFtCJYN07Ogvej94CwXGOv57
5cexSHJecg5d89P/Lxt6f+RYNaKDZtuy2TojOhDfJh6v6JD02iy6+4Fd7TH0QwNs
n5/Cn+PgoHcYo7fOgWS1z9+LfkZZrDLVfwjoJ2YMjvx5wccwJDfqHM5S81GQAV30
Ts84VCXt3P+nUfJO3UwSSBzuAS1HN0A38m3NnmDQ4U453N+PWS2s4MUYY7ZN9qBR
EP02jYGPIOhVlw9Gw0IjKT1uABj1/qsHZw0xueeDu9OQrSyJX5t76BtqR5zI/vVj
zC5hnU8ZYSmVbETk4plvghFX/Wv+e/4fPJhTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPM+khAd8UJiTc9vAB2O/BiFRWGYwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUE0ta2hBZDhVSmlUYzl2QUIyT19C
aUZSV0dZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BICDAN
BgkqhkiG9w0BAQsFAAOCAQEAqkAicx9MYxylE3hxNEOtDiwo3l0Kg47mEGSBisKO
FgRW8i3Il6AuwveNGHu4gndnt9k56XhFlwBCAi+rTJME7wVQor59eoIxqJS4doZn
BR9ga9C7KNPYjVu68kRCxUa/nU2XPOe2aR5duGBhcho7NEIZB2pvPCnHlZWwFh8t
+UsHgnv9LJAmHpY2L9/NszfCSHEP+lSnMkQX1Ka8SLFWmKD15l1wzznO126QB5+O
ClQcdYl3CUspBLTu+D5y+bn1RTJineaW5HWac9LuI0Wr3TO5c9p+HSfiA9a/zYYl
LsKDZo1pAFGRTD0FQfbB90hdqNhT3uQiPVcKO27nFR/4Cw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:49 2025 by rpki-client