Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/yrF0SRYRWfMvPeHlHMm-z9BTVKQ.roa
File: yrF0SRYRWfMvPeHlHMm-z9BTVKQ.roa (raw, json)
Hash identifier: huL5OTQfKgfJ+e3UruHkSHDp9OKhM03ld8L7od488gc=
Subject key identifier: CA:B1:74:49:16:11:59:F3:2F:3D:E1:E5:1C:C9:BE:CF:D0:53:54:A4
Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Certificate serial: 0219
Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/yrF0SRYRWfMvPeHlHMm-z9BTVKQ.roa
Signing time: Mon 26 Aug 2024 05:28:20 +0000
ROA not before: Mon 26 Aug 2024 05:28:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 31972
IP address blocks: 103.159.206.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:05:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 537 (0x219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Validity
Not Before: Aug 26 05:28:20 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CAB17449161159F32F3DE1E51CC9BECFD05354A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:51:c6:f0:74:c1:f0:6e:fa:82:c6:87:cf:
c4:f9:fd:2f:bd:29:0f:45:8e:4c:8a:57:cf:e6:72:
c9:95:c4:ad:6b:ee:c2:fa:50:b4:24:4e:0f:46:9c:
a7:32:e3:92:01:3a:7d:29:70:9f:e9:aa:29:5c:2f:
36:83:9f:90:ef:5a:10:a4:11:cd:86:62:a3:61:a8:
fd:7b:9c:7a:f0:c6:6a:48:8f:12:fb:ac:b3:5c:f3:
57:e4:d4:45:45:08:a6:ed:c1:05:1e:0f:c3:b8:18:
87:27:c4:36:1d:fa:19:c1:6a:57:dc:fd:4f:40:c5:
af:82:5f:e2:de:d6:df:eb:b5:72:17:c0:a5:99:ed:
d8:b1:fe:e4:ba:2c:8b:d1:82:3e:a5:01:bb:68:98:
3c:81:ae:28:9b:20:c0:4b:96:61:66:4b:65:f3:9c:
76:90:c4:5e:96:b9:4b:2e:92:fa:91:d0:3e:80:a0:
fa:5e:0a:b9:ac:d4:44:5d:1f:9f:01:a4:b3:9b:6f:
0a:f0:e8:e6:76:80:ac:06:73:19:49:d9:d2:6a:e9:
7e:ea:08:4a:e2:0a:e9:33:7c:ec:c3:de:80:d6:84:
ec:79:f4:84:bf:06:9f:da:77:37:7c:63:35:08:6b:
29:16:70:9d:6e:58:a7:67:05:4c:43:25:71:d8:06:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B1:74:49:16:11:59:F3:2F:3D:E1:E5:1C:C9:BE:CF:D0:53:54:A4
X509v3 Authority Key Identifier:
keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/yrF0SRYRWfMvPeHlHMm-z9BTVKQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.206.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:41:a7:1c:48:56:de:e2:4a:07:d3:31:0f:56:25:76:d0:42:
9b:8d:d3:dd:86:c7:3b:be:8f:70:26:f5:8a:83:6a:e9:42:a2:
ca:ce:46:b6:a8:25:cd:f8:e9:e1:35:93:45:5b:a5:05:ee:03:
c8:2d:37:d7:2f:dc:8f:d9:a2:89:af:0e:19:d8:4a:c8:9f:94:
90:1b:40:83:95:d6:a0:20:51:54:8e:79:58:2a:35:1f:d4:15:
1d:8a:49:68:52:5a:36:da:f0:fd:b1:0a:0b:a0:4b:23:1f:8d:
ee:e7:bc:e6:e8:fb:ce:71:48:25:3b:8b:3d:e6:be:b1:ab:2b:
f6:91:5f:a3:0b:6b:f2:a9:aa:14:15:9a:c9:73:35:ef:ab:c4:
f4:a5:01:74:05:bf:78:84:cb:05:e7:98:84:44:8d:de:9b:a3:
28:53:61:b6:4c:58:9c:2d:36:6c:7a:d8:be:42:aa:7f:3f:86:
9e:f1:a6:77:ad:72:a9:95:78:76:f1:d7:eb:bd:14:6f:55:95:
72:b8:2e:62:b3:4c:95:5d:56:73:98:21:31:8d:25:84:6c:7a:
e8:10:d2:14:8f:25:fc:ba:2a:af:05:eb:5f:18:3e:f6:f1:da:
83:97:60:bc:a2:93:ab:ab:6c:7c:9c:4c:29:73:61:ce:39:2e:
69:f7:2c:06
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAhkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4
RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yNDA4MjYw
NTI4MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENBQjE3NDQ5MTYxMTU5
RjMyRjNERTFFNTFDQzlCRUNGRDA1MzU0QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCselHG8HTB8G76gsaHz8T5/S+9KQ9FjkyKV8/mcsmVxK1r7sL6
ULQkTg9GnKcy45IBOn0pcJ/pqilcLzaDn5DvWhCkEc2GYqNhqP17nHrwxmpIjxL7
rLNc81fk1EVFCKbtwQUeD8O4GIcnxDYd+hnBalfc/U9Axa+CX+Le1t/rtXIXwKWZ
7dix/uS6LIvRgj6lAbtomDyBriibIMBLlmFmS2XznHaQxF6WuUsukvqR0D6AoPpe
Crms1ERdH58BpLObbwrw6OZ2gKwGcxlJ2dJq6X7qCEriCukzfOzD3oDWhOx59IS/
Bp/adzd8YzUIaykWcJ1uWKdnBUxDJXHYBkBHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyrF0SRYRWfMvPeHlHMm+z9BTVKQwHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU
onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L
WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMveXJGMFNSWVJXZk12UGVIbEhNbS16
OUJUVktRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN
BgkqhkiG9w0BAQsFAAOCAQEA10GnHEhW3uJKB9MxD1YldtBCm43T3YbHO76PcCb1
ioNq6UKiys5Gtqglzfjp4TWTRVulBe4DyC031y/cj9miia8OGdhKyJ+UkBtAg5XW
oCBRVI55WCo1H9QVHYpJaFJaNtrw/bEKC6BLIx+N7ue85uj7znFIJTuLPea+sasr
9pFfowtr8qmqFBWayXM176vE9KUBdAW/eITLBeeYhESN3pujKFNhtkxYnC02bHrY
vkKqfz+GnvGmd61yqZV4dvHX670Ub1WVcrguYrNMlV1Wc5ghMY0lhGx66BDSFI8l
/LoqrwXrXxg+9vHag5dgvKKTq6tsfJxMKXNhzjkuafcsBg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:45 2025 by rpki-client