Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TCSKY/Y3FVZVkLUyxjiOXYW0FwTj4Dm0Q.roa
File: Y3FVZVkLUyxjiOXYW0FwTj4Dm0Q.roa (raw, json)
Hash identifier: SMLFT2zHxajrHaEmX4M2ik67JmOoJHGzjQB/tgZqNHA=
Subject key identifier: 63:71:55:65:59:0B:53:2C:63:88:E5:D8:5B:41:70:4E:3E:03:9B:44
Certificate issuer: /CN=4F000CB6DDD37487A6DE1F7EADBDA12708EB2C19
Certificate serial: 05
Authority key identifier: 4F:00:0C:B6:DD:D3:74:87:A6:DE:1F:7E:AD:BD:A1:27:08:EB:2C:19
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TwAMtt3TdIem3h9-rb2hJwjrLBk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TCSKY/Y3FVZVkLUyxjiOXYW0FwTj4Dm0Q.roa
Signing time: Thu 19 Dec 2024 15:17:37 +0000
ROA not before: Thu 19 Dec 2024 15:17:37 +0000
ROA not after: Fri 07 Nov 2025 15:30:19 +0000
asID: 63908
IP address blocks: 160.191.202.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4F000CB6DDD37487A6DE1F7EADBDA12708EB2C19
Validity
Not Before: Dec 19 15:17:37 2024 GMT
Not After : Nov 7 15:30:19 2025 GMT
Subject: CN=63715565590B532C6388E5D85B41704E3E039B44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:2f:8a:95:7e:a5:a1:4b:5e:3c:7e:a4:4b:
59:52:f8:a6:f5:b5:0c:3b:43:f9:71:e2:0f:23:a0:
c8:28:de:1f:b4:e1:80:60:6d:d0:59:b5:14:9e:ff:
23:f0:f0:0c:82:aa:82:7e:4c:ae:c4:ef:17:a7:d9:
2e:5f:93:cf:ca:30:ab:ed:09:2c:88:ee:ab:78:05:
13:8f:9d:a1:16:0a:20:71:f6:a9:0c:8d:db:7e:e9:
fd:7f:a9:d2:7d:7f:c6:b0:32:b0:21:64:73:9a:cf:
54:49:45:bc:69:42:cb:f4:c0:04:8b:59:9c:45:22:
bc:82:8e:22:eb:a9:87:cd:dc:88:b5:b6:a4:89:27:
b9:d1:05:df:9e:a5:cc:18:72:55:80:ae:6d:12:0d:
72:28:92:4c:3f:8e:a3:48:dd:61:da:1e:72:16:de:
87:43:25:39:bf:97:3f:22:ae:40:03:f1:92:a2:78:
d9:fc:3f:be:68:3a:2a:de:a2:f9:d0:4e:30:3f:26:
15:3d:58:e1:eb:20:8b:f0:a4:0b:f9:5d:0a:0a:9a:
6e:fe:32:bd:29:0f:92:65:4a:69:e5:c5:61:9e:81:
d4:c9:e2:71:50:db:ec:89:98:da:b6:e0:18:c9:6c:
22:78:a6:23:eb:23:3d:f8:27:36:53:80:5a:a5:35:
44:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:71:55:65:59:0B:53:2C:63:88:E5:D8:5B:41:70:4E:3E:03:9B:44
X509v3 Authority Key Identifier:
keyid:4F:00:0C:B6:DD:D3:74:87:A6:DE:1F:7E:AD:BD:A1:27:08:EB:2C:19
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCSKY/TwAMtt3TdIem3h9-rb2hJwjrLBk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TwAMtt3TdIem3h9-rb2hJwjrLBk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TCSKY/Y3FVZVkLUyxjiOXYW0FwTj4Dm0Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.202.0/23
