Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/NMPqpYkhy0NBHbq8SmuNWxcwUHY.roa
File: NMPqpYkhy0NBHbq8SmuNWxcwUHY.roa (raw, json)
Hash identifier: PNmqMezFInKNqk1XQTTPyrxa50n0S56qAqc+N54+Iow=
Subject key identifier: 34:C3:EA:A5:89:21:CB:43:41:1D:BA:BC:4A:6B:8D:5B:17:30:50:76
Certificate issuer: /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Certificate serial: 0C56
Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/NMPqpYkhy0NBHbq8SmuNWxcwUHY.roa
Signing time: Mon 26 Aug 2024 05:26:48 +0000
ROA not before: Mon 26 Aug 2024 05:26:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4783
IP address blocks: 210.67.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:08:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC
Validity
Not Before: Aug 26 05:26:48 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=34C3EAA58921CB43411DBABC4A6B8D5B17305076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e9:7f:5a:8b:b9:0b:97:ac:64:da:fd:c6:5e:
a5:58:cb:9a:c3:95:99:a9:d7:7d:c9:49:79:84:89:
c9:76:b2:89:ad:94:7d:84:12:c4:0a:cb:3b:dc:68:
9e:a6:78:8e:88:fa:8c:69:4c:d4:8d:4c:b9:77:20:
1e:68:2b:1a:9a:f7:bb:fc:48:29:bc:33:89:3e:95:
33:1c:c9:6e:f5:d5:2f:85:b3:33:be:64:a2:9d:88:
ea:6e:cd:b0:ce:23:23:bd:94:d0:dd:99:de:b4:17:
8a:91:1f:51:66:5c:59:59:58:b3:85:82:d1:38:26:
89:6a:9d:6d:18:41:f8:35:97:ca:04:5a:ff:66:70:
09:5c:d1:9e:a3:91:ad:0d:de:4a:5e:3e:6b:b8:3a:
9c:d2:c7:dd:bf:85:73:90:56:d1:65:f0:e2:80:01:
19:3d:b6:df:6f:2d:5a:67:20:9a:de:83:08:a9:c5:
a1:b3:fc:ff:34:21:22:87:84:1a:83:1a:ab:7c:03:
01:ab:fa:67:f5:69:5b:a1:bd:2a:a5:ba:41:20:26:
11:5b:67:59:a5:44:ec:21:6b:82:df:cf:91:a2:f2:
f0:82:ab:b0:3f:b9:51:43:6e:9a:54:e8:72:8e:f7:
20:a4:b7:b1:86:4b:68:c0:1d:49:84:44:eb:91:7d:
1f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C3:EA:A5:89:21:CB:43:41:1D:BA:BC:4A:6B:8D:5B:17:30:50:76
X509v3 Authority Key Identifier:
keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/NMPqpYkhy0NBHbq8SmuNWxcwUHY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.67.112.0/20
Signature Algorithm: sha256WithRSAEncryption
71:31:c4:1e:bf:af:cd:90:fc:9b:87:1a:f4:94:c5:10:71:2f:
ba:ad:47:c4:a8:7c:26:ec:8f:47:7a:62:d1:65:ab:33:27:f8:
4a:f5:e5:45:1d:5c:c5:b6:66:e8:78:1d:b3:a3:aa:b8:44:e9:
fc:78:25:71:29:82:ee:c5:fc:5d:0d:5c:e1:76:59:7c:62:ea:
32:f3:02:a0:4c:ef:15:31:16:15:7e:b9:61:54:fa:13:0c:e7:
59:9e:10:e6:38:32:b3:a6:b7:12:04:9e:df:a3:70:65:e0:8c:
9b:ef:96:e8:00:1f:cc:0c:e1:56:85:aa:d6:6a:87:e3:ac:0a:
15:31:c2:20:59:04:5c:19:d3:58:09:cc:08:42:92:a0:b5:96:
a2:5c:ab:90:fe:b4:31:08:c6:36:5c:6a:62:eb:7b:31:4c:34:
30:2c:91:d4:af:06:b3:f1:4d:46:fb:b8:6f:8c:27:e3:06:b2:
3d:a0:46:4c:4d:9f:f5:13:b4:8f:2b:2d:5d:55:71:39:2e:95:
f2:8a:3d:1e:2a:2c:9a:4f:e0:26:03:aa:01:57:44:94:fb:c6:
a6:69:75:5b:5f:68:26:8c:7e:a5:ff:82:0b:ff:16:7d:61:49:
83:0a:9d:db:ab:fd:2b:ea:46:4b:b8:d5:5a:3b:4a:a7:30:bf:
d0:8f:d2:f5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC
Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yNDA4MjYw
NTI2NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM0QzNFQUE1ODkyMUNC
NDM0MTFEQkFCQzRBNkI4RDVCMTczMDUwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk6X9ai7kLl6xk2v3GXqVYy5rDlZmp133JSXmEicl2somtlH2E
EsQKyzvcaJ6meI6I+oxpTNSNTLl3IB5oKxqa97v8SCm8M4k+lTMcyW711S+FszO+
ZKKdiOpuzbDOIyO9lNDdmd60F4qRH1FmXFlZWLOFgtE4JolqnW0YQfg1l8oEWv9m
cAlc0Z6jka0N3kpePmu4OpzSx92/hXOQVtFl8OKAARk9tt9vLVpnIJregwipxaGz
/P80ISKHhBqDGqt8AwGr+mf1aVuhvSqlukEgJhFbZ1mlROwha4Lfz5Gi8vCCq7A/
uVFDbppU6HKO9yCkt7GGS2jAHUmEROuRfR+/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNMPqpYkhy0NBHbq8SmuNWxcwUHYwHwYDVR0jBBgwFoAUlruUtFf52CoptbL9
nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU
L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL05NUHFwWWtoeTBOQkhicThT
bXVOV3hjd1VIWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATS
Q3AwDQYJKoZIhvcNAQELBQADggEBAHExxB6/r82Q/JuHGvSUxRBxL7qtR8SofCbs
j0d6YtFlqzMn+Er15UUdXMW2Zuh4HbOjqrhE6fx4JXEpgu7F/F0NXOF2WXxi6jLz
AqBM7xUxFhV+uWFU+hMM51meEOY4MrOmtxIEnt+jcGXgjJvvlugAH8wM4VaFqtZq
h+OsChUxwiBZBFwZ01gJzAhCkqC1lqJcq5D+tDEIxjZcamLrezFMNDAskdSvBrPx
TUb7uG+MJ+MGsj2gRkxNn/UTtI8rLV1VcTkulfKKPR4qLJpP4CYDqgFXRJT7xqZp
dVtfaCaMfqX/ggv/Fn1hSYMKndur/SvqRku41Vo7Sqcwv9CP0vU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:20 2025 by rpki-client