Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/XF04ZbnPdhETudZuf5ZW5TdE7F0.roa
File: XF04ZbnPdhETudZuf5ZW5TdE7F0.roa (raw, json)
Hash identifier: 7NYORgu+XSw/ro8mS6mEeLwQ/cEiV7YZrLgiizi5G+M=
Subject key identifier: 5C:5D:38:65:B9:CF:76:11:13:B9:D6:6E:7F:96:56:E5:37:44:EC:5D
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 0881
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/XF04ZbnPdhETudZuf5ZW5TdE7F0.roa
Signing time: Mon 23 Sep 2024 07:31:44 +0000
ROA not before: Mon 23 Sep 2024 07:31:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 103.137.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 17:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2177 (0x881)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Sep 23 07:31:44 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5C5D3865B9CF761113B9D66E7F9656E53744EC5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:8b:98:41:fe:19:ab:fb:0f:f8:e4:c1:76:
e0:62:48:f7:fa:d7:b2:31:56:f1:31:6b:67:d1:49:
7a:d2:ce:4c:5a:bd:ba:23:43:7c:eb:75:16:78:e7:
3e:44:05:f4:1f:59:10:ed:f0:99:3f:7b:0a:14:ad:
d6:3e:ed:bd:6d:62:cc:ab:2d:82:b7:4f:4a:8c:80:
3c:42:d0:cc:5a:04:fd:2e:56:a8:ef:2c:45:4d:95:
65:01:73:13:93:52:32:7e:c0:68:a6:48:d2:03:7b:
75:71:17:e2:b5:39:f2:40:0f:19:f9:5f:63:2e:ff:
b2:35:a9:c4:17:a0:77:bf:d9:16:68:7c:20:65:8a:
81:a1:51:c3:46:04:56:9b:f2:cd:b5:f9:00:cd:9b:
00:ba:69:93:d1:72:98:43:5f:7c:64:fc:b3:08:f2:
f7:29:67:09:ed:1e:33:fa:8e:66:cc:0d:d5:b8:cc:
ed:0d:ce:1e:07:5f:f3:8b:5c:6c:88:d3:aa:b4:d4:
cd:24:d0:d5:bc:69:a9:dd:6c:62:4c:3c:62:85:b0:
bb:59:67:93:50:79:a4:40:ad:bb:dd:da:71:1e:eb:
21:e5:dd:2e:2e:57:b5:8e:ec:67:ea:1b:14:45:f0:
61:d8:1d:f4:bb:de:d5:4c:5e:fb:79:9b:36:da:1d:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5D:38:65:B9:CF:76:11:13:B9:D6:6E:7F:96:56:E5:37:44:EC:5D
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/XF04ZbnPdhETudZuf5ZW5TdE7F0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.246.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:2b:89:51:d2:cd:a0:a8:2c:e3:cf:1a:19:56:72:77:10:e7:
0c:15:43:29:11:12:66:16:a8:34:dc:8d:49:de:52:4e:f8:ff:
be:f3:b8:7a:a1:c5:7a:c9:05:3c:9a:01:0c:a3:9a:9b:07:be:
df:c0:d3:10:a1:47:61:0a:c3:2d:ba:bc:69:b0:11:49:52:75:
0a:dc:32:30:0b:ee:98:5f:fd:7c:d9:20:c8:ba:36:ad:f4:28:
98:b3:7b:dd:2a:c1:ca:fd:9e:98:d9:c8:84:e5:97:fa:e5:7b:
e2:f1:0f:14:e8:ab:dd:dc:0b:56:77:73:bf:6c:d1:de:0f:57:
84:ec:4f:7a:d2:ea:10:cb:02:17:a3:f6:20:27:a2:30:20:ee:
57:66:70:3a:4f:d5:c1:24:f5:18:8d:98:b3:bc:be:39:1d:e0:
41:2b:e5:80:09:ce:6f:03:d1:7e:e1:86:5f:2a:7d:fb:78:1d:
ea:68:77:70:b0:18:fd:a3:2b:fc:1c:a9:7a:e3:27:61:ec:de:
b5:ac:47:bb:d1:42:99:24:8b:3f:4f:4e:34:2a:bb:3d:97:ac:
30:c8:f7:08:c2:a9:79:b2:d1:15:cf:13:71:5d:b3:17:fc:09:
38:4c:dc:8b:32:2b:0e:85:2a:35:27:fe:56:ab:84:ee:74:32:
f9:2d:71:c6
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNDA5MjMw
NzMxNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDNUQzODY1QjlDRjc2
MTExM0I5RDY2RTdGOTY1NkU1Mzc0NEVDNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCysIuYQf4Zq/sP+OTBduBiSPf617IxVvExa2fRSXrSzkxavboj
Q3zrdRZ45z5EBfQfWRDt8Jk/ewoUrdY+7b1tYsyrLYK3T0qMgDxC0MxaBP0uVqjv
LEVNlWUBcxOTUjJ+wGimSNIDe3VxF+K1OfJADxn5X2Mu/7I1qcQXoHe/2RZofCBl
ioGhUcNGBFab8s21+QDNmwC6aZPRcphDX3xk/LMI8vcpZwntHjP6jmbMDdW4zO0N
zh4HX/OLXGyI06q01M0k0NW8aandbGJMPGKFsLtZZ5NQeaRArbvd2nEe6yHl3S4u
V7WO7GfqGxRF8GHYHfS73tVMXvt5mzbaHelbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUXF04ZbnPdhETudZuf5ZW5TdE7F0wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL1hGMDRaYm5QZGhFVHVkWnVmNVpXNVRk
RTdGMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnifYwDQYJ
KoZIhvcNAQELBQADggEBALsriVHSzaCoLOPPGhlWcncQ5wwVQykREmYWqDTcjUne
Uk74/77zuHqhxXrJBTyaAQyjmpsHvt/A0xChR2EKwy26vGmwEUlSdQrcMjAL7phf
/XzZIMi6Nq30KJize90qwcr9npjZyITll/rle+LxDxToq93cC1Z3c79s0d4PV4Ts
T3rS6hDLAhej9iAnojAg7ldmcDpP1cEk9RiNmLO8vjkd4EEr5YAJzm8D0X7hhl8q
fft4Hepod3CwGP2jK/wcqXrjJ2Hs3rWsR7vRQpkkiz9PTjQquz2XrDDI9wjCqXmy
0RXPE3Fdsxf8CThM3IsyKw6FKjUn/larhO50MvktccY=
Generated at Mon Sep 23 20:19:21 2024 by rpki-client on console-fra.rpki-client.org