Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/ihfQIBO4Xutl3orTNpV0gCjLXYM.roa
File: ihfQIBO4Xutl3orTNpV0gCjLXYM.roa (raw, json)
Hash identifier: U9Y8L7Bs/ovfUSyEQWWxZ5DhusXYmJxy7C3m2aJ8Mk0=
Subject key identifier: 8A:17:D0:20:13:B8:5E:EB:65:DE:8A:D3:36:95:74:80:28:CB:5D:83
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0E28
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/ihfQIBO4Xutl3orTNpV0gCjLXYM.roa
Signing time: Mon 26 Aug 2024 05:25:06 +0000
ROA not before: Mon 26 Aug 2024 05:25:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:59:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3624 (0xe28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Aug 26 05:25:06 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8A17D02013B85EEB65DE8AD33695748028CB5D83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:95:63:a7:b0:f2:8e:08:da:07:72:59:6e:f8:
08:32:95:7d:26:3f:b7:fa:89:9c:82:4b:7e:76:24:
97:8f:26:5c:6a:09:3a:7e:52:c1:46:8a:9f:33:18:
43:4f:cf:03:a8:e2:b5:d7:89:16:00:b9:47:8a:53:
0d:15:01:0d:84:7c:60:61:e7:28:ac:f2:ad:a6:fe:
67:08:7b:ca:70:60:ac:0a:1f:b7:c1:0a:63:bc:ed:
de:4d:c2:aa:f6:d4:d8:73:32:6a:1d:9f:83:4c:bc:
95:a6:1a:d6:cb:48:bb:3b:58:b8:aa:75:8a:a8:c4:
04:f6:5d:ed:dd:9b:4d:83:71:2e:66:6f:8a:a5:be:
56:85:c4:e7:05:ea:60:4f:a1:ef:0d:f5:c2:64:5f:
0b:72:2c:84:41:9f:b8:f5:f5:46:9c:35:c6:e8:a9:
a9:39:6b:18:91:db:af:06:af:1d:af:b5:75:bd:5a:
64:b9:4b:29:f8:77:1a:b5:4f:30:70:a8:49:fb:60:
6a:4a:39:75:a8:99:a8:59:01:b9:e2:2c:2d:50:e5:
46:b3:f9:3c:f8:07:3a:8f:0f:8f:ac:cd:17:ef:cd:
34:31:a2:70:a5:e9:69:fb:b8:f0:e1:14:e3:60:60:
4d:b6:b1:13:2d:a3:ab:df:32:49:8b:3a:2e:7c:ee:
0a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:17:D0:20:13:B8:5E:EB:65:DE:8A:D3:36:95:74:80:28:CB:5D:83
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/ihfQIBO4Xutl3orTNpV0gCjLXYM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.59.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:64:4d:77:18:20:a0:71:c6:4c:0c:75:6b:3c:ae:82:8e:2c:
52:c8:32:e2:6d:4d:5d:43:12:eb:b4:9e:bb:c8:57:cb:57:59:
e0:9c:6e:0b:ce:e6:4c:e3:89:f3:7c:cb:16:6f:78:1a:96:2f:
50:c0:79:57:40:57:9b:a6:fc:4c:36:36:e8:e8:a5:bd:e7:a5:
9a:80:69:5b:41:38:aa:fd:c1:e8:9e:be:f1:77:10:05:1c:76:
0a:0c:7a:5f:a0:9e:3a:15:e6:ca:9b:0b:06:6e:6b:0a:f6:b4:
08:da:09:9c:66:60:4a:bf:02:54:3f:5b:5d:f3:16:09:0f:41:
98:fe:c3:26:4d:6f:82:c7:f4:c5:03:96:97:ff:1e:ae:bb:13:
de:fa:f8:e0:3d:cb:89:74:47:60:64:b8:4c:ae:55:ab:80:ca:
c0:71:32:eb:17:1f:a6:07:7f:a5:e5:58:5f:b5:a3:fb:c6:51:
b0:8a:8b:e7:e6:33:81:47:4b:22:16:a2:ef:23:5f:2b:74:ec:
20:15:28:dc:29:d9:4c:dd:5e:31:5e:71:bc:8e:52:19:9b:8a:
14:4c:57:2f:c9:e2:7b:72:30:a9:87:6a:63:9f:dc:11:36:eb:
c6:80:91:8d:e6:d6:df:96:81:e6:01:9c:88:31:4b:b2:41:0a:
a0:e8:e3:e1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDigwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNDA4MjYw
NTI1MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhBMTdEMDIwMTNCODVF
RUI2NURFOEFEMzM2OTU3NDgwMjhDQjVEODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQlWOnsPKOCNoHcllu+AgylX0mP7f6iZyCS352JJePJlxqCTp+
UsFGip8zGENPzwOo4rXXiRYAuUeKUw0VAQ2EfGBh5yis8q2m/mcIe8pwYKwKH7fB
CmO87d5Nwqr21NhzMmodn4NMvJWmGtbLSLs7WLiqdYqoxAT2Xe3dm02DcS5mb4ql
vlaFxOcF6mBPoe8N9cJkXwtyLIRBn7j19UacNcboqak5axiR268Grx2vtXW9WmS5
Syn4dxq1TzBwqEn7YGpKOXWomahZAbniLC1Q5Uaz+Tz4BzqPD4+szRfvzTQxonCl
6Wn7uPDhFONgYE22sRMto6vfMkmLOi587goPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUihfQIBO4Xutl3orTNpV0gCjLXYMwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vaWhmUUlCTzRYdXRsM29yVE5wVjBn
Q2pMWFlNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bOzAN
BgkqhkiG9w0BAQsFAAOCAQEAn2RNdxggoHHGTAx1azyugo4sUsgy4m1NXUMS67Se
u8hXy1dZ4JxuC87mTOOJ83zLFm94GpYvUMB5V0BXm6b8TDY26OilveelmoBpW0E4
qv3B6J6+8XcQBRx2Cgx6X6CeOhXmypsLBm5rCva0CNoJnGZgSr8CVD9bXfMWCQ9B
mP7DJk1vgsf0xQOWl/8errsT3vr44D3LiXRHYGS4TK5Vq4DKwHEy6xcfpgd/peVY
X7Wj+8ZRsIqL5+YzgUdLIhai7yNfK3TsIBUo3CnZTN1eMV5xvI5SGZuKFExXL8ni
e3IwqYdqY5/cETbrxoCRjebW35aB5gGciDFLskEKoOjj4Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:40 2025 by rpki-client