Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa
File: 9FGsZLe8eZrYfFwi51S5LgYqv5k.roa (raw, json)
Hash identifier: 7sj6doovqe2MIaZ67WepDkRzSFQvnmgwapOAUjkCxIM=
Subject key identifier: F4:51:AC:64:B7:BC:79:9A:D8:7C:5C:22:E7:54:B9:2E:06:2A:BF:99
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0DE9
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa
Signing time: Mon 26 Aug 2024 05:27:18 +0000
ROA not before: Mon 26 Aug 2024 05:27:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38844
IP address blocks: 140.122.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3561 (0xde9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Aug 26 05:27:18 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F451AC64B7BC799AD87C5C22E754B92E062ABF99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:08:9b:f9:18:bb:70:a8:ce:53:a6:c4:96:
09:67:e2:0f:88:88:40:a9:98:8c:23:79:91:ad:6c:
60:14:48:de:a2:da:9f:ed:89:88:e3:97:ee:23:a4:
71:9b:19:26:52:33:a4:9e:c7:e6:7f:37:3e:60:c1:
07:87:4e:fe:40:04:18:fc:9f:29:c1:62:89:9d:69:
a7:b6:b5:27:46:26:ad:dd:51:b6:99:7d:3c:00:f1:
2d:4a:9a:2e:46:9b:82:0c:13:46:75:71:ac:86:3b:
1f:ee:ee:7d:2d:d7:e9:bd:62:ae:95:d8:09:43:02:
b7:95:2d:69:39:6b:66:88:95:d6:46:37:c6:f3:99:
fc:99:a1:e4:35:37:83:65:79:5a:70:b1:95:16:f6:
31:2c:69:10:b9:d6:f8:fb:e5:89:a1:75:b9:56:d8:
4d:4b:79:a4:a1:17:73:c8:2d:4c:0d:b2:cc:4f:2f:
4b:60:fa:a8:fa:b0:a8:8f:21:74:40:74:29:c4:33:
cd:a5:be:b3:c4:aa:84:cb:b7:e3:07:90:67:52:e1:
93:57:e0:95:ac:ee:15:8e:28:31:10:02:9a:ea:a0:
d1:58:49:93:c4:67:00:58:16:b6:f8:0e:77:36:b1:
bc:80:2d:ad:54:61:18:0b:ec:72:a0:d7:57:b2:de:
ec:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:51:AC:64:B7:BC:79:9A:D8:7C:5C:22:E7:54:B9:2E:06:2A:BF:99
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/9FGsZLe8eZrYfFwi51S5LgYqv5k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.122.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:b2:de:5c:6a:46:4d:66:fb:60:8f:fa:a1:6a:6a:8b:e8:59:
d9:c6:56:56:8c:95:f7:6a:47:76:04:b0:fc:cf:a6:71:41:62:
95:83:d5:25:5f:5c:f2:04:4f:ad:c9:11:e2:21:11:07:66:e1:
30:34:1e:89:5f:7d:4d:c4:44:30:bb:51:9d:e3:e8:07:0f:4e:
72:1f:98:4d:db:c1:2a:44:a8:4d:4d:b6:2b:d2:25:ac:3f:23:
a3:29:46:d9:dd:93:47:3d:a0:04:3b:f4:5b:7b:66:3d:ff:bd:
97:be:ee:82:0c:24:d0:cb:1b:c3:4a:6e:7a:20:ea:d0:15:77:
77:8f:37:d0:7c:10:40:9a:a2:87:96:da:5e:12:a6:13:7b:eb:
c5:32:6d:44:a4:94:f3:99:f3:4a:a0:69:73:c2:0d:0d:b6:c1:
77:e4:df:cb:37:fa:cc:b8:3c:8e:17:2e:26:63:06:fa:7b:f5:
0c:0f:e9:ba:9d:90:75:36:bd:fe:5c:2d:61:62:9e:3c:6a:c6:
71:f8:c8:5a:30:e2:63:ae:cf:32:ae:2f:4f:24:31:b0:0d:91:
6b:28:98:16:48:fe:99:a3:43:39:4c:db:2d:5a:61:64:50:1c:
ad:95:23:95:a5:64:09:0c:b3:4b:3c:1a:c8:d3:f0:cd:bc:98:
d4:83:52:a2
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw
NTI3MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY0NTFBQzY0QjdCQzc5
OUFEODdDNUMyMkU3NTRCOTJFMDYyQUJGOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/pwib+Ri7cKjOU6bElgln4g+IiECpmIwjeZGtbGAUSN6i2p/t
iYjjl+4jpHGbGSZSM6Sex+Z/Nz5gwQeHTv5ABBj8nynBYomdaae2tSdGJq3dUbaZ
fTwA8S1Kmi5Gm4IME0Z1cayGOx/u7n0t1+m9Yq6V2AlDAreVLWk5a2aIldZGN8bz
mfyZoeQ1N4NleVpwsZUW9jEsaRC51vj75YmhdblW2E1LeaShF3PILUwNssxPL0tg
+qj6sKiPIXRAdCnEM82lvrPEqoTLt+MHkGdS4ZNX4JWs7hWOKDEQAprqoNFYSZPE
ZwBYFrb4Dnc2sbyALa1UYRgL7HKg11ey3ux/AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU9FGsZLe8eZrYfFwi51S5LgYqv5kwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC85RkdzWkxlOGVacllmRndpNTFT
NUxnWXF2NWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHow
DQYJKoZIhvcNAQELBQADggEBAIqy3lxqRk1m+2CP+qFqaovoWdnGVlaMlfdqR3YE
sPzPpnFBYpWD1SVfXPIET63JEeIhEQdm4TA0HolffU3ERDC7UZ3j6AcPTnIfmE3b
wSpEqE1NtivSJaw/I6MpRtndk0c9oAQ79Ft7Zj3/vZe+7oIMJNDLG8NKbnog6tAV
d3ePN9B8EECaooeW2l4SphN768UybUSklPOZ80qgaXPCDQ22wXfk38s3+sy4PI4X
LiZjBvp79QwP6bqdkHU2vf5cLWFinjxqxnH4yFow4mOuzzKuL08kMbANkWsomBZI
/pmjQzlM2y1aYWRQHK2VI5WlZAkMs0s8GsjT8M28mNSDUqI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:12:38 2025 by rpki-client