Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/2tE7c-Kc4gghRUf-SnicS8ZPbDE.roa
File: 2tE7c-Kc4gghRUf-SnicS8ZPbDE.roa (raw, json)
Hash identifier: 702lO9P2yQwGm7XDUMlMxsOaJS73R2mpKbwp7XxBmzU=
Subject key identifier: DA:D1:3B:73:E2:9C:E2:08:21:45:47:FE:4A:78:9C:4B:C6:4F:6C:31
Certificate issuer: /CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB
Certificate serial: F1
Authority key identifier: 93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/2tE7c-Kc4gghRUf-SnicS8ZPbDE.roa
Signing time: Thu 21 Nov 2024 15:54:16 +0000
ROA not before: Thu 21 Nov 2024 15:54:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150758
IP address blocks: 2401:57a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:33:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241 (0xf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938EB4AB05A861667FD03554ACFB836A2CFDC9DB
Validity
Not Before: Nov 21 15:54:16 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DAD13B73E29CE208214547FE4A789C4BC64F6C31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cc:6f:cf:06:de:f3:69:5d:1a:11:93:d1:5f:
13:5a:81:5f:ae:ed:db:59:80:61:de:df:93:93:5d:
6e:7b:a9:f1:91:84:28:ed:56:30:d1:58:2c:ed:f9:
a0:52:75:09:2b:28:c7:ab:ad:e4:95:78:23:98:74:
83:ec:d1:a4:82:6f:1b:ca:76:0a:70:7d:3c:ac:57:
a4:bb:e6:2c:64:66:0d:7c:ef:d2:cb:33:78:db:db:
a7:d8:56:57:02:b6:90:ed:eb:9f:15:fb:9a:61:28:
fb:15:f7:59:4d:f8:f4:5a:1e:27:d9:40:8c:87:a7:
11:4d:d0:ed:d5:b5:12:58:fb:4b:bb:b0:cc:9d:5a:
82:02:e2:34:a8:32:30:ff:b8:ba:a9:5d:07:9f:52:
a8:f6:0f:d1:4f:87:25:ac:74:86:12:49:ea:d5:8c:
06:70:04:cf:49:dc:4f:ea:23:bb:9f:8d:8e:18:cf:
92:5a:33:89:d1:a9:ae:66:41:2d:cf:a0:34:f4:2a:
c4:09:94:68:e0:84:7f:c4:60:1d:85:6e:e9:b4:85:
31:51:c5:57:26:c0:7e:26:e6:12:cc:d2:9f:b2:c9:
ca:ff:09:00:15:ec:b8:4b:d3:1b:2d:60:00:b9:30:
16:52:7f:0a:28:81:1c:93:ad:e5:fb:34:71:d1:c8:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D1:3B:73:E2:9C:E2:08:21:45:47:FE:4A:78:9C:4B:C6:4F:6C:31
X509v3 Authority Key Identifier:
keyid:93:8E:B4:AB:05:A8:61:66:7F:D0:35:54:AC:FB:83:6A:2C:FD:C9:DB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/k460qwWoYWZ_0DVUrPuDaiz9yds.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/k460qwWoYWZ_0DVUrPuDaiz9yds.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ND_SECURE/2tE7c-Kc4gghRUf-SnicS8ZPbDE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:57a0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:f8:48:db:ea:b5:bd:31:da:0b:0c:2b:22:aa:d6:5d:31:38:
6f:ca:03:3c:2d:e1:df:ce:72:26:e1:7d:2c:fc:39:fb:e8:f4:
26:89:a9:bf:d0:51:e6:a6:53:23:b9:e3:53:bb:72:cc:66:6d:
e4:3e:e5:3c:2c:7f:02:c9:79:06:cf:a1:81:ce:39:00:e0:b9:
43:6a:55:68:21:eb:5d:99:96:10:ae:f3:b3:12:24:55:48:fc:
23:91:f6:2a:6d:46:ac:a3:7b:b6:33:78:9b:7e:82:ad:98:2e:
70:c1:5c:97:1f:39:98:80:8f:77:96:d5:45:ba:bc:5f:68:3c:
ea:33:f9:cd:6a:9d:f1:cb:af:af:25:7b:fa:dc:8d:92:2b:ba:
17:0c:ec:04:01:25:97:04:42:b5:af:1a:cd:c4:72:e2:88:62:
d0:c9:50:97:ac:4d:a5:63:9f:76:1f:ff:6a:30:a4:73:52:55:
19:3f:da:81:8b:ba:a7:0c:0f:d8:9f:bb:8b:f9:9b:d4:30:b9:
24:c5:a0:0c:2a:7f:f5:20:45:af:68:84:55:94:df:ff:84:93:
4f:ab:8a:26:25:e1:ad:50:e5:5b:b6:48:ec:72:11:e3:58:9b:
46:b2:0c:ee:3b:99:08:3a:a4:75:57:54:ac:a6:d4:65:f0:9c:
c3:90:d0:a1
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTM4
RUI0QUIwNUE4NjE2NjdGRDAzNTU0QUNGQjgzNkEyQ0ZEQzlEQjAeFw0yNDExMjEx
NTU0MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBRDEzQjczRTI5Q0Uy
MDgyMTQ1NDdGRTRBNzg5QzRCQzY0RjZDMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYzG/PBt7zaV0aEZPRXxNagV+u7dtZgGHe35OTXW57qfGRhCjt
VjDRWCzt+aBSdQkrKMerreSVeCOYdIPs0aSCbxvKdgpwfTysV6S75ixkZg1879LL
M3jb26fYVlcCtpDt658V+5phKPsV91lN+PRaHifZQIyHpxFN0O3VtRJY+0u7sMyd
WoIC4jSoMjD/uLqpXQefUqj2D9FPhyWsdIYSSerVjAZwBM9J3E/qI7ufjY4Yz5Ja
M4nRqa5mQS3PoDT0KsQJlGjghH/EYB2Fbum0hTFRxVcmwH4m5hLM0p+yycr/CQAV
7LhL0xstYAC5MBZSfwoogRyTreX7NHHRyL91AgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQU2tE7c+Kc4gghRUf+SnicS8ZPbDEwHwYDVR0jBBgwFoAUk460qwWoYWZ/0DVU
rPuDaiz9ydswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VD
VVJFL2s0NjBxd1dvWVdaXzBEVlVyUHVEYWl6OXlkcy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvazQ2MHF3V29ZV1pfMERWVXJQdURhaXo5eWRzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkRfU0VDVVJFLzJ0RTdjLUtjNGdn
aFJVZi1TbmljUzhaUGJERS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAkAVegMA0GCSqGSIb3DQEBCwUAA4IBAQCL+Ejb6rW9MdoLDCsiqtZdMThv
ygM8LeHfznIm4X0s/Dn76PQmiam/0FHmplMjueNTu3LMZm3kPuU8LH8CyXkGz6GB
zjkA4LlDalVoIetdmZYQrvOzEiRVSPwjkfYqbUaso3u2M3ibfoKtmC5wwVyXHzmY
gI93ltVFurxfaDzqM/nNap3xy6+vJXv63I2SK7oXDOwEASWXBEK1rxrNxHLiiGLQ
yVCXrE2lY592H/9qMKRzUlUZP9qBi7qnDA/Yn7uL+ZvUMLkkxaAMKn/1IEWvaIRV
lN//hJNPq4omJeGtUOVbtkjschHjWJtGsgzuO5kIOqR1V1SsptRl8JzDkNCh
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:44 2025 by rpki-client