Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/hPlgyhXkPRcqEdR6-1_fwlH7WNk.roa
File: hPlgyhXkPRcqEdR6-1_fwlH7WNk.roa (raw, json)
Hash identifier: 3PDRidppAQKDg72HwCzHMTtfmxGVGbq7I0QEw/C8BZM=
Subject key identifier: 84:F9:60:CA:15:E4:3D:17:2A:11:D4:7A:FB:5F:DF:C2:51:FB:58:D9
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0C84
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/hPlgyhXkPRcqEdR6-1_fwlH7WNk.roa
Signing time: Mon 26 Aug 2024 05:26:36 +0000
ROA not before: Mon 26 Aug 2024 05:26:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 39.1.0.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3204 (0xc84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Aug 26 05:26:36 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=84F960CA15E43D172A11D47AFB5FDFC251FB58D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:72:58:71:86:8f:e0:5e:fe:6a:bf:1a:cb:48:
de:a1:58:39:c6:94:56:44:b7:cf:38:55:76:42:76:
1b:20:fb:ce:e2:99:fe:72:7f:d9:54:ff:96:34:a2:
65:bd:b0:c7:8c:db:19:47:4f:23:5a:a7:ce:30:56:
47:f5:a8:60:e3:a1:81:da:d7:01:8d:e9:28:7b:c3:
42:86:f8:c6:65:c4:44:86:60:3b:04:0b:c6:b2:81:
85:72:33:46:06:5c:c4:0a:bf:58:61:fe:92:91:67:
d9:a6:f9:57:ad:a1:ce:cd:38:b0:c1:18:04:73:6e:
3a:03:b9:f6:11:1b:71:f4:ad:1f:64:85:3d:06:17:
7d:5a:9a:20:0b:2b:09:fa:6c:83:ac:70:33:ae:b0:
20:48:44:0f:be:70:d4:ce:b2:ee:5d:ae:42:04:27:
3a:75:50:c6:39:19:ef:10:a5:43:1c:1b:ae:fc:63:
03:e0:6a:42:dc:cd:47:75:27:6d:71:e2:b3:eb:3e:
8d:e2:25:8a:c9:f2:eb:22:4a:af:1f:23:6b:8e:92:
86:d3:4e:e3:8c:cf:be:5c:1d:da:7b:1e:b6:89:d5:
dc:4b:6a:3b:fa:3d:58:58:a8:44:de:88:5c:fe:3f:
25:be:6f:89:f8:8f:75:0e:87:d7:e2:86:ee:b7:8e:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F9:60:CA:15:E4:3D:17:2A:11:D4:7A:FB:5F:DF:C2:51:FB:58:D9
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/hPlgyhXkPRcqEdR6-1_fwlH7WNk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.1.0.0/20
Signature Algorithm: sha256WithRSAEncryption
cc:90:fb:e3:66:ae:bc:e2:6e:e9:4b:c0:8a:48:eb:50:32:60:
35:2a:da:e7:78:b4:a1:66:09:67:4d:37:90:bc:a5:9e:69:53:
b6:20:e9:df:8f:1f:44:97:96:60:97:ae:b3:fd:bf:77:c6:0b:
52:9b:3f:ac:b4:b7:d6:ea:a4:ce:b4:71:26:f8:1f:32:ce:04:
41:47:f1:82:56:1b:2c:ac:8f:6b:a1:c5:4d:89:31:5e:a0:42:
e6:63:74:be:79:a8:50:3d:53:50:2f:fd:88:c3:c8:f4:3f:fc:
9b:c4:66:61:50:35:9e:b1:c7:b4:c8:db:c8:4a:03:a8:24:3f:
e2:6e:1b:d6:40:4e:e0:82:6d:49:9a:f5:cf:f7:b1:bd:ea:87:
b7:eb:28:39:97:fa:35:8f:9a:d0:90:98:48:08:4e:77:36:9c:
50:8d:78:1d:86:03:5b:bf:2a:8d:49:d3:54:c6:d9:80:4c:b8:
e4:e7:ef:40:6b:24:26:be:f9:7d:8a:fa:30:27:26:7d:6a:57:
c4:ba:a8:74:a8:cb:51:bf:19:d8:79:bb:5e:7a:88:ef:15:28:
9e:b4:a7:2a:31:13:90:ff:f0:29:55:5c:82:da:3f:63:2f:16:
b5:0e:52:99:a1:22:7e:74:5f:19:35:28:ad:5d:76:b1:be:94:
4b:92:50:81
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNDA4MjYw
NTI2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0Rjk2MENBMTVFNDNE
MTcyQTExRDQ3QUZCNUZERkMyNTFGQjU4RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAclhxho/gXv5qvxrLSN6hWDnGlFZEt884VXZCdhsg+87imf5y
f9lU/5Y0omW9sMeM2xlHTyNap84wVkf1qGDjoYHa1wGN6Sh7w0KG+MZlxESGYDsE
C8aygYVyM0YGXMQKv1hh/pKRZ9mm+Vetoc7NOLDBGARzbjoDufYRG3H0rR9khT0G
F31amiALKwn6bIOscDOusCBIRA++cNTOsu5drkIEJzp1UMY5Ge8QpUMcG678YwPg
akLczUd1J21x4rPrPo3iJYrJ8usiSq8fI2uOkobTTuOMz75cHdp7HraJ1dxLajv6
PVhYqETeiFz+PyW+b4n4j3UOh9fihu63jh6tAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhPlgyhXkPRcqEdR6+1/fwlH7WNkwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9oUGxneWhYa1BSY3FFZFI2LTFf
ZndsSDdXTmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJwEA
MA0GCSqGSIb3DQEBCwUAA4IBAQDMkPvjZq684m7pS8CKSOtQMmA1KtrneLShZgln
TTeQvKWeaVO2IOnfjx9El5Zgl66z/b93xgtSmz+stLfW6qTOtHEm+B8yzgRBR/GC
VhssrI9rocVNiTFeoELmY3S+eahQPVNQL/2Iw8j0P/ybxGZhUDWesce0yNvISgOo
JD/ibhvWQE7ggm1JmvXP97G96oe36yg5l/o1j5rQkJhICE53NpxQjXgdhgNbvyqN
SdNUxtmATLjk5+9AayQmvvl9ivowJyZ9alfEuqh0qMtRvxnYebteeojvFSietKcq
MROQ//ApVVyC2j9jLxa1DlKZoSJ+dF8ZNSitXXaxvpRLklCB
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:17 2025 by rpki-client