Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/YOa4IDRab79xbFGDR55vYNXjaA8.roa
File: YOa4IDRab79xbFGDR55vYNXjaA8.roa (raw, json)
Hash identifier: ElofYJOHTQyESLis75hDC3sXqU8ZRyEpTdOUocAoDWw=
Subject key identifier: 60:E6:B8:20:34:5A:6F:BF:71:6C:51:83:47:9E:6F:60:D5:E3:68:0F
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0E14
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/YOa4IDRab79xbFGDR55vYNXjaA8.roa
Signing time: Mon 26 Aug 2024 05:25:01 +0000
ROA not before: Mon 26 Aug 2024 05:25:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3604 (0xe14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Aug 26 05:25:01 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=60E6B820345A6FBF716C5183479E6F60D5E3680F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:03:88:ea:b4:6f:ac:29:85:0f:d0:b5:07:18:
2a:f6:6b:c1:26:e7:58:b4:ca:73:fb:34:15:44:c8:
e0:c7:d0:3b:e9:4b:89:4a:01:74:1e:6d:63:06:b5:
1d:98:67:01:3d:87:dd:bc:24:ea:1a:6f:bc:68:a9:
ea:ca:c2:f7:33:11:84:59:8d:bd:cc:cb:ec:9b:40:
e9:95:f1:4f:df:63:fe:c0:b1:6c:89:07:09:69:88:
49:eb:6a:bf:24:3a:15:93:5f:f3:a2:ff:8b:88:33:
fc:59:ae:90:de:f4:6c:c7:2d:3a:ae:99:c2:65:bc:
ae:71:43:0a:32:fd:41:ce:af:e5:64:c6:2a:d3:69:
c9:34:e7:e2:1d:77:fb:88:19:8f:89:f3:53:8e:65:
2c:58:3c:f3:a2:83:9a:ba:64:dd:ce:74:2e:89:aa:
2b:5c:a4:68:9c:29:05:e1:9c:8b:66:f4:e0:e1:25:
dc:42:ee:19:54:8b:ee:26:46:73:b3:bd:f4:38:fe:
2f:08:d6:82:0b:f6:17:58:b7:ff:48:f3:13:e6:0b:
e9:49:69:0e:59:87:95:1c:4c:5a:b0:34:48:85:2a:
4d:11:4b:fa:00:99:5b:66:7a:85:29:5f:39:5b:11:
b6:0e:06:21:ac:d1:15:39:7b:5f:7b:06:7b:ab:63:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E6:B8:20:34:5A:6F:BF:71:6C:51:83:47:9E:6F:60:D5:E3:68:0F
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/YOa4IDRab79xbFGDR55vYNXjaA8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:13:14:69:d1:0b:2d:ab:35:36:b6:78:41:d2:3d:3f:f2:41:
7d:3e:b1:70:16:d5:d4:7d:51:6b:9e:b2:a3:04:bc:c1:07:7c:
b5:60:a1:89:d6:cf:63:60:1c:ed:5c:1b:a9:65:10:e6:8b:fc:
2c:32:e4:cc:90:5b:48:f8:5f:44:d1:38:32:c8:4d:cc:95:07:
d6:ba:0f:a0:09:55:eb:f1:b6:f9:14:a3:18:92:2f:3a:35:e1:
0a:a6:bb:24:ef:df:51:b9:32:19:63:40:13:32:4a:de:01:bf:
2f:0f:09:1c:f0:35:48:1d:e1:bc:40:63:1a:28:f9:e3:d8:01:
32:88:2a:d7:8c:04:39:94:e9:e3:71:32:fa:d3:30:b6:a3:79:
2f:53:40:79:00:49:60:84:bc:f7:99:d7:86:27:0c:cd:ac:a8:
79:68:25:5e:e2:87:35:82:86:ff:46:18:b2:d3:d8:30:32:f3:
22:ee:9d:78:d4:ba:6f:00:2f:4f:b9:7d:14:6b:2e:9e:58:2a:
e4:33:1e:5e:54:5f:6e:12:e1:02:9e:8c:52:0e:5d:a8:1b:70:
82:0f:41:c9:b7:a4:e3:8e:bb:f1:65:b0:39:7a:32:f3:dc:3e:
9a:15:a3:08:92:5a:f2:ef:7a:45:e5:aa:ce:10:0d:3d:3c:ea:
a9:16:b6:45
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNDA4MjYw
NTI1MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwRTZCODIwMzQ1QTZG
QkY3MTZDNTE4MzQ3OUU2RjYwRDVFMzY4MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/A4jqtG+sKYUP0LUHGCr2a8Em51i0ynP7NBVEyODH0DvpS4lK
AXQebWMGtR2YZwE9h928JOoab7xoqerKwvczEYRZjb3My+ybQOmV8U/fY/7AsWyJ
BwlpiEnrar8kOhWTX/Oi/4uIM/xZrpDe9GzHLTqumcJlvK5xQwoy/UHOr+VkxirT
ack05+Idd/uIGY+J81OOZSxYPPOig5q6ZN3OdC6JqitcpGicKQXhnItm9ODhJdxC
7hlUi+4mRnOzvfQ4/i8I1oIL9hdYt/9I8xPmC+lJaQ5Zh5UcTFqwNEiFKk0RS/oA
mVtmeoUpXzlbEbYOBiGs0RU5e197BnurYxivAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYOa4IDRab79xbFGDR55vYNXjaA8wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vWU9hNElEUmFiNzl4YkZHRFI1NXZZ
TlhqYUE4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bJDAN
BgkqhkiG9w0BAQsFAAOCAQEAbRMUadELLas1NrZ4QdI9P/JBfT6xcBbV1H1Ra56y
owS8wQd8tWChidbPY2Ac7VwbqWUQ5ov8LDLkzJBbSPhfRNE4MshNzJUH1roPoAlV
6/G2+RSjGJIvOjXhCqa7JO/fUbkyGWNAEzJK3gG/Lw8JHPA1SB3hvEBjGij549gB
Mogq14wEOZTp43Ey+tMwtqN5L1NAeQBJYIS895nXhicMzayoeWglXuKHNYKG/0YY
stPYMDLzIu6deNS6bwAvT7l9FGsunlgq5DMeXlRfbhLhAp6MUg5dqBtwgg9Bybek
44678WWwOXoy89w+mhWjCJJa8u96ReWqzhANPTzqqRa2RQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:53 2025 by rpki-client