Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/_RntfshmTfvYXtN6kK2O_22GadE.roa
File: _RntfshmTfvYXtN6kK2O_22GadE.roa (raw, json)
Hash identifier: qDfoZl9r8odRrtQHYqsm57xijVW1e0RSdgBzCOT3fbQ=
Subject key identifier: FD:19:ED:7E:C8:66:4D:FB:D8:5E:D3:7A:90:AD:8E:FF:6D:86:69:D1
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1611
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/_RntfshmTfvYXtN6kK2O_22GadE.roa
Signing time: Mon 26 Aug 2024 05:21:44 +0000
ROA not before: Mon 26 Aug 2024 05:21:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 123.205.128.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5649 (0x1611)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:21:44 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FD19ED7EC8664DFBD85ED37A90AD8EFF6D8669D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7b:18:ab:ab:b0:95:7e:31:60:af:e4:62:c3:
ff:63:a8:a7:7f:f0:b8:5c:6c:28:e7:82:a6:24:81:
37:2b:4f:f2:db:3f:d1:87:00:e7:ef:3a:99:b8:db:
b2:1f:50:a0:30:7d:fd:63:ab:56:f5:24:1c:e6:c9:
85:2a:dc:b8:f2:71:35:91:72:bc:24:be:bb:3a:92:
28:a7:95:34:51:15:2c:39:12:e2:23:e3:7d:c1:39:
3e:8e:f2:b9:36:65:80:5c:63:c0:20:6c:b9:82:59:
94:c5:75:0f:30:73:87:4e:f5:df:22:c8:9b:c6:17:
0d:b2:9f:3c:78:a9:ad:f1:c0:40:bf:b6:ac:43:c9:
9b:cc:28:40:61:52:2f:8c:bd:b8:66:40:c8:44:32:
05:c4:0d:1a:9f:c2:98:68:df:c6:6b:88:b1:fc:b3:
14:c1:21:21:5b:77:b3:91:5f:19:f9:e1:b7:e6:1c:
5f:de:92:82:ae:7a:25:a1:49:3f:b3:b2:6f:b7:c3:
e3:0f:31:7e:1e:c2:b9:22:e6:10:0b:75:b9:88:a6:
98:a4:b6:96:9e:be:2d:96:47:01:74:72:60:92:f7:
99:05:c4:59:ac:02:54:6a:5a:ef:90:b8:9d:e0:c6:
c6:32:02:09:a0:d0:ce:2a:dd:6e:d2:04:1f:e2:52:
6d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:19:ED:7E:C8:66:4D:FB:D8:5E:D3:7A:90:AD:8E:FF:6D:86:69:D1
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/_RntfshmTfvYXtN6kK2O_22GadE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.205.128.0/18
Signature Algorithm: sha256WithRSAEncryption
ae:18:72:62:70:57:15:b4:d4:f3:ae:8e:45:78:d3:92:3b:f8:
47:3d:f2:79:a3:c9:cc:d8:ab:7d:f1:77:1b:a6:6d:ba:17:46:
81:25:a9:f4:32:00:e0:d7:90:ee:3a:07:ae:a9:44:fb:a6:f6:
15:43:a1:3b:d6:b4:7c:d6:fb:8d:18:8c:1b:d4:31:a4:fd:94:
79:05:51:9b:c5:1a:45:f1:53:77:7f:8c:01:0b:02:71:06:f4:
e1:b6:eb:5c:1b:a3:25:ba:e1:89:bb:50:89:b3:54:74:ac:e0:
48:45:02:b3:9d:97:c5:85:99:f1:92:8a:08:f3:58:07:5c:cb:
1d:58:92:31:2f:7a:69:b2:fe:57:a8:c9:4c:d7:8f:a2:78:ca:
42:83:14:97:e2:15:08:1b:e5:a5:6f:4c:33:b4:d1:2a:8b:3d:
55:6d:ce:75:4c:03:b5:af:09:3a:fd:08:ab:8a:b8:72:ec:b9:
51:97:68:35:74:44:5e:ee:6d:f2:70:bb:c0:c8:e2:fa:49:01:
e7:5e:50:8f:6f:c5:01:61:11:4d:35:62:9d:12:72:46:78:9d:
a0:c8:6f:1f:b6:b4:8d:7d:1d:a3:66:c1:09:54:b3:7b:28:ec:
04:95:56:51:ee:57:ae:ee:b6:d9:11:4d:dd:06:1d:05:f7:c0:
b2:18:c9:ad
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFhEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIxNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZEMTlFRDdFQzg2NjRE
RkJEODVFRDM3QTkwQUQ4RUZGNkQ4NjY5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWexirq7CVfjFgr+Riw/9jqKd/8LhcbCjngqYkgTcrT/LbP9GH
AOfvOpm427IfUKAwff1jq1b1JBzmyYUq3LjycTWRcrwkvrs6kiinlTRRFSw5EuIj
433BOT6O8rk2ZYBcY8AgbLmCWZTFdQ8wc4dO9d8iyJvGFw2ynzx4qa3xwEC/tqxD
yZvMKEBhUi+MvbhmQMhEMgXEDRqfwpho38ZriLH8sxTBISFbd7ORXxn54bfmHF/e
koKueiWhST+zsm+3w+MPMX4ewrki5hALdbmIppiktpaevi2WRwF0cmCS95kFxFms
AlRqWu+QuJ3gxsYyAgmg0M4q3W7SBB/iUm0ZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/RntfshmTfvYXtN6kK2O/22GadEwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvX1JudGZzaG1UZnZZWHRONmtLMk9f
MjJHYWRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnvNgDAN
BgkqhkiG9w0BAQsFAAOCAQEArhhyYnBXFbTU866ORXjTkjv4Rz3yeaPJzNirffF3
G6ZtuhdGgSWp9DIA4NeQ7joHrqlE+6b2FUOhO9a0fNb7jRiMG9QxpP2UeQVRm8Ua
RfFTd3+MAQsCcQb04bbrXBujJbrhibtQibNUdKzgSEUCs52XxYWZ8ZKKCPNYB1zL
HViSMS96abL+V6jJTNePonjKQoMUl+IVCBvlpW9MM7TRKos9VW3OdUwDta8JOv0I
q4q4cuy5UZdoNXREXu5t8nC7wMji+kkB515Qj2/FAWERTTVinRJyRnidoMhvH7a0
jX0do2bBCVSzeyjsBJVWUe5Xru622RFN3QYdBffAshjJrQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:43:47 2025 by rpki-client