Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa
File: -2OoRBRxlQqIyJL2scZwnmvIR1g.roa (raw, json)
Hash identifier: ni5z316kiy8FDO0Yk1IMFc7kGizh++KPyXb+NTLIhVk=
Subject key identifier: FB:63:A8:44:14:71:95:0A:88:C8:92:F6:B1:C6:70:9E:6B:C8:47:58
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 123E
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa
Signing time: Mon 26 Aug 2024 05:24:49 +0000
ROA not before: Mon 26 Aug 2024 05:24:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131634
IP address blocks: 124.108.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4670 (0x123e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Aug 26 05:24:49 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FB63A8441471950A88C892F6B1C6709E6BC84758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:35:33:03:6f:38:0f:09:57:ee:94:64:c3:cd:
94:22:db:54:be:24:62:61:af:40:52:e9:7e:a3:57:
f2:ab:57:22:19:55:bb:5d:b4:90:55:cd:89:8d:b9:
0f:ae:f1:f8:06:ba:42:be:15:64:c0:0a:03:0a:99:
3d:eb:e2:f6:4f:b1:8c:81:f6:a9:23:9e:4c:bf:bb:
0c:a6:18:cc:26:cf:f2:6a:36:ef:3b:60:7f:09:29:
a9:84:5d:2b:83:b0:51:cc:94:72:b6:fc:83:eb:90:
c5:0d:8b:96:c6:c5:9c:95:1d:f8:35:77:ef:20:cb:
83:12:1d:49:9e:10:9e:f2:a2:ca:b5:c2:1b:03:9a:
03:5a:d5:38:7d:2a:66:e7:f7:45:99:df:a3:57:ea:
9a:24:9b:97:12:95:f8:8e:59:fd:13:65:92:dd:81:
b0:26:8d:3f:07:40:d6:5a:9d:fd:d1:6b:df:71:69:
b7:c1:6b:58:a3:b9:16:8d:dc:da:b0:b9:24:2f:25:
0e:ca:fc:ae:e4:a8:24:97:a3:b8:bb:5e:0b:22:f5:
fe:69:24:f8:53:05:45:77:c0:90:3a:aa:44:e2:6c:
e0:ef:32:55:57:3b:66:eb:ab:a6:b1:d7:78:8f:fe:
f5:49:6e:d4:31:eb:7b:63:36:13:d9:32:b1:19:0c:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:63:A8:44:14:71:95:0A:88:C8:92:F6:B1:C6:70:9E:6B:C8:47:58
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/-2OoRBRxlQqIyJL2scZwnmvIR1g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.108.172.0/22
Signature Algorithm: sha256WithRSAEncryption
22:3a:2a:f9:85:bc:aa:f9:49:da:59:20:0a:03:3a:7e:6e:9d:
6f:57:73:cd:75:0b:bc:b1:9e:c9:3b:85:f8:30:be:b3:59:e3:
d5:b3:57:5e:19:81:38:b9:a9:39:55:c2:12:1b:73:2a:24:00:
67:e4:60:4d:97:bd:60:2b:71:4c:76:49:04:63:ea:70:71:96:
a5:e3:4f:6a:49:2e:fa:44:1b:b2:40:75:81:eb:0d:29:f8:f4:
1e:18:54:f9:8d:f9:35:90:00:68:5d:06:d0:d5:49:44:29:f2:
31:1b:36:fb:f0:7e:5d:5b:be:a4:0a:8b:05:1d:0e:7b:e7:f4:
c6:b7:20:3f:77:66:96:06:fb:a1:71:89:02:4f:0e:80:21:0e:
3d:c2:ff:ba:a4:26:12:49:9c:0e:04:ae:44:b5:ea:6c:63:81:
28:94:3f:3a:6c:05:41:7e:93:64:28:56:00:0a:5c:29:26:e6:
ce:15:4c:84:d9:fd:6b:ac:a9:76:e5:f7:64:c9:68:d7:e8:3c:
fa:27:cb:47:78:26:e6:56:ab:b1:db:41:21:4f:fa:ad:d7:86:
45:41:6b:9a:ad:c8:4b:92:db:65:d1:1a:7a:95:b6:5a:98:1c:
14:99:ce:cc:6f:0a:0b:c7:34:ae:c0:df:c0:17:30:e1:93:54:
dd:83:a9:d8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNDA4MjYw
NTI0NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZCNjNBODQ0MTQ3MTk1
MEE4OEM4OTJGNkIxQzY3MDlFNkJDODQ3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDNTMDbzgPCVfulGTDzZQi21S+JGJhr0BS6X6jV/KrVyIZVbtd
tJBVzYmNuQ+u8fgGukK+FWTACgMKmT3r4vZPsYyB9qkjnky/uwymGMwmz/JqNu87
YH8JKamEXSuDsFHMlHK2/IPrkMUNi5bGxZyVHfg1d+8gy4MSHUmeEJ7yosq1whsD
mgNa1Th9Kmbn90WZ36NX6pokm5cSlfiOWf0TZZLdgbAmjT8HQNZanf3Ra99xabfB
a1ijuRaN3NqwuSQvJQ7K/K7kqCSXo7i7Xgsi9f5pJPhTBUV3wJA6qkTibODvMlVX
O2brq6ax13iP/vVJbtQx63tjNhPZMrEZDAcRAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+2OoRBRxlQqIyJL2scZwnmvIR1gwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvLTJPb1JCUnhsUXFJeUpM
MnNjWndubXZJUjFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AnxsrDANBgkqhkiG9w0BAQsFAAOCAQEAIjoq+YW8qvlJ2lkgCgM6fm6db1dzzXUL
vLGeyTuF+DC+s1nj1bNXXhmBOLmpOVXCEhtzKiQAZ+RgTZe9YCtxTHZJBGPqcHGW
peNPakku+kQbskB1gesNKfj0HhhU+Y35NZAAaF0G0NVJRCnyMRs2+/B+XVu+pAqL
BR0Oe+f0xrcgP3dmlgb7oXGJAk8OgCEOPcL/uqQmEkmcDgSuRLXqbGOBKJQ/OmwF
QX6TZChWAApcKSbmzhVMhNn9a6ypduX3ZMlo1+g8+ifLR3gm5larsdtBIU/6rdeG
RUFrmq3IS5LbZdEaepW2WpgcFJnOzG8KC8c0rsDfwBcw4ZNU3YOp2A==
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:28:03 2025 by rpki-client