Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mgs_i8mfdKF0YdWaKwabuIoYq-w.roa
File: mgs_i8mfdKF0YdWaKwabuIoYq-w.roa (raw, json)
Hash identifier: aHLDhS2lKs4PkZLpKYsWAqJcRHvVjrIusJHd6TxHlUs=
Subject key identifier: 9A:0B:3F:8B:C9:9F:74:A1:74:61:D5:9A:2B:06:9B:B8:8A:18:AB:EC
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 21B8
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mgs_i8mfdKF0YdWaKwabuIoYq-w.roa
Signing time: Mon 26 Aug 2024 05:33:17 +0000
ROA not before: Mon 26 Aug 2024 05:33:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24164
IP address blocks: 49.159.112.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:18:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8632 (0x21b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Aug 26 05:33:17 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9A0B3F8BC99F74A17461D59A2B069BB88A18ABEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3a:5e:21:34:7d:bd:aa:db:10:1f:35:78:61:
3c:ed:da:a5:d9:a7:eb:ed:fe:57:3b:8a:8d:a9:7a:
98:1e:bd:4f:a7:f4:8e:f5:33:45:11:2e:9b:10:f5:
70:fd:22:55:10:ec:fb:b1:af:fc:4d:67:62:6f:20:
b8:a6:f6:f4:80:1f:2d:53:7b:27:f0:64:fc:a0:9d:
ee:92:d5:d0:2e:35:00:4c:be:bf:08:1f:e4:d0:a0:
a7:c4:dd:05:0c:03:84:8b:1e:25:e7:7f:6d:c4:21:
00:bc:c2:56:7a:41:46:64:35:9c:be:0a:16:ff:75:
ce:d4:3d:de:47:a1:b8:2f:13:e7:03:59:85:f0:e6:
f2:40:77:24:a7:e9:91:67:75:42:ff:de:80:ae:06:
6f:a5:d2:d8:5b:d6:c5:cf:59:f0:91:c7:ac:ab:c2:
7f:89:1d:7f:6d:32:3a:30:62:63:a3:dc:dc:e2:71:
ae:f2:46:e8:c4:72:63:6a:47:ef:c5:d4:8c:41:85:
4a:38:f4:2f:b3:87:b0:d5:cc:36:c8:db:7d:4c:de:
98:67:8e:ae:f9:80:e0:da:df:99:2c:18:af:b4:4c:
18:a5:be:b3:49:a5:b1:26:ee:34:c7:59:4d:ca:22:
61:0e:d7:f7:b8:05:91:16:e5:c5:aa:49:52:61:e5:
3f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0B:3F:8B:C9:9F:74:A1:74:61:D5:9A:2B:06:9B:B8:8A:18:AB:EC
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/mgs_i8mfdKF0YdWaKwabuIoYq-w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.159.112.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:c9:f0:bb:c1:77:ad:2f:b6:8f:fd:d4:62:c4:06:b9:cd:bc:
1c:dd:da:32:e9:b0:78:90:24:6c:ae:43:95:f7:69:e3:65:de:
e4:73:51:64:67:9e:8c:6e:49:21:ca:9f:b4:35:cd:43:58:3e:
ee:b9:24:12:69:e9:fc:90:eb:01:e6:ca:e7:80:8e:bb:b5:2e:
90:64:23:27:88:03:23:60:19:8b:ee:81:b3:97:c7:53:c4:8e:
22:a5:77:4f:7f:f3:e8:8f:e0:1b:db:01:19:da:88:5a:26:17:
60:40:6f:85:e6:36:57:f4:fd:14:4e:09:2b:9a:56:cf:c1:9c:
86:b2:4b:1a:37:ec:6d:5e:7e:71:d2:9d:29:5f:31:7d:8a:d8:
e8:76:3e:0b:ac:62:0b:8f:68:6b:dd:ce:4d:df:0c:72:fd:bd:
5a:2d:cd:ad:c6:81:f3:f7:6d:df:5a:38:25:c3:24:42:cf:17:
64:5d:5a:1e:7e:2e:bb:f4:9a:df:52:92:c6:fa:9d:d8:ac:3e:
63:23:b1:ad:f6:31:7e:92:0e:5f:fa:7c:6c:8d:fc:4a:dd:9a:
19:8b:f2:3b:d1:29:53:52:2f:10:74:d7:17:de:80:37:0d:16:
c6:31:28:3c:b4:6f:70:7b:34:38:52:9d:5d:81:df:4c:e9:93:
c4:31:a3:5d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIbgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw
NTMzMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlBMEIzRjhCQzk5Rjc0
QTE3NDYxRDU5QTJCMDY5QkI4OEExOEFCRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEOl4hNH29qtsQHzV4YTzt2qXZp+vt/lc7io2pepgevU+n9I71
M0URLpsQ9XD9IlUQ7Puxr/xNZ2JvILim9vSAHy1TeyfwZPygne6S1dAuNQBMvr8I
H+TQoKfE3QUMA4SLHiXnf23EIQC8wlZ6QUZkNZy+Chb/dc7UPd5HobgvE+cDWYXw
5vJAdySn6ZFndUL/3oCuBm+l0thb1sXPWfCRx6yrwn+JHX9tMjowYmOj3Nzica7y
RujEcmNqR+/F1IxBhUo49C+zh7DVzDbI231M3phnjq75gODa35ksGK+0TBilvrNJ
pbEm7jTHWU3KImEO1/e4BZEW5cWqSVJh5T+vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmgs/i8mfdKF0YdWaKwabuIoYq+wwHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL21nc19pOG1mZEtGMFlkV2FL
d2FidUlvWXEtdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMx
n3AwDQYJKoZIhvcNAQELBQADggEBAF3J8LvBd60vto/91GLEBrnNvBzd2jLpsHiQ
JGyuQ5X3aeNl3uRzUWRnnoxuSSHKn7Q1zUNYPu65JBJp6fyQ6wHmyueAjru1LpBk
IyeIAyNgGYvugbOXx1PEjiKld09/8+iP4BvbARnaiFomF2BAb4XmNlf0/RROCSua
Vs/BnIaySxo37G1efnHSnSlfMX2K2Oh2PgusYguPaGvdzk3fDHL9vVotza3GgfP3
bd9aOCXDJELPF2RdWh5+Lrv0mt9Sksb6ndisPmMjsa32MX6SDl/6fGyN/ErdmhmL
8jvRKVNSLxB01xfegDcNFsYxKDy0b3B7NDhSnV2B30zpk8Qxo10=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:54:11 2025 by rpki-client