Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/HiNEzXz7ZgsPzuicSu34n1s06zU.roa
File: HiNEzXz7ZgsPzuicSu34n1s06zU.roa (raw, json)
Hash identifier: Von/lRMetfwEeS/44bNYNUFxVSGTrjs6P4OUBonDR3w=
Subject key identifier: 1E:23:44:CD:7C:FB:66:0B:0F:CE:E8:9C:4A:ED:F8:9F:5B:34:EB:35
Certificate issuer: /CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
Certificate serial: 0123
Authority key identifier: EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/HiNEzXz7ZgsPzuicSu34n1s06zU.roa
Signing time: Wed 09 Oct 2024 00:08:29 +0000
ROA not before: Wed 09 Oct 2024 00:08:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 2914
IP address blocks: 202.160.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291 (0x123)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ECD2FDC38522A74A422DE7BD1C026D55E08D9E9A
Validity
Not Before: Oct 9 00:08:29 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1E2344CD7CFB660B0FCEE89C4AEDF89F5B34EB35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ac:07:b8:ee:a7:35:e9:5f:22:9b:17:e1:07:
a6:b2:74:7b:58:6e:78:0b:46:81:d4:b8:bd:8e:b5:
a7:c5:10:ec:44:25:19:78:fa:8f:80:5a:aa:5f:fc:
86:a8:4e:4f:dd:0a:a8:28:62:33:ef:6d:9a:b2:85:
11:02:21:c2:e0:b9:29:5d:72:40:1f:bb:2f:4e:6b:
68:8e:a9:d3:1f:42:ec:75:d5:ba:15:22:a8:42:59:
8c:65:8a:68:2a:10:c9:a0:e1:a9:1d:d9:b5:c1:6e:
3b:ab:d3:52:26:0d:42:ee:31:b8:64:eb:95:fe:7a:
56:df:e5:55:9a:f9:2c:1c:9e:dc:c4:cf:8b:3f:2c:
b1:68:a9:a7:66:79:6b:91:d8:12:02:8b:92:61:05:
ff:e8:5f:5e:a2:25:43:49:9b:0b:ec:0d:af:a6:f2:
73:a1:13:d0:14:1e:13:d2:47:32:26:d8:98:ec:c6:
59:ac:f2:6f:3d:46:3c:3e:14:01:bc:ba:d4:67:5d:
7f:ec:1e:8d:0e:1c:82:73:bc:5e:fd:10:fa:a0:8b:
48:67:ba:8d:a6:a4:e9:e1:ba:c2:74:d8:68:e2:25:
d5:8d:3c:d8:eb:75:5b:7f:1b:8b:69:51:13:b6:f4:
52:77:e9:99:87:82:e8:27:b6:c9:8d:51:83:d7:f2:
b7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:23:44:CD:7C:FB:66:0B:0F:CE:E8:9C:4A:ED:F8:9F:5B:34:EB:35
X509v3 Authority Key Identifier:
keyid:EC:D2:FD:C3:85:22:A7:4A:42:2D:E7:BD:1C:02:6D:55:E0:8D:9E:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/7NL9w4Uip0pCLee9HAJtVeCNnpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7NL9w4Uip0pCLee9HAJtVeCNnpo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TPSILKERA/HiNEzXz7ZgsPzuicSu34n1s06zU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.160.64.0/21
Signature Algorithm: sha256WithRSAEncryption
97:86:39:e6:8a:18:e4:2a:a1:10:8b:f5:82:20:20:1f:fd:18:
31:7c:af:f4:b2:00:ab:38:2e:4e:35:21:e2:3c:e0:bf:32:43:
08:7c:b7:7c:1b:fa:8e:46:44:4e:8c:d6:24:00:68:47:57:e7:
43:00:2d:bd:85:af:c5:5a:29:fd:d5:b1:29:b5:c6:a8:8f:0c:
f5:61:bb:04:84:ae:83:72:71:b5:10:00:de:64:c7:f4:3f:35:
fa:01:31:4b:dd:8f:f9:f7:e6:6b:48:d1:f8:46:ae:13:53:38:
cd:b4:a3:63:60:e4:84:0e:ed:d5:35:51:ff:8f:75:5d:7b:72:
15:6e:a2:cc:7c:e7:28:9f:19:70:ed:bb:52:d3:9b:bd:e7:db:
92:cf:4d:41:55:0a:26:1c:c1:b3:b5:e0:28:f8:ec:4e:e8:6f:
98:9d:0d:da:51:fa:fc:a4:53:c3:8b:f7:22:a2:f2:d4:40:de:
e9:39:e5:c2:8a:cd:32:0a:7a:13:e0:d1:14:63:12:f9:54:f8:
75:41:d8:db:4b:4a:93:f4:b3:a5:f9:00:01:d7:97:5a:29:c7:
e3:9e:7d:23:5d:4c:7d:5d:8f:e0:17:81:76:cb:76:bc:8d:ff:
e2:19:f9:fd:80:16:f4:c5:97:e0:c7:e2:9c:a7:7d:13:cf:7e:
93:eb:41:1d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICASMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUNE
MkZEQzM4NTIyQTc0QTQyMkRFN0JEMUMwMjZENTVFMDhEOUU5QTAeFw0yNDEwMDkw
MDA4MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFMjM0NENEN0NGQjY2
MEIwRkNFRTg5QzRBRURGODlGNUIzNEVCMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5rAe47qc16V8imxfhB6aydHtYbngLRoHUuL2OtafFEOxEJRl4
+o+AWqpf/IaoTk/dCqgoYjPvbZqyhRECIcLguSldckAfuy9Oa2iOqdMfQux11boV
IqhCWYxlimgqEMmg4akd2bXBbjur01ImDULuMbhk65X+elbf5VWa+SwcntzEz4s/
LLFoqadmeWuR2BICi5JhBf/oX16iJUNJmwvsDa+m8nOhE9AUHhPSRzIm2Jjsxlms
8m89Rjw+FAG8utRnXX/sHo0OHIJzvF79EPqgi0hnuo2mpOnhusJ02GjiJdWNPNjr
dVt/G4tpURO29FJ36ZmHgugntsmNUYPX8rcBAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUHiNEzXz7ZgsPzuicSu34n1s06zUwHwYDVR0jBBgwFoAU7NL9w4Uip0pCLee9
HAJtVeCNnpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxL
RVJBLzdOTDl3NFVpcDBwQ0xlZTlIQUp0VmVDTm5wby5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvN05MOXc0VWlwMHBDTGVlOUhBSnRWZUNObnBvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFBTSUxLRVJBL0hpTkV6WHo3Wmdz
UHp1aWNTdTM0bjFzMDZ6VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPKoEAwDQYJKoZIhvcNAQELBQADggEBAJeGOeaKGOQqoRCL9YIgIB/9GDF8
r/SyAKs4Lk41IeI84L8yQwh8t3wb+o5GRE6M1iQAaEdX50MALb2Fr8VaKf3VsSm1
xqiPDPVhuwSEroNycbUQAN5kx/Q/NfoBMUvdj/n35mtI0fhGrhNTOM20o2Ng5IQO
7dU1Uf+PdV17chVuosx85yifGXDtu1LTm73n25LPTUFVCiYcwbO14Cj47E7ob5id
DdpR+vykU8OL9yKi8tRA3uk55cKKzTIKehPg0RRjEvlU+HVB2NtLSpP0s6X5AAHX
l1opx+OefSNdTH1dj+AXgXbLdryN/+IZ+f2AFvTFl+DH4pynfRPPfpPrQR0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:48:17 2025 by rpki-client