Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa
File: kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa (raw, json)
Hash identifier: MG8hX4OnI/l15DTmieSgrOk+6K+5AO8V8yQ1EKUR8+g=
Subject key identifier: 93:14:E3:51:B6:76:4A:F3:A4:58:C1:9D:74:B9:0F:73:BC:65:63:41
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 12CD
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa
Signing time: Mon 26 Aug 2024 05:32:34 +0000
ROA not before: Mon 26 Aug 2024 05:32:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131644
IP address blocks: 101.101.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4813 (0x12cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Aug 26 05:32:34 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9314E351B6764AF3A458C19D74B90F73BC656341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:59:ef:18:9b:97:92:4d:9e:c1:a5:a1:17:c0:
51:a8:9f:17:63:82:fb:85:5b:b7:bc:c6:1c:61:1b:
c9:89:9b:1a:06:64:e5:95:b0:73:bf:c7:a2:17:bf:
f8:34:8b:6e:3d:a7:6c:d9:44:18:fb:44:ac:29:3e:
36:8e:96:3e:7d:7a:c2:cd:99:04:50:e2:9f:9d:72:
fc:7b:19:d5:fa:ee:de:b5:e8:56:41:b0:4f:7f:c7:
7d:b5:93:8b:85:24:68:65:9d:ab:d5:62:91:8e:2d:
52:12:67:6c:84:98:93:b5:64:79:aa:bd:37:ea:30:
59:c9:be:5b:15:64:85:3e:64:a3:a1:ac:63:ee:f9:
ef:0e:9d:af:74:f7:4c:9d:c8:e2:d1:cd:9f:17:3a:
09:c7:48:3b:56:e1:5b:c3:12:08:5a:c0:17:f8:51:
46:24:0d:00:24:1a:50:c6:ce:a2:21:81:3e:3e:5a:
4d:d6:f0:c0:eb:50:e6:90:d3:99:be:00:e4:5d:5f:
b5:2d:af:35:b5:73:84:ef:3e:f0:cf:50:84:3b:d8:
6e:97:a2:9b:52:ea:81:8a:4e:21:7e:83:0e:ac:31:
2a:42:3a:31:a2:13:7f:ba:15:69:4f:79:5c:fb:67:
35:60:f4:36:da:27:07:3f:01:f3:21:96:0c:1b:ea:
2b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:14:E3:51:B6:76:4A:F3:A4:58:C1:9D:74:B9:0F:73:BC:65:63:41
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/kxTjUbZ2SvOkWMGddLkPc7xlY0E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.101.101.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c1:2c:f5:06:e4:d5:86:87:0b:37:83:54:69:be:0e:cd:d6:
06:2c:81:5a:a3:32:69:11:9e:57:e3:dc:60:61:a8:e7:2d:a9:
b9:d6:cc:80:97:fb:90:ca:87:2d:ac:7b:c6:40:c8:af:12:dc:
47:d9:d8:d9:1d:90:53:e6:67:fe:f5:35:89:d4:79:10:4c:15:
39:b5:c9:df:bc:d5:f1:94:82:22:f5:28:71:91:a0:64:51:e0:
97:5a:19:76:46:96:70:0b:9f:db:b3:ae:98:bb:f0:68:ec:37:
14:32:08:c1:61:da:95:dc:a4:f0:e3:ba:10:95:cd:d8:e1:90:
d8:f4:cc:f4:02:0b:44:79:31:6f:3f:bc:78:80:15:0d:ca:64:
83:8e:b5:12:b7:62:4f:5e:e6:fb:7c:d0:2b:f4:21:b2:de:bc:
90:69:8a:74:db:67:ab:d5:5b:d9:1a:da:56:42:e0:e0:e8:0d:
c6:b7:f9:73:3b:ae:90:18:cc:05:53:85:33:b7:31:85:61:c2:
c2:74:5f:df:05:1b:fa:98:bc:50:3b:d3:71:1d:a4:d8:34:b3:
79:4d:7f:68:46:20:e4:e3:2c:9c:1d:eb:38:ae:4c:45:95:7e:
19:60:b4:f5:62:14:0f:ff:90:1a:ed:f0:a5:6b:ae:d2:8b:8b:
5f:4f:4a:eb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw
NTMyMzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkzMTRFMzUxQjY3NjRB
RjNBNDU4QzE5RDc0QjkwRjczQkM2NTYzNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKWe8Ym5eSTZ7BpaEXwFGonxdjgvuFW7e8xhxhG8mJmxoGZOWV
sHO/x6IXv/g0i249p2zZRBj7RKwpPjaOlj59esLNmQRQ4p+dcvx7GdX67t616FZB
sE9/x321k4uFJGhlnavVYpGOLVISZ2yEmJO1ZHmqvTfqMFnJvlsVZIU+ZKOhrGPu
+e8Ona9090ydyOLRzZ8XOgnHSDtW4VvDEghawBf4UUYkDQAkGlDGzqIhgT4+Wk3W
8MDrUOaQ05m+AORdX7UtrzW1c4TvPvDPUIQ72G6XoptS6oGKTiF+gw6sMSpCOjGi
E3+6FWlPeVz7ZzVg9DbaJwc/AfMhlgwb6isvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkxTjUbZ2SvOkWMGddLkPc7xlY0EwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9reFRqVWJaMlN2T2tXTUdkZExr
UGM3eGxZMEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWVl
MA0GCSqGSIb3DQEBCwUAA4IBAQANwSz1BuTVhocLN4NUab4OzdYGLIFaozJpEZ5X
49xgYajnLam51syAl/uQyoctrHvGQMivEtxH2djZHZBT5mf+9TWJ1HkQTBU5tcnf
vNXxlIIi9ShxkaBkUeCXWhl2RpZwC5/bs66Yu/Bo7DcUMgjBYdqV3KTw47oQlc3Y
4ZDY9Mz0AgtEeTFvP7x4gBUNymSDjrUSt2JPXub7fNAr9CGy3ryQaYp022er1VvZ
GtpWQuDg6A3Gt/lzO66QGMwFU4UztzGFYcLCdF/fBRv6mLxQO9NxHaTYNLN5TX9o
RiDk4yycHes4rkxFlX4ZYLT1YhQP/5Aa7fCla67Si4tfT0rr
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:11:09 2025 by rpki-client