Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/xs5eCUbALLApBtRtCzGGEihC3FY.roa
File: xs5eCUbALLApBtRtCzGGEihC3FY.roa (raw, json)
Hash identifier: lVgRqUQn164M1M2b1vRGCsRnhaNYgEz9LHmpdJnDvn0=
Subject key identifier: C6:CE:5E:09:46:C0:2C:B0:29:06:D4:6D:0B:31:86:12:28:42:DC:56
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0CDA
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/xs5eCUbALLApBtRtCzGGEihC3FY.roa
Signing time: Mon 26 Aug 2024 05:26:18 +0000
ROA not before: Mon 26 Aug 2024 05:26:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 103.234.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3290 (0xcda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 26 05:26:18 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C6CE5E0946C02CB02906D46D0B3186122842DC56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:98:e2:3b:19:fb:d7:dc:36:52:68:33:0a:82:
bb:20:53:a1:cb:5a:04:cf:7e:47:5d:8c:92:e1:23:
36:a4:df:7d:27:bf:d7:76:b7:a1:48:16:e4:50:38:
fe:ba:20:71:98:9d:57:49:84:0a:c7:a1:2e:6c:6e:
27:31:e2:10:79:19:4c:dd:3d:74:66:ee:77:13:d5:
a0:dd:75:10:fb:cc:f6:a6:84:90:e7:52:f0:66:59:
bf:7e:63:9c:91:f8:25:9d:c4:ec:db:46:f0:08:0c:
96:77:67:c3:fa:12:60:4b:8b:65:be:09:c5:ff:e2:
63:5a:a6:04:87:1d:f7:b5:93:ea:23:86:ad:fc:b2:
fb:3c:eb:2f:13:83:3a:6c:0c:35:ff:fd:75:d5:6b:
65:a6:da:0c:6b:a5:0d:1e:8d:01:ee:24:ea:a1:53:
2a:c8:86:f0:4c:b0:0e:2a:30:09:40:cc:66:b5:26:
b7:ca:86:7f:04:c2:6a:5e:34:0c:ec:f9:17:9d:03:
94:5f:ba:59:c7:1e:82:22:0f:b2:71:95:bc:a7:09:
c8:de:c9:16:61:ab:56:28:62:37:02:e2:b5:c9:b9:
ab:65:62:4c:74:2e:e8:9f:53:43:83:6a:45:b0:bd:
ac:d6:ab:c9:3b:a7:87:0c:5d:8b:4d:3e:73:d9:1e:
79:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CE:5E:09:46:C0:2C:B0:29:06:D4:6D:0B:31:86:12:28:42:DC:56
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/xs5eCUbALLApBtRtCzGGEihC3FY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.234.204.0/22
Signature Algorithm: sha256WithRSAEncryption
30:ae:7b:04:7b:4a:f0:27:e1:77:4f:79:b7:39:5b:2a:78:cd:
fc:5b:d2:a2:fd:9e:93:c2:7e:24:f0:e8:eb:f1:85:91:90:93:
9d:cf:53:24:bf:b6:5d:66:7a:9d:59:f1:7e:94:3e:7d:63:d3:
70:d8:17:71:4a:01:16:83:11:55:3d:ca:ac:2b:56:40:d7:58:
59:d3:2d:36:27:bc:5b:db:8d:ef:3a:82:a4:06:32:19:7c:fe:
1d:91:1b:74:83:64:7b:51:e3:18:e5:be:34:91:76:8f:58:78:
84:bf:7b:6f:39:bd:3d:fe:54:cf:a8:38:30:f6:25:01:05:b8:
9d:39:79:f5:c4:a4:99:89:f6:d1:b9:55:14:6f:44:9f:a1:30:
b9:cb:d6:19:2c:9b:32:c2:d8:8d:89:eb:40:b3:4a:ba:91:18:
e0:d2:a7:8e:51:00:7c:dd:34:20:76:bc:87:8e:c8:90:e8:90:
6a:ab:43:57:61:ea:22:de:34:c8:38:a8:07:92:7f:d7:f3:a7:
14:27:0b:f8:c5:51:a1:0f:1e:32:0b:6f:b4:e7:27:02:05:89:
ac:a1:2f:ba:d3:90:89:e7:e1:d2:72:d7:47:e5:58:83:30:72:
ea:d6:a2:6d:63:4e:9e:1e:49:60:22:71:aa:bb:7b:2c:7e:5e:
fa:59:bb:6d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNDA4MjYw
NTI2MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM2Q0U1RTA5NDZDMDJD
QjAyOTA2RDQ2RDBCMzE4NjEyMjg0MkRDNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnmOI7GfvX3DZSaDMKgrsgU6HLWgTPfkddjJLhIzak330nv9d2
t6FIFuRQOP66IHGYnVdJhArHoS5sbicx4hB5GUzdPXRm7ncT1aDddRD7zPamhJDn
UvBmWb9+Y5yR+CWdxOzbRvAIDJZ3Z8P6EmBLi2W+CcX/4mNapgSHHfe1k+ojhq38
svs86y8TgzpsDDX//XXVa2Wm2gxrpQ0ejQHuJOqhUyrIhvBMsA4qMAlAzGa1JrfK
hn8EwmpeNAzs+RedA5RfulnHHoIiD7JxlbynCcjeyRZhq1YoYjcC4rXJuatlYkx0
LuifU0ODakWwvazWq8k7p4cMXYtNPnPZHnkxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUxs5eCUbALLApBtRtCzGGEihC3FYwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS94czVlQ1ViQUxMQXBCdFJ0Q3pH
R0VpaEMzRlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+rM
MA0GCSqGSIb3DQEBCwUAA4IBAQAwrnsEe0rwJ+F3T3m3OVsqeM38W9Ki/Z6Twn4k
8Ojr8YWRkJOdz1Mkv7ZdZnqdWfF+lD59Y9Nw2BdxSgEWgxFVPcqsK1ZA11hZ0y02
J7xb243vOoKkBjIZfP4dkRt0g2R7UeMY5b40kXaPWHiEv3tvOb09/lTPqDgw9iUB
BbidOXn1xKSZifbRuVUUb0SfoTC5y9YZLJsywtiNietAs0q6kRjg0qeOUQB83TQg
dryHjsiQ6JBqq0NXYeoi3jTIOKgHkn/X86cUJwv4xVGhDx4yC2+05ycCBYmsoS+6
05CJ5+HSctdH5ViDMHLq1qJtY06eHklgInGqu3ssfl76Wbtt
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:07 2025 by rpki-client