Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/qKO8GlXpUqBoTSeayKgcfGmbiAQ.roa
File: qKO8GlXpUqBoTSeayKgcfGmbiAQ.roa (raw, json)
Hash identifier: qFjhVQYRzvZ7sRpbVtAd7Vjsr4KneCO1brNijdXmOGc=
Subject key identifier: A8:A3:BC:1A:55:E9:52:A0:68:4D:27:9A:C8:A8:1C:7C:69:9B:88:04
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E73
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/qKO8GlXpUqBoTSeayKgcfGmbiAQ.roa
Signing time: Mon 10 Feb 2025 14:16:22 +0000
ROA not before: Mon 10 Feb 2025 14:16:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38847
IP address blocks: 140.120.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 17 Feb 2025 09:14:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3699 (0xe73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A8A3BC1A55E952A0684D279AC8A81C7C699B8804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b2:8e:8b:b5:f1:65:a2:42:0c:8d:9e:5b:88:
62:69:66:36:de:9d:90:c4:65:67:8e:d4:ff:8a:15:
98:78:5d:84:38:a0:29:d3:b3:bb:c1:9a:8c:bb:95:
7e:2c:60:2c:62:a4:21:3c:04:aa:23:b6:ff:78:3d:
50:14:dd:3f:f0:48:06:52:61:77:30:20:4d:b1:cf:
f4:f0:1e:0d:bc:25:8c:56:39:c8:be:47:80:46:39:
a4:e2:c7:dc:fc:1d:66:71:61:de:87:33:3b:e1:13:
6a:66:dd:c1:2b:45:69:ca:51:8f:6f:59:34:d0:be:
da:d4:5a:77:4e:fe:b8:1e:34:f6:f2:77:61:bb:85:
43:f4:f7:41:dd:e9:4e:1b:1c:46:64:b8:4a:49:4e:
98:56:13:03:25:00:0b:cf:60:52:5d:64:c7:5c:05:
db:4d:11:28:3a:ce:41:9e:e8:b8:8d:4b:47:05:4f:
93:e9:0a:6e:95:11:40:a3:19:1b:bc:94:6d:4e:b3:
a7:3b:40:4b:df:d9:cc:48:a1:d8:05:b6:08:85:44:
56:ce:51:86:f3:61:a9:ab:f5:01:74:44:1b:e4:4e:
b7:29:cc:1f:dc:cc:f2:58:2d:80:df:36:fd:c3:d3:
a9:65:75:d2:8f:8e:04:6f:93:33:93:9f:e7:bb:c6:
39:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A3:BC:1A:55:E9:52:A0:68:4D:27:9A:C8:A8:1C:7C:69:9B:88:04
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/qKO8GlXpUqBoTSeayKgcfGmbiAQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.120.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:2d:36:ad:24:92:3c:9f:d4:c6:6a:25:8f:42:34:38:66:3c:
e2:b9:b6:01:62:08:1c:8a:71:31:0a:7b:db:ea:f7:80:c9:ca:
73:d0:63:06:db:7f:58:5b:20:82:ee:f1:00:fc:f6:94:2a:19:
82:74:51:a6:75:5e:60:12:eb:d8:8a:f2:67:4b:8e:f7:c8:7c:
67:c5:4e:81:8c:bd:6b:7d:09:cc:a1:31:a2:ed:7f:6c:45:cd:
06:62:e3:6d:39:74:8b:e5:66:cc:f8:c3:d1:80:d8:eb:ee:5a:
4b:cb:9e:cc:81:95:75:84:17:03:0f:8f:43:2c:eb:12:a2:11:
75:ec:08:91:72:a9:15:14:53:69:da:a2:bf:db:a3:c1:fc:4b:
9e:c8:4d:2a:bf:b4:f1:84:59:15:f0:c4:e9:f0:82:51:a6:34:
f0:0a:7e:c8:3d:fb:92:6f:4e:02:49:f0:c8:b3:54:c3:11:e0:
51:f3:d5:a7:95:5d:78:97:11:f1:3d:f2:d3:43:d2:f7:5b:aa:
17:e3:b4:52:08:d9:26:a4:1a:b1:a4:de:3c:67:a9:b6:bb:cb:
ff:a1:2c:d2:11:a6:9e:e1:6c:6f:19:54:23:45:50:28:c4:a6:
10:98:c4:c0:be:29:3d:62:af:92:95:45:c4:ce:7b:bd:3a:d7:
69:99:12:28
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDnMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4QTNCQzFBNTVFOTUy
QTA2ODREMjc5QUM4QTgxQzdDNjk5Qjg4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpso6LtfFlokIMjZ5biGJpZjbenZDEZWeO1P+KFZh4XYQ4oCnT
s7vBmoy7lX4sYCxipCE8BKojtv94PVAU3T/wSAZSYXcwIE2xz/TwHg28JYxWOci+
R4BGOaTix9z8HWZxYd6HMzvhE2pm3cErRWnKUY9vWTTQvtrUWndO/rgeNPbyd2G7
hUP090Hd6U4bHEZkuEpJTphWEwMlAAvPYFJdZMdcBdtNESg6zkGe6LiNS0cFT5Pp
Cm6VEUCjGRu8lG1Os6c7QEvf2cxIodgFtgiFRFbOUYbzYamr9QF0RBvkTrcpzB/c
zPJYLYDfNv3D06llddKPjgRvkzOTn+e7xjmzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUqKO8GlXpUqBoTSeayKgcfGmbiAQwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9xS084R2xYcFVxQm9UU2VheUtn
Y2ZHbWJpQVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHgw
DQYJKoZIhvcNAQELBQADggEBAGQtNq0kkjyf1MZqJY9CNDhmPOK5tgFiCByKcTEK
e9vq94DJynPQYwbbf1hbIILu8QD89pQqGYJ0UaZ1XmAS69iK8mdLjvfIfGfFToGM
vWt9CcyhMaLtf2xFzQZi4205dIvlZsz4w9GA2OvuWkvLnsyBlXWEFwMPj0Ms6xKi
EXXsCJFyqRUUU2naor/bo8H8S57ITSq/tPGEWRXwxOnwglGmNPAKfsg9+5JvTgJJ
8MizVMMR4FHz1aeVXXiXEfE98tND0vdbqhfjtFII2SakGrGk3jxnqba7y/+hLNIR
pp7hbG8ZVCNFUCjEphCYxMC+KT1ir5KVRcTOe70612mZEig=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:58 2025 by rpki-client