Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/XCt8VUG5H5Xq0ErqLZ2e_nBG9hc.roa
File: XCt8VUG5H5Xq0ErqLZ2e_nBG9hc.roa (raw, json)
Hash identifier: OzqkO9ydz7qKN3dxLch2fZuWrRDmWuc8YKkjWy90XGw=
Subject key identifier: 5C:2B:7C:55:41:B9:1F:95:EA:D0:4A:EA:2D:9D:9E:FE:70:46:F6:17
Certificate issuer: /CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6
Certificate serial: 0BEA
Authority key identifier: C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/XCt8VUG5H5Xq0ErqLZ2e_nBG9hc.roa
Signing time: Mon 26 Aug 2024 05:32:22 +0000
ROA not before: Mon 26 Aug 2024 05:32:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 133955
IP address blocks: 223.165.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 13:55:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3050 (0xbea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C28F57324E766BC5E9FA99C4D7AD4C40D3958FC6
Validity
Not Before: Aug 26 05:32:22 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5C2B7C5541B91F95EAD04AEA2D9D9EFE7046F617
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:63:9d:f0:d8:2f:c9:12:bf:76:be:dd:94:
f8:aa:09:74:d6:f4:27:ae:81:98:97:75:fb:f4:74:
9d:6d:4a:d3:5f:d3:b8:79:00:64:17:cb:7d:48:a7:
3f:2a:78:7e:ba:cb:ad:d4:42:b0:1c:f5:ed:9e:46:
7e:fe:a2:2a:83:ab:e1:e1:da:ef:0d:12:52:b0:5d:
6a:af:5c:f8:08:ae:0c:59:6c:00:ea:42:fc:ae:ec:
da:69:dc:c7:13:c7:99:0b:a6:4b:bf:47:cd:a0:aa:
77:56:61:82:96:d5:21:0f:bb:0c:30:69:d4:96:07:
19:13:2e:85:99:de:60:08:36:74:34:43:80:c9:a1:
fb:e7:06:e1:9f:7d:9e:00:e6:29:3e:96:4e:10:a8:
bf:bf:32:79:c7:0d:d9:2f:6a:b1:45:77:d6:34:03:
da:f4:d8:7a:71:6e:91:27:3c:f0:07:cc:48:a6:8a:
0c:e7:3e:d5:a3:b0:d7:b8:d5:d7:e4:c6:54:35:68:
5d:0f:27:06:a1:4b:e2:78:5a:63:05:04:0e:b2:85:
f2:b6:16:01:63:40:84:85:f4:dd:66:39:99:e2:59:
00:e8:70:ea:64:49:ed:d4:b4:d5:c8:d1:57:a3:16:
77:31:c6:9b:0f:0b:5d:fb:e6:09:40:2d:8f:cc:1d:
08:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2B:7C:55:41:B9:1F:95:EA:D0:4A:EA:2D:9D:9E:FE:70:46:F6:17
X509v3 Authority Key Identifier:
keyid:C2:8F:57:32:4E:76:6B:C5:E9:FA:99:C4:D7:AD:4C:40:D3:95:8F:C6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/wo9XMk52a8Xp-pnE161MQNOVj8Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wo9XMk52a8Xp-pnE161MQNOVj8Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWD-COM-TW/XCt8VUG5H5Xq0ErqLZ2e_nBG9hc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.165.15.0/24
Signature Algorithm: sha256WithRSAEncryption
60:1e:f1:dd:4c:99:49:56:74:f6:c5:51:6d:45:fc:a2:54:04:
c1:1b:16:53:b3:1d:24:0c:69:42:af:12:07:26:76:ba:3f:3b:
52:0d:6b:13:17:8f:fb:ab:8d:47:0e:77:f1:55:f2:ea:5f:8f:
d9:b0:72:0f:e0:d7:dd:2b:8f:a8:cd:09:13:9f:7f:eb:3b:16:
9d:d0:42:9d:61:b3:fa:e3:15:bd:fa:51:c7:ae:5e:12:3f:c3:
34:38:be:52:61:fc:fb:19:6a:c4:bc:9b:11:41:a2:fb:55:93:
29:11:2a:96:a9:07:da:07:b5:41:ce:99:93:d7:a4:99:ef:d3:
58:08:f5:d6:a6:11:6b:b0:03:22:2a:b6:a6:46:6e:1d:47:88:
7f:e9:a1:4b:f9:22:e7:97:0d:26:0f:4c:af:a3:48:81:a7:d4:
3e:d6:34:d6:22:ee:29:70:3a:91:8b:6e:f6:fb:17:58:24:e8:
7d:41:8e:15:ff:c3:c2:fe:4c:38:ba:c3:2e:93:de:95:ee:5f:
84:62:9b:f5:6f:c9:cd:ff:f9:2b:31:10:2d:06:d7:cb:36:f5:
09:be:b5:35:25:a4:54:df:69:42:e7:58:11:eb:ec:e8:2a:70:
da:99:45:85:cc:fe:ed:79:cd:54:3d:2b:f0:a9:5b:9d:97:84:
50:b9:28:21
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICC+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI4
RjU3MzI0RTc2NkJDNUU5RkE5OUM0RDdBRDRDNDBEMzk1OEZDNjAeFw0yNDA4MjYw
NTMyMjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDMkI3QzU1NDFCOTFG
OTVFQUQwNEFFQTJEOUQ5RUZFNzA0NkY2MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCImOd8NgvyRK/dr7dlPiqCXTW9CeugZiXdfv0dJ1tStNf07h5
AGQXy31Ipz8qeH66y63UQrAc9e2eRn7+oiqDq+Hh2u8NElKwXWqvXPgIrgxZbADq
Qvyu7Npp3McTx5kLpku/R82gqndWYYKW1SEPuwwwadSWBxkTLoWZ3mAINnQ0Q4DJ
ofvnBuGffZ4A5ik+lk4QqL+/MnnHDdkvarFFd9Y0A9r02HpxbpEnPPAHzEimigzn
PtWjsNe41dfkxlQ1aF0PJwahS+J4WmMFBA6yhfK2FgFjQISF9N1mOZniWQDocOpk
Se3UtNXI0VejFncxxpsPC1375glALY/MHQidAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUXCt8VUG5H5Xq0ErqLZ2e/nBG9hcwHwYDVR0jBBgwFoAUwo9XMk52a8Xp+pnE
161MQNOVj8YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdELUNP
TS1UVy93bzlYTWs1MmE4WHAtcG5FMTYxTVFOT1ZqOFkuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL3dvOVhNazUyYThYcC1wbkUxNjFNUU5PVmo4WS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXRC1DT00tVFcvWEN0OFZVRzVI
NVhxMEVycUxaMmVfbkJHOWhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAN+lDzANBgkqhkiG9w0BAQsFAAOCAQEAYB7x3UyZSVZ09sVRbUX8olQE
wRsWU7MdJAxpQq8SByZ2uj87Ug1rExeP+6uNRw538VXy6l+P2bByD+DX3SuPqM0J
E59/6zsWndBCnWGz+uMVvfpRx65eEj/DNDi+UmH8+xlqxLybEUGi+1WTKREqlqkH
2ge1Qc6Zk9ekme/TWAj11qYRa7ADIiq2pkZuHUeIf+mhS/ki55cNJg9Mr6NIgafU
PtY01iLuKXA6kYtu9vsXWCTofUGOFf/Dwv5MOLrDLpPele5fhGKb9W/Jzf/5KzEQ
LQbXyzb1Cb61NSWkVN9pQudYEevs6Cpw2plFhcz+7XnNVD0r8KlbnZeEULkoIQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:51 2025 by rpki-client