Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/QZxDUT0geB-EOToMasUl3RnYvBk.roa
File: QZxDUT0geB-EOToMasUl3RnYvBk.roa (raw, json)
Hash identifier: 92OocfcL2JNGqgn5WAZDerP/R3f07WhImVPcK8EupRo=
Subject key identifier: 41:9C:43:51:3D:20:78:1F:84:39:3A:0C:6A:C5:25:DD:19:D8:BC:19
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0E0D
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/QZxDUT0geB-EOToMasUl3RnYvBk.roa
Signing time: Mon 26 Aug 2024 05:24:59 +0000
ROA not before: Mon 26 Aug 2024 05:24:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.40.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3597 (0xe0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Aug 26 05:24:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=419C43513D20781F84393A0C6AC525DD19D8BC19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b5:46:d4:0a:8e:53:c5:97:7d:7e:b8:06:b7:
e1:4f:79:92:74:b8:47:c6:c6:f1:7f:4c:6b:5f:53:
98:cd:46:b8:76:41:3c:b2:c4:96:22:8d:40:c8:4b:
49:b6:61:bb:ae:7c:65:bf:c4:28:1b:af:4f:f0:a3:
fb:f0:11:24:81:40:38:30:e3:3e:56:46:1c:2a:a5:
cf:01:e8:1d:2c:70:9d:2f:2c:5e:b8:05:eb:21:25:
db:60:b9:53:1d:f6:29:8e:66:98:8d:11:02:cf:82:
6f:ad:b8:eb:21:6a:3f:bd:82:13:bf:b0:d4:29:26:
b7:5e:32:7a:d7:8e:60:83:71:f3:6d:50:2c:68:9b:
6f:bb:25:43:1a:46:46:19:ff:76:10:92:00:fd:3a:
0d:ec:01:27:f4:bd:29:41:d7:f9:22:8e:47:ef:42:
e5:fd:ad:89:85:11:e7:30:8b:2e:d9:11:ab:44:c0:
e5:ce:0a:0c:c2:47:17:d8:b0:ea:dd:7b:c4:32:b5:
f0:25:68:70:54:f6:b0:52:f5:cb:82:22:73:a8:a6:
e0:e6:21:c5:cf:73:a6:4a:75:01:75:7b:ac:3f:77:
5d:c4:6e:f8:76:4a:17:d2:3c:32:1e:c3:64:b0:84:
7b:f9:57:b6:ed:25:44:da:bd:10:7a:6a:09:9f:e9:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9C:43:51:3D:20:78:1F:84:39:3A:0C:6A:C5:25:DD:19:D8:BC:19
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/QZxDUT0geB-EOToMasUl3RnYvBk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.40.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:89:89:10:01:03:94:8f:6a:ac:61:4d:3d:bf:a4:c6:7a:ca:
e7:54:91:07:74:d4:46:e4:f2:ab:92:07:f4:29:8a:42:94:54:
1d:10:31:de:13:62:16:45:bf:84:53:0b:22:90:c2:7a:5d:02:
19:d7:b6:82:c8:05:90:ae:85:68:3a:fc:fd:2b:4d:b0:9f:7e:
31:18:2c:60:e8:3a:c8:e1:6c:fb:00:83:5d:76:c6:e3:73:21:
8f:16:97:b7:05:f6:d1:94:e1:3a:1b:a7:6e:c9:0e:e7:56:9a:
13:91:6c:82:50:38:43:32:18:18:55:0c:a0:7d:4d:3c:d7:06:
54:5f:7f:bb:19:44:bf:50:4d:28:5e:23:9e:27:8e:fc:3c:e6:
d4:18:a1:df:ed:23:ce:8a:72:a8:16:4e:61:1e:10:72:35:d5:
c3:6b:4e:d5:7a:4f:fb:d9:40:55:f4:80:fc:01:21:05:fa:59:
19:63:d7:fa:3c:26:80:91:b0:65:17:03:b3:cb:57:26:40:f3:
97:39:c0:fa:dd:ae:00:27:a1:75:08:4b:bb:e3:8b:95:c5:da:
87:ca:28:99:96:24:47:93:c6:d4:5f:f1:73:cf:13:66:3a:91:
bf:1e:91:9f:25:b3:4b:a4:f8:9f:3f:ca:78:55:c1:31:8e:d8:
a7:50:f1:00
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDg0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNDA4MjYw
NTI0NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxOUM0MzUxM0QyMDc4
MUY4NDM5M0EwQzZBQzUyNUREMTlEOEJDMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjtUbUCo5TxZd9frgGt+FPeZJ0uEfGxvF/TGtfU5jNRrh2QTyy
xJYijUDIS0m2YbuufGW/xCgbr0/wo/vwESSBQDgw4z5WRhwqpc8B6B0scJ0vLF64
BeshJdtguVMd9imOZpiNEQLPgm+tuOshaj+9ghO/sNQpJrdeMnrXjmCDcfNtUCxo
m2+7JUMaRkYZ/3YQkgD9Og3sASf0vSlB1/kijkfvQuX9rYmFEecwiy7ZEatEwOXO
CgzCRxfYsOrde8QytfAlaHBU9rBS9cuCInOopuDmIcXPc6ZKdQF1e6w/d13Ebvh2
ShfSPDIew2SwhHv5V7btJUTavRB6agmf6VM9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQZxDUT0geB+EOToMasUl3RnYvBkwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUVp4RFVUMGdlQi1FT1RvTWFzVWwz
Um5ZdkJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bKDAN
BgkqhkiG9w0BAQsFAAOCAQEAD4mJEAEDlI9qrGFNPb+kxnrK51SRB3TURuTyq5IH
9CmKQpRUHRAx3hNiFkW/hFMLIpDCel0CGde2gsgFkK6FaDr8/StNsJ9+MRgsYOg6
yOFs+wCDXXbG43MhjxaXtwX20ZThOhunbskO51aaE5FsglA4QzIYGFUMoH1NPNcG
VF9/uxlEv1BNKF4jnieO/Dzm1Bih3+0jzopyqBZOYR4QcjXVw2tO1XpP+9lAVfSA
/AEhBfpZGWPX+jwmgJGwZRcDs8tXJkDzlznA+t2uACehdQhLu+OLlcXah8oomZYk
R5PG1F/xc88TZjqRvx6RnyWzS6T4nz/KeFXBMY7Yp1DxAA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:57 2025 by rpki-client