Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/s3pneZFGGaciBbkfdP_lVV22hSo.roa
File: s3pneZFGGaciBbkfdP_lVV22hSo.roa (raw, json)
Hash identifier: drS4jtbHNEaUDxSZZZcVTYA7H+GTqucT55yWgclGUBA=
Subject key identifier: B3:7A:67:79:91:46:19:A7:22:05:B9:1F:74:FF:E5:55:5D:B6:85:2A
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1639
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/s3pneZFGGaciBbkfdP_lVV22hSo.roa
Signing time: Mon 26 Aug 2024 05:21:55 +0000
ROA not before: Mon 26 Aug 2024 05:21:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 106.105.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5689 (0x1639)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:21:55 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B37A6779914619A72205B91F74FFE5555DB6852A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6d:f5:ba:f1:a7:e5:9e:da:2f:c9:88:e0:86:
9d:2d:03:df:cb:99:89:18:a8:5b:3b:7c:ee:2f:79:
a9:b0:47:cf:44:37:98:80:66:8e:e2:8c:c2:6e:24:
07:6b:1c:25:74:98:e7:37:2f:de:0e:e2:9c:d2:bb:
91:df:73:14:51:3f:9e:c2:2a:cf:5e:6f:f6:5d:ff:
e8:a4:f4:04:2f:eb:04:b6:c5:25:c2:fc:fe:dc:a0:
ac:62:77:4c:1c:0b:18:bc:7d:bb:a6:d8:c4:a9:0a:
6d:03:af:12:05:b1:4e:ad:b5:c4:e5:a1:13:fd:67:
16:e0:11:da:4a:06:65:6d:70:56:5d:41:44:07:a7:
b4:b7:f4:f0:65:56:4a:cd:46:96:86:01:c6:fd:7f:
66:f8:36:20:9b:5a:72:3e:91:a0:a8:f3:bc:d2:06:
9f:4d:ca:4c:32:f4:e3:4b:80:0e:12:de:e4:78:d5:
1e:07:4b:43:81:55:6c:73:4c:02:04:83:9c:1b:d5:
e4:58:00:4b:6f:ef:73:d0:61:b3:98:31:8c:43:31:
36:0e:44:b2:81:05:2c:d8:51:91:2c:25:d5:11:ea:
e5:2e:b8:e6:38:6b:1c:d0:39:f0:ef:12:e7:a9:8d:
69:8a:08:bf:45:47:d6:9d:99:0a:1f:3d:86:e8:8b:
62:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7A:67:79:91:46:19:A7:22:05:B9:1F:74:FF:E5:55:5D:B6:85:2A
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/s3pneZFGGaciBbkfdP_lVV22hSo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.240.0/21
Signature Algorithm: sha256WithRSAEncryption
89:e4:c4:c1:ae:07:ec:b7:05:fa:ba:34:1f:38:94:c0:01:f6:
76:42:59:f2:37:37:0d:b6:a9:af:0f:3d:13:b3:cf:08:a2:42:
5c:44:94:db:06:94:64:db:51:17:d6:53:57:4d:75:1b:ed:3d:
a8:4b:1f:2b:a5:59:ef:01:54:dd:bc:11:98:f2:38:79:61:23:
2c:20:32:2e:30:89:6b:87:01:fa:3d:2b:ec:33:8a:97:c8:9d:
71:1d:43:91:f6:1b:a6:02:89:69:9d:24:e7:f1:d6:e9:4c:19:
70:ce:6a:ec:0d:df:27:1c:a0:80:33:f4:9b:37:58:46:69:61:
25:00:2e:d5:cd:6f:1f:d5:43:b9:90:f9:76:b7:1e:61:61:40:
97:55:37:c9:5c:a5:45:cb:0a:b3:e4:a3:d9:b4:df:6b:b8:5b:
6e:fa:04:d4:a6:63:5d:d0:d7:40:2a:ec:db:c4:58:b0:9f:39:
58:eb:87:fd:8d:6d:4a:98:26:91:fe:bd:a4:44:87:f4:be:08:
b6:99:92:7c:96:0d:fa:e0:11:1c:72:1b:5d:3e:d2:3c:ba:c0:
34:fa:7c:8b:80:7a:0d:ff:b8:0b:f6:9b:97:49:73:2e:9c:24:
2c:fd:35:47:71:34:01:6a:35:06:ad:9c:95:aa:f7:d5:19:5c:
fc:84:4f:3d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICFjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIxNTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzN0E2Nzc5OTE0NjE5
QTcyMjA1QjkxRjc0RkZFNTU1NURCNjg1MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTbfW68aflntovyYjghp0tA9/LmYkYqFs7fO4veamwR89EN5iA
Zo7ijMJuJAdrHCV0mOc3L94O4pzSu5HfcxRRP57CKs9eb/Zd/+ik9AQv6wS2xSXC
/P7coKxid0wcCxi8fbum2MSpCm0DrxIFsU6ttcTloRP9ZxbgEdpKBmVtcFZdQUQH
p7S39PBlVkrNRpaGAcb9f2b4NiCbWnI+kaCo87zSBp9Nykwy9ONLgA4S3uR41R4H
S0OBVWxzTAIEg5wb1eRYAEtv73PQYbOYMYxDMTYORLKBBSzYUZEsJdUR6uUuuOY4
axzQOfDvEuepjWmKCL9FR9admQofPYboi2JjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUs3pneZFGGaciBbkfdP/lVV22hSowHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvczNwbmVaRkdHYWNpQmJrZmRQX2xW
VjIyaFNvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2pp8DAN
BgkqhkiG9w0BAQsFAAOCAQEAieTEwa4H7LcF+ro0HziUwAH2dkJZ8jc3Dbaprw89
E7PPCKJCXESU2waUZNtRF9ZTV011G+09qEsfK6VZ7wFU3bwRmPI4eWEjLCAyLjCJ
a4cB+j0r7DOKl8idcR1DkfYbpgKJaZ0k5/HW6UwZcM5q7A3fJxyggDP0mzdYRmlh
JQAu1c1vH9VDuZD5drceYWFAl1U3yVylRcsKs+Sj2bTfa7hbbvoE1KZjXdDXQCrs
28RYsJ85WOuH/Y1tSpgmkf69pESH9L4ItpmSfJYN+uARHHIbXT7SPLrANPp8i4B6
Df+4C/abl0lzLpwkLP01R3E0AWo1Bq2clar31Rlc/IRPPQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:11 2025 by rpki-client