Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/wPoYX9RHsUsMk4PGTjoy9cPrHzg.roa
File: wPoYX9RHsUsMk4PGTjoy9cPrHzg.roa (raw, json)
Hash identifier: 1noYCAGTfKfimS4L8PcXBeqqcncCz2J2i7bubNaXJV0=
Subject key identifier: C0:FA:18:5F:D4:47:B1:4B:0C:93:83:C6:4E:3A:32:F5:C3:EB:1F:38
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0C60
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/wPoYX9RHsUsMk4PGTjoy9cPrHzg.roa
Signing time: Mon 26 Aug 2024 05:28:01 +0000
ROA not before: Mon 26 Aug 2024 05:28:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131639
IP address blocks: 2403:7f40:f000::/48 maxlen: 64
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3168 (0xc60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 26 05:28:00 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C0FA185FD447B14B0C9383C64E3A32F5C3EB1F38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:48:a8:6c:a0:2b:9d:87:66:b7:ca:05:20:
ee:ae:0a:0c:d6:24:e9:89:36:31:38:a5:e7:d1:23:
3b:26:ef:14:60:ac:82:b6:7e:28:2e:5e:8c:e4:4a:
4c:48:01:cc:82:53:ea:c8:d1:44:29:7a:88:12:07:
20:f4:57:0f:d5:95:d8:14:3d:d0:1d:fe:45:b6:8f:
c4:96:9a:59:79:0c:20:3b:bf:be:82:34:c9:44:45:
d3:df:b2:c1:e1:81:65:56:5b:7b:ad:50:d2:aa:fd:
34:2c:d0:1c:e0:16:ab:e4:65:2e:ca:24:38:87:d5:
96:b0:8a:d8:b2:29:80:fb:78:05:6a:94:2f:80:55:
9a:51:63:59:63:0c:7d:d9:28:22:5d:97:5a:5c:90:
88:80:b7:f8:70:d3:ff:2a:47:ee:39:7c:ae:fd:8e:
8f:3d:ce:93:54:f9:60:52:92:bc:5b:bf:e8:e4:78:
87:72:a1:02:78:3e:f5:32:77:d7:5a:9e:85:19:1f:
d8:cd:90:68:9e:bf:e1:02:ec:b9:0c:d3:2e:4d:2a:
1b:9f:90:ae:d2:73:85:49:25:ba:98:da:64:8d:99:
a0:70:b6:29:62:94:14:91:30:87:bf:10:52:ef:31:
d5:8d:37:3c:c1:6c:4e:ab:15:ed:3e:4a:bc:9c:49:
04:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FA:18:5F:D4:47:B1:4B:0C:93:83:C6:4E:3A:32:F5:C3:EB:1F:38
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/wPoYX9RHsUsMk4PGTjoy9cPrHzg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:f000::/48
Signature Algorithm: sha256WithRSAEncryption
36:02:bc:7e:f5:0f:c4:7e:90:d8:86:55:85:84:11:52:1c:b4:
e3:7b:34:76:9b:ca:6f:52:2b:c4:27:8e:a6:94:63:ed:6d:44:
ec:ee:f0:b6:44:f9:4e:57:7e:bf:42:43:48:ea:33:fa:df:81:
82:a0:58:c3:00:8f:ab:fb:cc:41:58:2d:af:97:46:52:e9:b7:
a8:a0:fe:fa:82:01:94:62:05:dd:20:f8:fa:a5:00:e7:8c:06:
48:78:b6:b3:e7:46:f9:7f:e2:00:92:c8:07:07:0f:39:0c:ad:
6f:9e:dc:66:52:a6:78:d4:25:62:8f:af:7d:e1:c9:d4:fa:6d:
dc:61:f3:03:a3:0e:a2:89:5e:db:01:b7:82:1a:4d:66:20:0f:
c6:09:25:bb:2a:b9:6f:8c:b9:4f:8a:75:13:22:db:b8:79:ae:
35:37:bc:31:15:fa:60:fc:d5:ab:e1:e5:cd:36:b0:96:62:0c:
18:34:82:0a:21:99:70:10:14:ba:05:64:61:4e:32:77:ad:ac:
c2:cc:59:79:dd:c1:d1:c8:cf:df:db:ae:74:43:0b:70:6b:9a:
70:03:ce:95:fe:5d:a1:6e:de:f6:49:d0:57:d8:8e:3a:df:0a:
0f:35:9b:91:62:46:91:5d:fe:da:80:e7:29:4b:b8:09:a7:52:
83:02:fb:0c
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNDA4MjYw
NTI4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMwRkExODVGRDQ0N0Ix
NEIwQzkzODNDNjRFM0EzMkY1QzNFQjFGMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmeUiobKArnYdmt8oFIO6uCgzWJOmJNjE4pefRIzsm7xRgrIK2
figuXozkSkxIAcyCU+rI0UQpeogSByD0Vw/VldgUPdAd/kW2j8SWmll5DCA7v76C
NMlERdPfssHhgWVWW3utUNKq/TQs0BzgFqvkZS7KJDiH1ZawitiyKYD7eAVqlC+A
VZpRY1ljDH3ZKCJdl1pckIiAt/hw0/8qR+45fK79jo89zpNU+WBSkrxbv+jkeIdy
oQJ4PvUyd9danoUZH9jNkGiev+EC7LkM0y5NKhufkK7Sc4VJJbqY2mSNmaBwtili
lBSRMIe/EFLvMdWNNzzBbE6rFe0+SrycSQSHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUwPoYX9RHsUsMk4PGTjoy9cPrHzgwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL3dQb1lYOVJIc1VzTWs0UEdUam95OWNQ
ckh6Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw
DQYJKoZIhvcNAQELBQADggEBADYCvH71D8R+kNiGVYWEEVIctON7NHabym9SK8Qn
jqaUY+1tROzu8LZE+U5Xfr9CQ0jqM/rfgYKgWMMAj6v7zEFYLa+XRlLpt6ig/vqC
AZRiBd0g+PqlAOeMBkh4trPnRvl/4gCSyAcHDzkMrW+e3GZSpnjUJWKPr33hydT6
bdxh8wOjDqKJXtsBt4IaTWYgD8YJJbsquW+MuU+KdRMi27h5rjU3vDEV+mD81avh
5c02sJZiDBg0ggohmXAQFLoFZGFOMnetrMLMWXndwdHIz9/brnRDC3BrmnADzpX+
XaFu3vZJ0FfYjjrfCg81m5FiRpFd/tqA5ylLuAmnUoMC+ww=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:08 2025 by rpki-client