Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/aajlBrBJxgC1NjmY_lioPS2ROkc.roa
File: aajlBrBJxgC1NjmY_lioPS2ROkc.roa (raw, json)
Hash identifier: 9laBhCsRQ66nvu2EiX3gYtuUB5y3dM6NFWOPqj8u77s=
Subject key identifier: 69:A8:E5:06:B0:49:C6:00:B5:36:39:98:FE:58:A8:3D:2D:91:3A:47
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1711
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/aajlBrBJxgC1NjmY_lioPS2ROkc.roa
Signing time: Mon 23 Sep 2024 09:53:39 +0000
ROA not before: Mon 23 Sep 2024 09:53:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131611
IP address blocks: 218.32.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5905 (0x1711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 23 09:53:39 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=69A8E506B049C600B5363998FE58A83D2D913A47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:3f:b8:94:44:b6:bd:16:0b:8c:37:54:57:
1e:e3:b2:15:4d:b6:8f:26:e1:82:a7:20:47:04:5d:
6d:32:1c:ff:28:a2:20:6f:8c:91:be:71:ef:e7:41:
2f:3a:8c:e0:4e:04:82:e8:ba:29:1d:ee:9c:9d:33:
45:2a:7f:c1:ea:c7:35:e7:ee:57:bd:98:f4:b4:0b:
e2:1c:56:9e:2b:1a:b0:2a:79:ae:79:73:2f:c2:bd:
70:4a:3c:aa:00:a6:e3:be:49:1f:f2:46:84:19:ad:
8a:21:d8:b3:fc:af:a9:e6:bf:6b:a2:68:23:fb:c4:
40:17:37:fe:24:16:ae:34:7d:67:e4:a9:2e:4a:3b:
23:44:dc:9c:42:9b:b1:31:e0:27:8e:7a:04:2b:13:
6a:45:df:f7:d2:70:8a:10:2d:4b:87:55:3b:97:1b:
11:d2:51:6a:ea:88:e5:a2:3c:71:20:ee:86:86:3e:
d9:b4:75:4a:c7:4e:fc:c9:b9:fe:81:45:b2:91:85:
c4:82:53:96:c1:60:a2:b1:fa:55:21:50:d5:51:65:
9c:de:27:e4:b7:83:35:d1:20:52:5f:c8:b5:34:e1:
1f:f0:e1:cd:c9:4a:70:4c:db:34:fb:f3:c7:e5:78:
6a:f3:2d:33:97:7f:50:d4:3a:b2:36:00:e1:fa:2f:
27:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A8:E5:06:B0:49:C6:00:B5:36:39:98:FE:58:A8:3D:2D:91:3A:47
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/aajlBrBJxgC1NjmY_lioPS2ROkc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.32.144.0/20
Signature Algorithm: sha256WithRSAEncryption
31:0c:a1:88:7d:bb:71:d6:33:e1:0b:bd:81:d9:a2:f8:9c:92:
de:8a:e3:1f:72:80:8d:8a:83:12:94:70:56:ca:2f:16:cf:6e:
d3:31:66:7c:2e:d2:97:32:88:c6:5f:59:40:8b:bb:bf:ad:5c:
70:81:18:40:da:70:aa:3e:6a:c6:b6:b3:19:56:d3:e2:fe:ca:
f7:48:40:44:1a:c2:c5:dc:92:a9:1e:70:a7:b1:68:72:59:02:
0b:83:64:ff:da:6a:c7:18:67:0e:3f:80:fe:c0:91:ac:6d:64:
78:52:0c:98:0f:83:91:54:41:5e:7a:cd:73:f7:30:45:4a:76:
34:4a:bb:06:1d:87:02:3c:bb:17:16:6f:12:3f:83:c8:40:85:
36:22:23:0b:01:5a:a8:c7:70:f9:de:1c:bc:80:94:4d:21:ca:
f5:11:bb:fb:5d:4c:b8:67:c1:c5:52:c2:57:ec:25:3f:c4:91:
f1:8a:69:4b:76:38:57:f7:71:cc:f5:1b:d3:25:dd:81:79:b1:
ce:0b:ae:9a:72:6d:2d:a1:27:93:45:04:da:56:12:41:70:3f:
b9:4c:d3:53:0b:1a:ca:f5:bb:a2:14:18:44:73:78:bb:c0:66:
99:ce:13:3c:43:68:8f:88:79:4c:08:f3:0f:9c:b6:8b:a9:3e:
e5:21:7d:d2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFxEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA5MjMw
OTUzMzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY5QThFNTA2QjA0OUM2
MDBCNTM2Mzk5OEZFNThBODNEMkQ5MTNBNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqnT+4lES2vRYLjDdUVx7jshVNto8m4YKnIEcEXW0yHP8ooiBv
jJG+ce/nQS86jOBOBILouikd7pydM0Uqf8HqxzXn7le9mPS0C+IcVp4rGrAqea55
cy/CvXBKPKoApuO+SR/yRoQZrYoh2LP8r6nmv2uiaCP7xEAXN/4kFq40fWfkqS5K
OyNE3JxCm7Ex4CeOegQrE2pF3/fScIoQLUuHVTuXGxHSUWrqiOWiPHEg7oaGPtm0
dUrHTvzJuf6BRbKRhcSCU5bBYKKx+lUhUNVRZZzeJ+S3gzXRIFJfyLU04R/w4c3J
SnBM2zT788fleGrzLTOXf1DUOrI2AOH6LyehAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaajlBrBJxgC1NjmY/lioPS2ROkcwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvYWFqbEJyQkp4Z0MxTmptWV9saW9Q
UzJST2tjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNogkDAN
BgkqhkiG9w0BAQsFAAOCAQEAMQyhiH27cdYz4Qu9gdmi+JyS3orjH3KAjYqDEpRw
VsovFs9u0zFmfC7SlzKIxl9ZQIu7v61ccIEYQNpwqj5qxrazGVbT4v7K90hARBrC
xdySqR5wp7FoclkCC4Nk/9pqxxhnDj+A/sCRrG1keFIMmA+DkVRBXnrNc/cwRUp2
NEq7Bh2HAjy7FxZvEj+DyECFNiIjCwFaqMdw+d4cvICUTSHK9RG7+11MuGfBxVLC
V+wlP8SR8YppS3Y4V/dxzPUb0yXdgXmxzguumnJtLaEnk0UE2lYSQXA/uUzTUwsa
yvW7ohQYRHN4u8Bmmc4TPENoj4h5TAjzD5y2i6k+5SF90g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:43 2025 by rpki-client