Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/ntSytr9ikoucSMD6eifI8QaQ3kE.roa
File: ntSytr9ikoucSMD6eifI8QaQ3kE.roa (raw, json)
Hash identifier: oOyzEKyucx33v6cXxJUI5vx2XpkOypVWsQX1HdfAQU8=
Subject key identifier: 9E:D4:B2:B6:BF:62:92:8B:9C:48:C0:FA:7A:27:C8:F1:06:90:DE:41
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1621
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ntSytr9ikoucSMD6eifI8QaQ3kE.roa
Signing time: Mon 26 Aug 2024 05:21:49 +0000
ROA not before: Mon 26 Aug 2024 05:21:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 220.229.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5665 (0x1621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:21:49 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9ED4B2B6BF62928B9C48C0FA7A27C8F10690DE41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:0b:1a:9f:3c:ed:08:65:14:40:2a:2c:51:
38:18:f8:e5:e5:1d:5d:93:a7:cf:87:18:69:da:43:
06:94:64:f6:b9:bb:25:00:e9:2f:27:12:f0:3d:1c:
03:55:78:11:2e:1c:fa:de:5c:cb:ca:7b:eb:fc:93:
46:76:90:70:ab:7e:37:ed:31:b9:d8:ed:d4:a6:95:
8e:20:33:4e:5d:35:5a:a0:2b:bc:3b:a2:d2:2b:47:
da:82:4a:04:f7:a0:55:8a:f4:2a:ed:f1:84:34:29:
7c:81:ec:44:12:83:ed:c0:2d:94:f7:78:29:d4:67:
ea:7b:91:66:15:5e:ee:45:f3:d2:31:24:f3:0c:7a:
f5:60:37:40:39:48:9b:11:7a:64:9e:0c:e9:61:bb:
92:05:07:c6:59:55:c6:ee:98:61:f5:40:35:b9:56:
88:c5:36:3e:4d:61:79:04:96:a9:7e:b3:b5:d2:df:
ce:81:ee:55:5c:ee:93:8a:9f:e2:3e:fa:c3:82:4c:
1d:1a:c2:62:0d:e3:1f:3d:8e:fe:56:a7:71:58:52:
7a:fc:d9:00:4d:6e:a8:38:fe:bc:3a:80:52:fb:ee:
3e:d0:0a:2c:1b:75:a9:cf:e4:ad:36:d0:4e:78:c1:
01:61:70:19:72:29:ce:36:26:65:21:0b:fa:1e:bc:
b4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D4:B2:B6:BF:62:92:8B:9C:48:C0:FA:7A:27:C8:F1:06:90:DE:41
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/ntSytr9ikoucSMD6eifI8QaQ3kE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.68.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:03:06:ff:67:38:6b:16:01:b3:1e:10:bf:26:62:a8:4f:df:
78:db:3c:15:16:ae:2f:eb:92:78:46:a8:0f:9e:c9:3a:11:de:
13:df:3d:d0:6f:b6:bc:7b:cb:da:b0:93:5d:e5:2e:15:8d:cd:
3e:1f:df:55:52:b2:26:01:a2:41:a5:39:37:a9:65:d0:05:31:
1a:21:85:91:d8:56:77:b7:8a:2a:1c:59:56:d7:9d:98:9e:6d:
91:50:4a:14:b7:f0:29:ed:79:3e:c5:53:13:4f:32:f3:47:71:
03:2f:77:2f:f0:12:40:25:6d:c7:a3:8f:f8:9e:c6:cc:a1:b1:
24:f1:b0:1c:24:7b:65:7c:92:4a:cf:fc:59:3c:9a:46:e0:ab:
11:df:03:44:40:8a:11:de:74:d4:d3:5c:43:c0:eb:7d:28:fc:
e3:6d:a6:6f:a7:d6:37:f7:9c:9c:a9:a4:1b:31:c9:3b:15:33:
da:6d:f3:d5:9f:50:82:53:e6:eb:3c:f1:ad:6a:53:55:2d:e9:
db:64:ab:44:98:30:29:41:c8:b9:7d:a5:ad:ce:1a:15:ab:92:
1e:14:1b:ed:0a:01:82:48:be:74:5b:ab:1d:8d:94:46:0f:3c:
77:1d:95:4e:e8:88:91:04:f4:c9:12:2f:dc:5d:c4:c7:ed:ce:
dc:25:d2:b7
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIxNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFRDRCMkI2QkY2Mjky
OEI5QzQ4QzBGQTdBMjdDOEYxMDY5MERFNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/RgsanzztCGUUQCosUTgY+OXlHV2Tp8+HGGnaQwaUZPa5uyUA
6S8nEvA9HANVeBEuHPreXMvKe+v8k0Z2kHCrfjftMbnY7dSmlY4gM05dNVqgK7w7
otIrR9qCSgT3oFWK9Crt8YQ0KXyB7EQSg+3ALZT3eCnUZ+p7kWYVXu5F89IxJPMM
evVgN0A5SJsRemSeDOlhu5IFB8ZZVcbumGH1QDW5VojFNj5NYXkElql+s7XS386B
7lVc7pOKn+I++sOCTB0awmIN4x89jv5Wp3FYUnr82QBNbqg4/rw6gFL77j7QCiwb
danP5K020E54wQFhcBlyKc42JmUhC/oevLT1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUntSytr9ikoucSMD6eifI8QaQ3kEwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbnRTeXRyOWlrb3VjU01ENmVpZkk4
UWFRM2tFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN
BgkqhkiG9w0BAQsFAAOCAQEAHgMG/2c4axYBsx4QvyZiqE/feNs8FRauL+uSeEao
D57JOhHeE9890G+2vHvL2rCTXeUuFY3NPh/fVVKyJgGiQaU5N6ll0AUxGiGFkdhW
d7eKKhxZVtedmJ5tkVBKFLfwKe15PsVTE08y80dxAy93L/ASQCVtx6OP+J7GzKGx
JPGwHCR7ZXySSs/8WTyaRuCrEd8DRECKEd501NNcQ8DrfSj8422mb6fWN/ecnKmk
GzHJOxUz2m3z1Z9QglPm6zzxrWpTVS3p22SrRJgwKUHIuX2lrc4aFauSHhQb7QoB
gki+dFurHY2URg88dx2VTuiIkQT0yRIv3F3Ex+3O3CXStw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:16 2025 by rpki-client