Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/BaVd3pjx-P03CKNLTMyJxcYitRw.roa
File: BaVd3pjx-P03CKNLTMyJxcYitRw.roa (raw, json)
Hash identifier: SP5ti+KKuoS4H8mNY6NqBITUIJCpn/TqaTy+FOM8VPs=
Subject key identifier: 05:A5:5D:DE:98:F1:F8:FD:37:08:A3:4B:4C:CC:89:C5:C6:22:B5:1C
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0DF0
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/BaVd3pjx-P03CKNLTMyJxcYitRw.roa
Signing time: Mon 26 Aug 2024 05:27:22 +0000
ROA not before: Mon 26 Aug 2024 05:27:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3568 (0xdf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Aug 26 05:27:22 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=05A55DDE98F1F8FD3708A34B4CCC89C5C622B51C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d7:ae:cf:62:7d:61:6f:b4:21:48:84:60:5f:
4e:fb:39:d0:f1:48:17:f6:24:a9:4d:32:a6:73:cd:
68:07:29:89:9e:e2:0c:a8:60:ac:c0:91:cd:b4:68:
4e:2e:b4:e9:23:b6:70:2b:75:fa:4d:9a:49:ee:f6:
ad:9a:71:a1:7c:26:be:10:ca:c5:e9:57:e5:50:16:
c2:b9:a8:59:a3:ff:e2:9e:85:7a:50:84:82:2f:22:
82:e8:0c:f0:b0:cb:51:f9:b2:99:5b:c1:ca:39:3a:
67:91:f5:14:2d:b7:ee:60:66:5e:46:95:e7:67:b2:
b4:cb:60:10:32:47:2b:3c:be:3c:f4:d3:0f:e8:d2:
d6:ab:1d:8e:8e:d5:99:39:46:e8:84:9a:bf:7b:c5:
04:51:ac:de:35:cb:11:bb:38:9d:6a:ca:41:a1:30:
8c:ce:38:ec:14:93:f8:97:0c:23:ab:f7:16:51:2f:
58:65:d0:71:b6:6b:f1:bd:91:ae:69:70:0d:4e:91:
bb:d1:b4:06:2f:22:45:d5:6c:b1:fd:15:4d:97:6f:
30:4f:82:7d:8d:bb:a0:16:ee:ea:29:75:43:49:cc:
1f:d4:34:49:99:a9:4f:79:75:25:1c:35:52:80:eb:
47:c6:41:8a:4e:ec:a5:6c:86:77:98:1e:19:7b:5a:
cc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A5:5D:DE:98:F1:F8:FD:37:08:A3:4B:4C:CC:89:C5:C6:22:B5:1C
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/BaVd3pjx-P03CKNLTMyJxcYitRw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.51.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c5:c6:e9:d8:55:79:92:06:42:13:b5:dd:71:da:c2:e8:7a:
9e:55:d9:cd:8e:d0:f0:0e:fc:37:31:7d:e9:22:b5:18:12:6a:
dc:c3:1a:cd:35:cf:3b:d9:df:6c:95:86:ae:9b:ba:c1:e0:73:
39:4a:96:5e:31:31:4c:02:3c:a0:5e:15:ae:b9:11:f2:c1:ae:
5c:97:be:16:2f:18:38:a1:ba:db:88:81:ac:c1:78:9e:98:44:
e5:fe:93:77:f1:e1:7e:d6:82:48:07:1c:35:60:33:3f:88:f5:
19:a4:39:0d:e5:45:d6:b7:eb:83:54:2a:50:00:35:ad:43:d8:
77:fb:f5:3c:85:4e:1d:4e:a9:5e:d2:7d:25:26:f3:7a:d9:3a:
d3:72:b6:53:c1:82:ba:8f:44:26:27:11:5e:9e:e0:44:27:c3:
c6:fd:42:16:37:c9:a7:aa:21:73:fc:47:b6:80:75:f6:a2:74:
1f:fd:8b:c4:29:52:16:56:f3:14:cb:c7:34:89:c0:97:32:5f:
d8:09:30:b6:27:91:dd:f3:1d:fd:36:1c:91:c3:c5:c9:48:fb:
ab:41:99:77:9e:2a:27:0c:a1:97:07:e3:9f:de:23:bb:78:76:
33:5c:c2:8e:e6:e1:95:87:c8:0e:03:14:fd:67:69:e7:13:d7:
18:23:94:78
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw
NTI3MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA1QTU1RERFOThGMUY4
RkQzNzA4QTM0QjRDQ0M4OUM1QzYyMkI1MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5167PYn1hb7QhSIRgX077OdDxSBf2JKlNMqZzzWgHKYme4gyo
YKzAkc20aE4utOkjtnArdfpNmknu9q2acaF8Jr4QysXpV+VQFsK5qFmj/+KehXpQ
hIIvIoLoDPCwy1H5splbwco5OmeR9RQtt+5gZl5GlednsrTLYBAyRys8vjz00w/o
0tarHY6O1Zk5RuiEmr97xQRRrN41yxG7OJ1qykGhMIzOOOwUk/iXDCOr9xZRL1hl
0HG2a/G9ka5pcA1OkbvRtAYvIkXVbLH9FU2XbzBPgn2Nu6AW7uopdUNJzB/UNEmZ
qU95dSUcNVKA60fGQYpO7KVshneYHhl7WswlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUBaVd3pjx+P03CKNLTMyJxcYitRwwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9CYVZkM3BqeC1QMDNDS05MVE15
SnhjWWl0Uncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjIEz
MA0GCSqGSIb3DQEBCwUAA4IBAQAIxcbp2FV5kgZCE7XdcdrC6HqeVdnNjtDwDvw3
MX3pIrUYEmrcwxrNNc872d9slYaum7rB4HM5SpZeMTFMAjygXhWuuRHywa5cl74W
Lxg4obrbiIGswXiemETl/pN38eF+1oJIBxw1YDM/iPUZpDkN5UXWt+uDVCpQADWt
Q9h3+/U8hU4dTqle0n0lJvN62TrTcrZTwYK6j0QmJxFenuBEJ8PG/UIWN8mnqiFz
/Ee2gHX2onQf/YvEKVIWVvMUy8c0icCXMl/YCTC2J5Hd8x39NhyRw8XJSPurQZl3
nionDKGXB+Of3iO7eHYzXMKO5uGVh8gOAxT9Z2nnE9cYI5R4
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:18:06 2025 by rpki-client