Signature Algorithm: sha256WithRSAEncryption
98:41:20:2d:22:20:af:82:a8:ed:95:7e:03:10:33:a4:7d:95:
f6:8e:28:df:c4:b6:40:22:ef:cd:aa:ca:b6:a8:5a:f5:50:2e:
1c:56:54:a1:60:c2:e2:16:c6:2d:8b:f7:07:00:ae:01:2f:44:
c6:dd:88:e8:29:c3:f7:6e:7c:f0:19:fb:01:6d:5b:37:4c:a7:
a3:c5:72:7e:26:8e:0b:49:ad:72:5c:c8:11:fb:50:72:da:ff:
7b:5b:2a:12:ba:43:81:20:84:3f:3f:c3:8b:5b:cb:54:82:92:
ca:2f:ee:a8:f7:9c:24:eb:70:6a:19:c3:88:19:9e:9b:9d:06:
27:13:33:9e:5b:61:e2:da:65:cd:75:89:6c:d5:6c:84:3d:59:
02:35:24:31:42:96:74:51:dd:8d:4c:91:7c:dc:ef:56:2f:8b:
04:b7:94:ac:a8:9e:5f:45:2c:8b:e1:f5:da:3a:7f:79:f1:24:
93:33:44:77:77:e1:0c:0e:5a:8f:b1:aa:27:d7:76:03:ce:6b:
4a:2b:4b:96:32:27:12:18:0b:a6:a4:b6:83:2d:d9:e0:d9:ab:
0f:f1:52:76:7b:23:ed:1a:78:df:0b:53:26:d8:99:ce:b2:9e:
ee:fc:68:85:37:b3:97:8b:79:d2:a9:e9:19:45:e7:17:8f:99:
48:92:ab:d5
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0RjAw
MENCNkRERDM3NDg3QTZERTFGN0VBREJEQTEyNzA4RUIyQzE5MB4XDTI0MTIxOTE1
MTczN1oXDTI1MTEwNzE1MzAxOVowMzExMC8GA1UEAxMoNjM3MTU1NjU1OTBCNTMy
QzYzODhFNUQ4NUI0MTcwNEUzRTAzOUI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALHqL4qVfqWhS148fqRLWVL4pvW1DDtD+XHiDyOgyCjeH7ThgGBt
0Fm1FJ7/I/DwDIKqgn5MrsTvF6fZLl+Tz8owq+0JLIjuq3gFE4+doRYKIHH2qQyN
237p/X+p0n1/xrAysCFkc5rPVElFvGlCy/TABItZnEUivIKOIuuph83ciLW2pIkn
udEF356lzBhyVYCubRINciiSTD+Oo0jdYdoechbeh0MlOb+XPyKuQAPxkqJ42fw/
vmg6Kt6i+dBOMD8mFT1Y4esgi/CkC/ldCgqabv4yvSkPkmVKaeXFYZ6B1MnicVDb
7ImY2rbgGMlsInimI+sjPfgnNlOAWqU1RCMCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBRjcVVlWQtTLGOI5dhbQXBOPgObRDAfBgNVHSMEGDAWgBRPAAy23dN0h6beH36t
vaEnCOssGTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQ1NLWS9U
d0FNdHQzVGRJZW0zaDktcmIyaEp3anJMQmsuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1R3QU10dDNUZEllbTNoOS1yYjJoSndqckxCay5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RDU0tZL1kzRlZaVmtMVXl4amlPWFlXMEZ3
VGo0RG0wUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGgv8ow
DQYJKoZIhvcNAQELBQADggEBAJhBIC0iIK+CqO2VfgMQM6R9lfaOKN/EtkAi782q
yraoWvVQLhxWVKFgwuIWxi2L9wcArgEvRMbdiOgpw/dufPAZ+wFtWzdMp6PFcn4m
jgtJrXJcyBH7UHLa/3tbKhK6Q4EghD8/w4tby1SCksov7qj3nCTrcGoZw4gZnpud
BicTM55bYeLaZc11iWzVbIQ9WQI1JDFClnRR3Y1MkXzc71YviwS3lKyonl9FLIvh
9do6f3nxJJMzRHd34QwOWo+xqifXdgPOa0orS5YyJxIYC6aktoMt2eDZqw/xUnZ7
I+0aeN8LUybYmc6ynu78aIU3s5eLedKp6RlF5xePmUiSq9U=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:37:35 2025 by rpki-client