Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/hS4xZj1UQmnEzsNoQfQhRUvIlU0.roa
File: hS4xZj1UQmnEzsNoQfQhRUvIlU0.roa (raw, json)
Hash identifier: QadKmkBPoKOzVu8MMFrQRbxa9f2OxOE1qD0CSvizhp8=
Subject key identifier: 85:2E:31:66:3D:54:42:69:C4:CE:C3:68:41:F4:21:45:4B:C8:95:4D
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0CD1
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/hS4xZj1UQmnEzsNoQfQhRUvIlU0.roa
Signing time: Mon 26 Aug 2024 05:26:15 +0000
ROA not before: Mon 26 Aug 2024 05:26:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 124.109.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3281 (0xcd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 26 05:26:15 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=852E31663D544269C4CEC36841F421454BC8954D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:63:87:31:49:c9:ce:9f:60:e1:82:2b:c8:
19:db:14:78:49:e8:a5:c3:a9:2a:0c:45:2f:0b:68:
72:20:1d:53:4e:5c:56:08:83:06:bf:42:53:53:0d:
9f:46:fe:2f:46:06:f8:b0:ae:07:f4:dc:66:50:d9:
29:4f:16:ab:a2:ea:73:37:c1:d2:aa:c2:38:10:e0:
f8:d5:4d:d3:5b:7d:3f:06:a8:62:78:22:db:a2:95:
8d:8a:8d:c0:cb:91:e0:1b:2f:06:cd:b0:b4:dc:6f:
02:e6:72:03:89:0c:73:4b:13:54:fe:78:13:52:ff:
85:5b:12:b1:a6:b7:42:94:e1:cf:27:41:a6:08:ec:
c3:e0:ba:a3:4e:77:40:4a:91:d3:e6:af:70:18:69:
88:67:43:2d:cf:05:5b:f4:40:ae:7d:52:23:e9:30:
22:20:53:4c:bc:0f:3d:13:82:55:39:fb:6d:fd:5b:
b6:3d:3f:43:5f:72:be:77:ff:39:4e:a4:bf:9a:11:
a8:b1:d6:0e:de:3b:3d:31:12:9e:1f:0a:dc:ec:e7:
0b:b7:b1:0f:5c:ec:02:30:7c:8a:e8:1d:7f:69:bc:
5f:c5:7c:c8:50:dc:79:ee:b3:3c:fa:6d:2b:ca:53:
14:84:8b:26:9f:a3:d2:f9:37:37:5c:96:5c:28:11:
4b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2E:31:66:3D:54:42:69:C4:CE:C3:68:41:F4:21:45:4B:C8:95:4D
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/hS4xZj1UQmnEzsNoQfQhRUvIlU0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.112.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:81:23:8f:64:dc:af:8a:57:91:1b:58:61:b7:ae:5a:c5:8d:
72:b8:14:e6:af:e7:65:5d:a1:3a:54:09:e1:3a:63:cf:10:f2:
d1:d2:66:a8:81:6a:60:6f:70:5a:96:19:4c:64:70:8e:22:2f:
fc:f1:49:8a:06:23:e1:c7:21:87:a8:01:d5:3c:14:88:1a:d7:
c8:1b:3c:1e:20:63:c6:08:a6:ed:70:52:70:77:50:a2:8c:01:
45:a2:b0:f4:71:d5:dc:be:42:d8:e0:8e:39:fe:0a:dc:20:8c:
19:ca:cd:2e:35:bd:f1:af:32:64:87:9f:5b:d2:85:58:6e:9e:
57:46:1c:4d:e3:9e:97:42:d2:d0:5e:2d:a9:a6:e9:27:2c:4b:
3e:84:9b:81:38:3d:2f:28:a4:a1:9a:a2:83:4b:d9:49:61:fc:
b4:84:41:93:91:cf:f1:01:38:67:b6:d4:8e:e1:71:e5:bd:62:
a4:da:67:c2:d8:24:d5:05:4b:19:83:46:7e:3b:fc:de:9a:e3:
23:0e:19:c6:76:e6:67:04:b0:85:b9:68:cd:fb:7f:8b:3a:f8:
f8:19:8a:47:a1:97:cb:7a:0b:4e:2a:2b:21:a1:8f:d6:5e:f1:
4d:c7:99:d6:ed:92:11:aa:59:d7:1b:b4:3d:3d:35:a2:22:46:
02:c1:04:f7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNDA4MjYw
NTI2MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg1MkUzMTY2M0Q1NDQy
NjlDNENFQzM2ODQxRjQyMTQ1NEJDODk1NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7b2OHMUnJzp9g4YIryBnbFHhJ6KXDqSoMRS8LaHIgHVNOXFYI
gwa/QlNTDZ9G/i9GBviwrgf03GZQ2SlPFqui6nM3wdKqwjgQ4PjVTdNbfT8GqGJ4
ItuilY2KjcDLkeAbLwbNsLTcbwLmcgOJDHNLE1T+eBNS/4VbErGmt0KU4c8nQaYI
7MPguqNOd0BKkdPmr3AYaYhnQy3PBVv0QK59UiPpMCIgU0y8Dz0TglU5+239W7Y9
P0Nfcr53/zlOpL+aEaix1g7eOz0xEp4fCtzs5wu3sQ9c7AIwfIroHX9pvF/FfMhQ
3Hnuszz6bSvKUxSEiyafo9L5NzdcllwoEUufAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhS4xZj1UQmnEzsNoQfQhRUvIlU0wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9oUzR4WmoxVVFtbkV6c05vUWZR
aFJVdklsVTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w
MA0GCSqGSIb3DQEBCwUAA4IBAQBagSOPZNyvileRG1hht65axY1yuBTmr+dlXaE6
VAnhOmPPEPLR0maogWpgb3BalhlMZHCOIi/88UmKBiPhxyGHqAHVPBSIGtfIGzwe
IGPGCKbtcFJwd1CijAFForD0cdXcvkLY4I45/grcIIwZys0uNb3xrzJkh59b0oVY
bp5XRhxN456XQtLQXi2ppuknLEs+hJuBOD0vKKShmqKDS9lJYfy0hEGTkc/xAThn
ttSO4XHlvWKk2mfC2CTVBUsZg0Z+O/zemuMjDhnGduZnBLCFuWjN+3+LOvj4GYpH
oZfLegtOKishoY/WXvFNx5nW7ZIRqlnXG7Q9PTWiIkYCwQT3
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:08:54 2025 by rpki-client