Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/pJoSFJmuhNXALJNo5IMyqWwdLbA.roa
File: pJoSFJmuhNXALJNo5IMyqWwdLbA.roa (raw, json)
Hash identifier: OIOqwG5/9gjuCUl8PFF75Q23czNOuB4zbQ4fNiEUBzw=
Subject key identifier: A4:9A:12:14:99:AE:84:D5:C0:2C:93:68:E4:83:32:A9:6C:1D:2D:B0
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 16C1
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/pJoSFJmuhNXALJNo5IMyqWwdLbA.roa
Signing time: Mon 26 Aug 2024 05:22:35 +0000
ROA not before: Mon 26 Aug 2024 05:22:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 122.147.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5825 (0x16c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:22:35 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A49A121499AE84D5C02C9368E48332A96C1D2DB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:cf:0d:78:7b:28:bd:49:fc:04:19:0c:5a:
a2:74:83:ef:fe:56:bf:16:a7:9e:0d:ae:8b:a8:fc:
27:02:9d:3b:fa:c5:6e:28:39:e4:3b:c9:81:ac:e9:
fc:4a:27:2d:e9:e4:54:bd:bd:26:69:3e:88:b3:3e:
ab:72:72:7d:77:b4:2f:5a:fc:1e:23:56:0a:d3:90:
5e:26:c9:f7:31:d7:51:ee:cc:0d:14:66:85:af:31:
f0:2a:b6:17:c0:83:bd:ee:32:39:be:5e:27:ad:fc:
b8:9e:a7:96:b7:e7:7f:e6:45:80:74:3e:85:6e:bf:
e4:1a:e1:6e:30:c5:5b:df:e0:a7:2d:8d:7d:56:8b:
50:80:70:f6:62:9d:ab:11:3f:20:5a:43:84:b1:82:
b7:12:56:1e:35:15:22:35:8d:89:a4:71:da:f2:a3:
54:b6:80:7e:74:33:d6:7b:ce:4b:32:a9:a6:68:fa:
7b:3e:58:d1:76:ac:44:7b:2f:11:e8:f6:18:10:f3:
a8:82:dd:7d:db:22:61:bb:74:32:d7:82:89:df:af:
b4:59:c4:2d:90:ee:2f:10:32:2a:58:a2:22:b3:07:
9e:5d:00:28:0c:16:a7:a9:32:21:e2:5b:3e:bd:6b:
7c:5f:4b:a1:1e:e9:ef:86:85:0e:1b:0b:86:1a:31:
01:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9A:12:14:99:AE:84:D5:C0:2C:93:68:E4:83:32:A9:6C:1D:2D:B0
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/pJoSFJmuhNXALJNo5IMyqWwdLbA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.32.0/19
Signature Algorithm: sha256WithRSAEncryption
32:70:5a:11:61:f3:0e:92:09:c7:78:e5:d6:5f:0f:b3:14:c7:
f3:0b:c6:9b:9b:79:38:10:e3:95:72:a3:51:07:84:d3:a0:15:
d6:84:72:61:ef:12:d8:ee:86:c4:a3:7f:04:83:a2:2a:ab:8f:
ab:ce:44:65:a8:bf:be:85:e7:d8:9f:cf:0c:dc:14:6b:fd:5c:
72:76:6d:cc:69:34:06:f4:a3:c2:0b:92:28:cc:9a:51:57:d8:
db:09:05:89:7e:61:1a:bd:c7:53:96:7b:ec:f0:5a:b1:f9:38:
de:85:f1:ce:64:10:71:25:85:4f:a8:b1:95:a8:3c:2a:b9:d5:
b4:c9:d4:17:fc:8a:aa:62:75:4d:ec:45:af:ab:5c:92:c0:51:
35:ab:e4:74:26:c0:77:a0:5e:9b:3b:f4:93:4c:cf:d8:5e:ff:
4f:8f:fb:f6:39:72:db:91:13:6d:e6:04:bc:8d:87:2e:77:7f:
36:b3:dc:89:8b:6d:f2:5a:39:42:18:9c:df:1c:f9:de:21:12:
8b:fe:9b:e7:d3:39:90:21:ee:25:55:41:f0:94:9d:e0:71:b8:
bb:98:47:54:af:c3:65:f2:18:a9:78:ad:c1:ca:e0:06:f9:1e:
7c:93:c4:eb:1b:1f:90:ab:cc:0e:da:4a:e5:0d:ef:8a:13:be:
a9:23:69:13
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIyMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE0OUExMjE0OTlBRTg0
RDVDMDJDOTM2OEU0ODMzMkE5NkMxRDJEQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClr88NeHsovUn8BBkMWqJ0g+/+Vr8Wp54Nrouo/CcCnTv6xW4o
OeQ7yYGs6fxKJy3p5FS9vSZpPoizPqtycn13tC9a/B4jVgrTkF4myfcx11HuzA0U
ZoWvMfAqthfAg73uMjm+Xiet/Liep5a353/mRYB0PoVuv+Qa4W4wxVvf4KctjX1W
i1CAcPZinasRPyBaQ4SxgrcSVh41FSI1jYmkcdryo1S2gH50M9Z7zksyqaZo+ns+
WNF2rER7LxHo9hgQ86iC3X3bImG7dDLXgonfr7RZxC2Q7i8QMipYoiKzB55dACgM
FqepMiHiWz69a3xfS6Ee6e+GhQ4bC4YaMQGZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUpJoSFJmuhNXALJNo5IMyqWwdLbAwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcEpvU0ZKbXVoTlhBTEpObzVJTXlx
V3dkTGJBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBXqTIDAN
BgkqhkiG9w0BAQsFAAOCAQEAMnBaEWHzDpIJx3jl1l8PsxTH8wvGm5t5OBDjlXKj
UQeE06AV1oRyYe8S2O6GxKN/BIOiKquPq85EZai/voXn2J/PDNwUa/1ccnZtzGk0
BvSjwguSKMyaUVfY2wkFiX5hGr3HU5Z77PBasfk43oXxzmQQcSWFT6ixlag8KrnV
tMnUF/yKqmJ1TexFr6tcksBRNavkdCbAd6Bemzv0k0zP2F7/T4/79jly25ETbeYE
vI2HLnd/NrPciYtt8lo5Qhic3xz53iESi/6b59M5kCHuJVVB8JSd4HG4u5hHVK/D
ZfIYqXitwcrgBvkefJPE6xsfkKvMDtpK5Q3vihO+qSNpEw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:14 2025 by rpki-client