Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SGU/9fjWKVslQEtjFDcGwI9VAt198aI.roa
File: 9fjWKVslQEtjFDcGwI9VAt198aI.roa (raw, json)
Hash identifier: SweuBdYZIqAxSTZJBLrwi5IxgjvYozvljY6u+R+4US8=
Subject key identifier: F5:F8:D6:29:5B:25:40:4B:63:14:37:06:C0:8F:55:02:DD:7D:F1:A2
Certificate issuer: /CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Certificate serial: 0237
Authority key identifier: 32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/9fjWKVslQEtjFDcGwI9VAt198aI.roa
Signing time: Mon 26 Aug 2024 05:25:47 +0000
ROA not before: Mon 26 Aug 2024 05:25:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 134823
IP address blocks: 2400:7420::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 567 (0x237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Validity
Not Before: Aug 26 05:25:47 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F5F8D6295B25404B63143706C08F5502DD7DF1A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b2:65:e8:2c:e4:3c:ee:c1:c7:e3:9f:b2:9f:
bf:40:c7:95:e9:63:1e:a6:c3:61:91:9e:90:4e:ae:
76:73:c3:f7:3e:78:5e:44:e1:32:34:b5:bf:16:42:
f1:c4:db:19:8b:b1:8b:73:75:bc:d2:80:e9:42:92:
a8:7a:ff:5f:4b:4a:5d:31:32:31:b5:53:43:fc:1c:
07:08:2b:81:c8:f5:3f:f7:66:fc:59:51:72:80:40:
e2:51:4c:d1:19:45:73:ca:99:a8:b0:ba:fa:0e:1c:
d4:0d:0e:8b:8d:9b:10:b5:f4:d4:3c:e0:b1:24:23:
f5:fe:da:79:ae:1c:d8:0e:5e:e3:50:1a:fd:50:68:
d2:5f:74:7b:f9:da:7e:d2:c9:c8:92:f6:10:7c:0c:
78:93:9a:d1:31:75:0b:44:10:79:44:30:95:e2:36:
08:4c:65:f3:38:45:f4:9c:60:8f:b2:bf:12:a5:05:
81:65:a7:eb:07:20:b8:06:8f:94:92:f7:0f:5d:4e:
9f:94:17:5d:38:7e:7b:38:7e:66:14:1a:12:41:16:
11:55:61:95:28:f1:1a:23:b5:50:01:2c:e2:6d:ec:
46:46:ea:4e:c6:87:52:ff:2a:1c:7e:7c:f4:a0:89:
df:44:0e:7e:bb:28:6b:e6:32:3f:75:be:3d:71:fa:
07:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F8:D6:29:5B:25:40:4B:63:14:37:06:C0:8F:55:02:DD:7D:F1:A2
X509v3 Authority Key Identifier:
keyid:32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/MpTnGQKkpcMbmHvWfQlK9YMKgW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/9fjWKVslQEtjFDcGwI9VAt198aI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7420::/32
Signature Algorithm: sha256WithRSAEncryption
20:84:9e:53:fc:df:14:90:74:a6:40:33:18:6e:59:2a:7f:cb:
11:dd:89:14:fa:a6:d9:50:ec:28:56:a7:1c:cc:87:c9:8e:2f:
99:54:fb:23:0b:0e:ab:e9:dd:f0:58:de:9d:e5:28:de:a2:1e:
81:3a:07:03:f8:61:3c:0e:c0:6d:28:53:0f:d9:ba:8d:4a:c3:
a2:f9:d1:1d:dc:fd:9d:c4:09:1d:ca:16:80:c2:11:32:7b:3d:
26:f7:6c:b5:de:95:17:1a:1b:4e:b6:22:56:8c:84:b0:c4:0d:
29:44:e1:93:86:05:66:f3:ff:e3:c6:e1:d9:36:9e:f8:5a:27:
a3:01:b5:3e:27:cc:76:6a:bf:7a:47:77:e8:9c:03:bb:20:29:
23:15:e4:ac:4d:e1:4d:08:00:9f:8c:a9:d5:51:0b:50:cb:7a:
40:29:74:83:b2:51:8a:89:d3:6a:e2:a5:ce:da:fd:3f:7d:a2:
e8:cf:1b:55:e3:b6:d0:bb:a4:c8:5d:b3:f1:74:c0:4f:7e:ed:
c9:0f:7e:b2:1f:ea:9c:f0:ab:94:2d:89:47:7f:ba:63:65:92:
5e:43:ca:6e:fb:17:3e:ef:21:1f:1b:ab:50:5f:0e:c6:17:6e:
9b:3a:35:56:23:bf:ea:fa:9e:11:75:a0:ef:49:99:08:a0:fd:
94:0e:61:6f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI5
NEU3MTkwMkE0QTVDMzFCOTg3QkQ2N0QwOTRBRjU4MzBBODE2RDAeFw0yNDA4MjYw
NTI1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY1RjhENjI5NUIyNTQw
NEI2MzE0MzcwNkMwOEY1NTAyREQ3REYxQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCismXoLOQ87sHH45+yn79Ax5XpYx6mw2GRnpBOrnZzw/c+eF5E
4TI0tb8WQvHE2xmLsYtzdbzSgOlCkqh6/19LSl0xMjG1U0P8HAcIK4HI9T/3ZvxZ
UXKAQOJRTNEZRXPKmaiwuvoOHNQNDouNmxC19NQ84LEkI/X+2nmuHNgOXuNQGv1Q
aNJfdHv52n7SyciS9hB8DHiTmtExdQtEEHlEMJXiNghMZfM4RfScYI+yvxKlBYFl
p+sHILgGj5SS9w9dTp+UF104fns4fmYUGhJBFhFVYZUo8RojtVABLOJt7EZG6k7G
h1L/Khx+fPSgid9EDn67KGvmMj91vj1x+gdjAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU9fjWKVslQEtjFDcGwI9VAt198aIwHwYDVR0jBBgwFoAUMpTnGQKkpcMbmHvW
fQlK9YMKgW0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL01w
VG5HUUtrcGNNYm1IdldmUWxLOVlNS2dXMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TXBUbkdRS2twY01ibUh2V2ZRbEs5WU1LZ1cwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVLzlmaldLVnNsUUV0akZEY0d3STlWQXQx
OThhSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAHQgMA0G
CSqGSIb3DQEBCwUAA4IBAQAghJ5T/N8UkHSmQDMYblkqf8sR3YkU+qbZUOwoVqcc
zIfJji+ZVPsjCw6r6d3wWN6d5Sjeoh6BOgcD+GE8DsBtKFMP2bqNSsOi+dEd3P2d
xAkdyhaAwhEyez0m92y13pUXGhtOtiJWjISwxA0pROGThgVm8//jxuHZNp74Wiej
AbU+J8x2ar96R3fonAO7ICkjFeSsTeFNCACfjKnVUQtQy3pAKXSDslGKidNq4qXO
2v0/faLozxtV47bQu6TIXbPxdMBPfu3JD36yH+qc8KuULYlHf7pjZZJeQ8pu+xc+
7yEfG6tQXw7GF26bOjVWI7/q+p4RdaDvSZkIoP2UDmFv
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:35:33 2025 by rpki-client