Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/oZd82siWv-A4-MgCBO8u6JX9v3U.roa
File: oZd82siWv-A4-MgCBO8u6JX9v3U.roa (raw, json)
Hash identifier: 66qd4xHlRDmIIv49fcUdPfF6z6L3ZsxwA+bUxOUfFBY=
Subject key identifier: A1:97:7C:DA:C8:96:BF:E0:38:F8:C8:02:04:EF:2E:E8:95:FD:BF:75
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0C59
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/oZd82siWv-A4-MgCBO8u6JX9v3U.roa
Signing time: Mon 26 Aug 2024 05:27:59 +0000
ROA not before: Mon 26 Aug 2024 05:27:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131639
IP address blocks: 103.129.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3161 (0xc59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 26 05:27:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A1977CDAC896BFE038F8C80204EF2EE895FDBF75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e6:02:ce:8d:50:15:1d:2f:45:8d:f6:2f:d1:
a4:48:95:ab:d3:1b:4e:db:d5:f8:6c:04:59:75:9c:
bf:d3:fd:2f:03:84:b8:15:c9:3d:fd:14:fa:4a:b7:
9d:5e:c0:5e:7b:16:6f:2f:7b:80:9b:1f:0c:aa:1a:
90:90:2b:59:12:83:cc:d9:0f:7a:19:99:d3:30:c4:
d6:58:c3:25:8d:41:78:e3:1a:c7:b7:76:19:4a:58:
cc:f4:5d:b8:dc:4a:f0:96:cd:dc:11:1e:27:bc:20:
ed:f5:3a:61:c2:49:af:f4:81:74:6a:df:f4:54:20:
19:ac:f2:b3:64:52:56:12:1d:d6:a3:9f:79:07:cf:
27:b7:50:37:9f:22:80:e4:41:08:ee:9f:08:f6:83:
60:9b:58:55:07:ee:f8:71:2f:de:2e:09:5e:46:e2:
55:a2:59:9f:86:c9:61:fa:dc:7b:42:f6:f1:5a:00:
52:8f:d9:a8:40:ec:28:52:c0:96:0b:3a:2a:d6:7b:
6e:d2:58:3a:cd:b1:71:e7:2d:eb:7b:e7:eb:a3:4b:
37:cc:60:81:5e:0c:60:b2:33:c2:8c:c8:8f:b8:8f:
1d:af:48:b9:5b:98:65:38:fb:3a:2a:d5:a5:61:46:
28:66:b9:c6:9b:b6:dd:32:f4:36:ec:4c:97:8a:52:
44:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:97:7C:DA:C8:96:BF:E0:38:F8:C8:02:04:EF:2E:E8:95:FD:BF:75
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/oZd82siWv-A4-MgCBO8u6JX9v3U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.146.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4e:9a:3d:1a:db:d1:52:b5:ec:1d:a3:2b:83:7c:1b:1e:87:
39:ee:2d:ce:38:92:a3:d0:50:37:ab:c9:32:a6:cd:4d:cf:7c:
ec:7d:2c:27:37:f8:62:51:51:4a:0f:71:08:50:07:49:99:db:
4e:93:e2:82:2e:6f:43:a3:93:55:6c:72:3e:f2:0e:e6:f5:09:
e6:9a:d8:1a:3b:b9:da:68:cd:2d:6f:20:89:3f:e0:f5:56:5d:
2e:7b:04:12:a7:95:2c:2b:8f:36:0b:d7:d0:a5:8f:35:ee:d3:
3f:20:07:74:23:d0:a9:8d:02:d3:a5:fb:02:d0:63:8b:e7:21:
03:36:cc:2b:41:45:ba:7a:f2:e0:cb:72:90:16:de:e2:6d:1d:
a5:8b:e3:e2:42:78:13:b6:f3:12:60:c3:0f:e3:31:62:02:40:
71:d2:24:53:b7:80:25:c0:04:18:16:45:d6:2d:c5:5c:d1:8b:
f7:7b:ca:5e:24:0f:78:fc:88:4d:74:3e:a7:88:ef:0d:2c:26:
6c:ea:75:4d:96:e2:40:1d:39:7a:9a:ae:ec:42:d0:54:90:b6:
a5:2c:28:e5:66:d6:7e:1e:f0:bc:ba:12:2d:22:0e:eb:84:5b:
e2:2d:0d:aa:bf:97:6d:40:98:02:5b:c9:32:cd:fd:cb:22:56:
5f:3a:1f:fd
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNDA4MjYw
NTI3NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExOTc3Q0RBQzg5NkJG
RTAzOEY4QzgwMjA0RUYyRUU4OTVGREJGNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCX5gLOjVAVHS9FjfYv0aRIlavTG07b1fhsBFl1nL/T/S8DhLgV
yT39FPpKt51ewF57Fm8ve4CbHwyqGpCQK1kSg8zZD3oZmdMwxNZYwyWNQXjjGse3
dhlKWMz0XbjcSvCWzdwRHie8IO31OmHCSa/0gXRq3/RUIBms8rNkUlYSHdajn3kH
zye3UDefIoDkQQjunwj2g2CbWFUH7vhxL94uCV5G4lWiWZ+GyWH63HtC9vFaAFKP
2ahA7ChSwJYLOirWe27SWDrNsXHnLet75+ujSzfMYIFeDGCyM8KMyI+4jx2vSLlb
mGU4+zoq1aVhRihmucabtt0y9DbsTJeKUkSLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUoZd82siWv+A4+MgCBO8u6JX9v3UwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL29aZDgyc2lXdi1BNC1NZ0NCTzh1NkpY
OXYzVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZIwDQYJ
KoZIhvcNAQELBQADggEBAIpOmj0a29FStewdoyuDfBsehznuLc44kqPQUDeryTKm
zU3PfOx9LCc3+GJRUUoPcQhQB0mZ206T4oIub0Ojk1Vscj7yDub1Ceaa2Bo7udpo
zS1vIIk/4PVWXS57BBKnlSwrjzYL19CljzXu0z8gB3Qj0KmNAtOl+wLQY4vnIQM2
zCtBRbp68uDLcpAW3uJtHaWL4+JCeBO28xJgww/jMWICQHHSJFO3gCXABBgWRdYt
xVzRi/d7yl4kD3j8iE10PqeI7w0sJmzqdU2W4kAdOXqaruxC0FSQtqUsKOVm1n4e
8Ly6Ei0iDuuEW+ItDaq/l21AmAJbyTLN/csiVl86H/0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:24 2025 by rpki-client