Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/P_AziLk5gVY0X0Msqjugpn1EcRQ.roa
File: P_AziLk5gVY0X0Msqjugpn1EcRQ.roa (raw, json)
Hash identifier: 4Lt9GzVR0p3NtshcuSbuRPMhbp54IL0mbCRT7gHc0s8=
Subject key identifier: 3F:F0:33:88:B9:39:81:56:34:5F:43:2C:AA:3B:A0:A6:7D:44:71:14
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0DF1
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/P_AziLk5gVY0X0Msqjugpn1EcRQ.roa
Signing time: Mon 26 Aug 2024 05:27:23 +0000
ROA not before: Mon 26 Aug 2024 05:27:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3569 (0xdf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Aug 26 05:27:23 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3FF03388B9398156345F432CAA3BA0A67D447114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cc:b4:25:c4:64:05:33:ef:04:25:48:0b:19:
05:41:65:2a:4d:3f:70:13:fc:4c:2a:88:69:85:3c:
4e:8e:24:d9:5d:cf:67:78:0d:a2:bb:3d:d2:43:8c:
f8:b2:a8:c9:d5:94:84:e7:24:8f:82:f7:5a:88:4f:
34:0d:45:6a:49:dd:fd:db:bb:94:6b:c8:71:f5:08:
a8:f6:2a:a3:c7:c5:0f:e1:71:b7:24:d5:82:c6:67:
c9:26:30:c2:66:b2:a7:15:8c:d6:3f:ea:07:d6:f6:
99:d0:53:60:1a:a2:f6:60:3a:83:57:60:d1:3a:bb:
cb:c6:c2:fc:b0:c3:85:21:10:f2:7f:15:6d:fe:3e:
88:2f:8a:2f:a1:03:da:ca:0f:52:22:9d:2a:bf:43:
da:5c:ea:44:e1:44:66:76:f1:27:aa:5d:74:b3:bc:
8e:dd:a2:08:a9:7a:20:b9:7d:0b:60:d2:1e:9e:6f:
4a:78:82:09:df:d5:4f:ac:6e:b2:a3:2e:8f:18:d0:
a7:18:de:fe:8d:bb:75:99:12:22:36:f6:05:56:5b:
ad:00:fc:a7:29:39:5d:2a:65:e0:71:0f:c8:c8:14:
e0:08:ed:5c:ba:a0:a1:39:0b:80:e8:1f:6a:6f:01:
d6:99:5a:a5:13:64:71:95:4e:25:6d:f5:5e:d8:12:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F0:33:88:B9:39:81:56:34:5F:43:2C:AA:3B:A0:A6:7D:44:71:14
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/P_AziLk5gVY0X0Msqjugpn1EcRQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.64.0/20
Signature Algorithm: sha256WithRSAEncryption
16:29:9f:a1:b9:f8:6b:ec:ba:9a:31:12:20:bc:6d:3b:24:e0:
05:a0:13:38:56:e8:56:06:1b:70:f7:79:0e:79:39:4e:41:61:
42:4f:ed:a1:28:48:95:a5:51:62:7e:b3:17:8e:96:d4:2c:76:
78:cf:24:46:3b:0f:37:ed:98:22:a9:70:24:3c:ab:0d:46:21:
6d:e9:f0:60:96:de:bc:15:70:14:73:56:9d:1b:06:25:79:39:
27:ab:56:a7:8b:26:01:dc:13:10:0c:8b:4a:e3:27:47:68:6f:
1d:7f:f7:ee:36:63:37:b5:af:bd:59:b4:7c:b6:fd:26:2a:62:
5a:03:f9:0a:03:b1:25:94:e9:bd:53:bb:de:01:ed:70:2d:c3:
dc:5b:c7:09:22:b5:20:9d:f4:18:8f:41:dd:52:8c:c4:87:1a:
6e:5d:28:7c:e3:54:a9:2f:c2:3e:db:9f:39:d8:1a:ec:b2:fb:
c7:fa:1a:08:d3:37:da:50:ed:f5:19:ce:8d:79:0a:cb:e4:5c:
2b:40:4a:c7:bd:2a:b7:57:a5:58:e5:df:f4:6c:dc:20:b5:81:
c6:41:70:29:60:d6:c4:da:2f:de:85:b6:46:bf:ef:b6:e6:7b:
66:6f:f5:6d:37:82:13:6d:21:ff:2b:8b:cb:79:a0:52:0c:3e:
06:2f:6c:78
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw
NTI3MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGRjAzMzg4QjkzOTgx
NTYzNDVGNDMyQ0FBM0JBMEE2N0Q0NDcxMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkzLQlxGQFM+8EJUgLGQVBZSpNP3AT/EwqiGmFPE6OJNldz2d4
DaK7PdJDjPiyqMnVlITnJI+C91qITzQNRWpJ3f3bu5RryHH1CKj2KqPHxQ/hcbck
1YLGZ8kmMMJmsqcVjNY/6gfW9pnQU2AaovZgOoNXYNE6u8vGwvyww4UhEPJ/FW3+
Pogvii+hA9rKD1IinSq/Q9pc6kThRGZ28SeqXXSzvI7dogipeiC5fQtg0h6eb0p4
ggnf1U+sbrKjLo8Y0KcY3v6Nu3WZEiI29gVWW60A/KcpOV0qZeBxD8jIFOAI7Vy6
oKE5C4DoH2pvAdaZWqUTZHGVTiVt9V7YEpuXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUP/AziLk5gVY0X0Msqjugpn1EcRQwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9QX0F6aUxrNWdWWTBYME1zcWp1
Z3BuMUVjUlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWKZ+hufhr7LqaMRIgvG07JOAFoBM4VuhWBhtw
93kOeTlOQWFCT+2hKEiVpVFifrMXjpbULHZ4zyRGOw837ZgiqXAkPKsNRiFt6fBg
lt68FXAUc1adGwYleTknq1aniyYB3BMQDItK4ydHaG8df/fuNmM3ta+9WbR8tv0m
KmJaA/kKA7EllOm9U7veAe1wLcPcW8cJIrUgnfQYj0HdUozEhxpuXSh841SpL8I+
25852BrssvvH+hoI0zfaUO31Gc6NeQrL5FwrQErHvSq3V6VY5d/0bNwgtYHGQXAp
YNbE2i/ehbZGv++25ntmb/VtN4ITbSH/K4vLeaBSDD4GL2x4
-----END CERTIFICATE-----
Generated at Mon Apr 14 14:44:59 2025 by rpki-client