![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
File: yAll1fJxqNY_si24isF7uLE0R_o.roa (raw, json)
Hash identifier: fOMvgBGAQijZBIghN4YvgCFdlBwnbx68JwLX53UmnP4=
Subject key identifier: C8:09:65:D5:F2:71:A8:D6:3F:B2:2D:B8:8A:C1:7B:B8:B1:34:47:FA
Certificate issuer: /CN=08469E113701815993013E13E548A2B340E44E0A
Certificate serial: 21D7
Authority key identifier: 08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
Signing time: Mon 26 Aug 2024 05:33:23 +0000
ROA not before: Mon 26 Aug 2024 05:33:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24164
IP address blocks: 114.198.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:18:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8663 (0x21d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08469E113701815993013E13E548A2B340E44E0A
Validity
Not Before: Aug 26 05:33:23 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C80965D5F271A8D63FB22DB88AC17BB8B13447FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c9:01:16:67:7c:90:fc:0d:c1:57:9d:5a:ab:
11:38:ee:7d:66:0b:fa:d4:7e:2c:97:fd:5a:a2:22:
32:10:7a:0a:a6:f1:c0:74:37:6b:e9:70:35:eb:28:
30:b5:64:5e:f3:57:d7:92:94:42:2c:3b:7f:7e:00:
a0:e0:6f:90:a8:8c:53:61:ee:e7:18:f4:ff:b0:90:
a6:08:08:eb:ad:0b:dd:a5:7d:11:62:e7:f6:6a:f0:
ff:ff:4c:ab:44:28:5f:91:52:41:fb:56:dd:ac:99:
f0:65:f8:25:0b:ff:1d:6a:42:f2:02:0c:f6:a2:52:
2d:a2:c9:53:06:0f:18:b6:80:65:43:31:97:00:71:
d0:47:70:38:ce:d3:cb:d6:1e:1e:6a:99:da:f1:fc:
d1:06:de:39:9a:e5:90:69:5d:e9:0c:0f:d8:f2:ac:
40:7f:2a:98:88:64:84:0d:5a:f9:04:7a:ca:6a:47:
4f:d2:63:90:82:df:df:f5:5b:eb:9a:83:46:00:28:
8e:d8:ea:8b:5c:0c:7a:73:a6:43:93:b8:62:d0:16:
9f:f0:ba:ff:a0:02:74:18:72:72:4f:7e:07:67:03:
54:57:40:4f:eb:9d:43:69:87:2d:95:ab:44:bd:a9:
21:ac:5c:4c:16:83:58:d9:de:19:87:df:35:17:a7:
ee:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:09:65:D5:F2:71:A8:D6:3F:B2:2D:B8:8A:C1:7B:B8:B1:34:47:FA
X509v3 Authority Key Identifier:
keyid:08:46:9E:11:37:01:81:59:93:01:3E:13:E5:48:A2:B3:40:E4:4E:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/CEaeETcBgVmTAT4T5Uiis0DkTgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CEaeETcBgVmTAT4T5Uiis0DkTgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UBBNET/yAll1fJxqNY_si24isF7uLE0R_o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.198.165.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:6e:ce:a1:07:cd:0d:e5:84:8d:73:f1:5a:5d:31:cc:b2:f3:
ec:49:29:3c:db:4a:33:41:ec:75:b2:f2:b4:15:a0:9a:66:04:
d8:da:f9:23:55:fb:d6:11:4c:92:aa:6f:ef:1b:1e:ad:9b:f0:
45:9f:1e:1c:c6:42:c2:ef:6f:95:80:66:ec:1e:a0:0d:21:38:
be:e6:3c:14:86:24:4d:56:a0:2d:50:9f:14:03:65:47:39:9a:
0c:9d:21:14:25:f7:2e:59:79:67:77:b0:4d:84:56:75:66:c4:
f7:d3:5f:cb:c5:76:42:07:8a:19:76:33:4a:37:e0:b5:a7:4b:
c3:ac:da:a5:03:d4:09:8c:9a:9f:09:30:f0:50:84:32:1a:52:
7b:fb:28:4e:c1:b8:0d:e9:56:67:08:a0:40:e4:39:19:9b:ae:
0c:1f:52:b5:1e:19:98:d7:07:be:cc:01:da:8a:a2:b4:48:80:
0e:f7:7e:23:e0:f4:16:11:a9:c9:33:3f:72:24:2f:eb:3c:56:
1e:40:4f:d4:a7:14:b4:a2:29:c1:04:42:d2:03:1a:54:2e:5e:
62:0b:a2:6e:87:1a:f9:31:65:8f:1a:42:d3:0d:cc:78:e1:e5:
08:fb:8e:e9:b6:69:a4:5d:fd:7a:b0:ab:12:d6:de:30:e7:31:
54:9e:cf:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDg0
NjlFMTEzNzAxODE1OTkzMDEzRTEzRTU0OEEyQjM0MEU0NEUwQTAeFw0yNDA4MjYw
NTMzMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM4MDk2NUQ1RjI3MUE4
RDYzRkIyMkRCODhBQzE3QkI4QjEzNDQ3RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQyQEWZ3yQ/A3BV51aqxE47n1mC/rUfiyX/VqiIjIQegqm8cB0
N2vpcDXrKDC1ZF7zV9eSlEIsO39+AKDgb5CojFNh7ucY9P+wkKYICOutC92lfRFi
5/Zq8P//TKtEKF+RUkH7Vt2smfBl+CUL/x1qQvICDPaiUi2iyVMGDxi2gGVDMZcA
cdBHcDjO08vWHh5qmdrx/NEG3jma5ZBpXekMD9jyrEB/KpiIZIQNWvkEespqR0/S
Y5CC39/1W+uag0YAKI7Y6otcDHpzpkOTuGLQFp/wuv+gAnQYcnJPfgdnA1RXQE/r
nUNphy2Vq0S9qSGsXEwWg1jZ3hmH3zUXp+4FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyAll1fJxqNY/si24isF7uLE0R/owHwYDVR0jBBgwFoAUCEaeETcBgVmTAT4T
5Uiis0DkTgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVU
L0NFYWVFVGNCZ1ZtVEFUNFQ1VWlpczBEa1Rnby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvQ0VhZUVUY0JnVm1UQVQ0VDVVaWlzMERrVGdvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUJCTkVUL3lBbGwxZkp4cU5ZX3NpMjRp
c0Y3dUxFMFJfby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABy
xqUwDQYJKoZIhvcNAQELBQADggEBAI5uzqEHzQ3lhI1z8VpdMcyy8+xJKTzbSjNB
7HWy8rQVoJpmBNja+SNV+9YRTJKqb+8bHq2b8EWfHhzGQsLvb5WAZuweoA0hOL7m
PBSGJE1WoC1QnxQDZUc5mgydIRQl9y5ZeWd3sE2EVnVmxPfTX8vFdkIHihl2M0o3
4LWnS8Os2qUD1AmMmp8JMPBQhDIaUnv7KE7BuA3pVmcIoEDkORmbrgwfUrUeGZjX
B77MAdqKorRIgA73fiPg9BYRqckzP3IkL+s8Vh5AT9SnFLSiKcEEQtIDGlQuXmIL
om6HGvkxZY8aQtMNzHjh5Qj7jum2aaRd/XqwqxLW3jDnMVSez5s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:58:12 2025 by rpki-client