Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/h2yxcq545GJgzNro8QCVLLWCuGw.roa
File: h2yxcq545GJgzNro8QCVLLWCuGw.roa (raw, json)
Hash identifier: 7XXR1huGwm2wJ2HHiw7/UQKAjh92V8b5mj0wuiVT6j0=
Subject key identifier: 87:6C:B1:72:AE:78:E4:62:60:CC:DA:E8:F1:00:95:2C:B5:82:B8:6C
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 0C99
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/h2yxcq545GJgzNro8QCVLLWCuGw.roa
Signing time: Mon 10 Feb 2025 14:24:21 +0000
ROA not before: Mon 10 Feb 2025 14:24:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 103.123.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Aug 2025 08:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3225 (0xc99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Feb 10 14:24:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=876CB172AE78E46260CCDAE8F100952CB582B86C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:d3:d6:fb:ba:b6:d6:0c:e9:47:d8:f8:f0:
c8:8d:3f:5f:88:35:3b:67:d5:03:9a:48:63:d6:01:
9a:24:59:9b:77:45:b0:51:a8:7b:e2:71:9b:57:9f:
85:29:d4:a3:a4:68:bc:81:34:c7:21:76:52:b6:fc:
97:9e:f5:70:f8:97:c7:ee:1e:eb:d7:c7:a3:27:76:
9d:36:a6:dc:7f:cc:7e:c7:66:0d:b7:00:7f:3b:27:
99:05:65:64:76:4d:d4:c0:5b:ea:18:b3:b4:fc:f7:
c1:33:7c:dc:62:66:d4:87:b0:8e:6a:55:4b:58:d1:
42:c4:fe:f6:1a:e9:38:e1:a8:b0:77:3b:e5:66:6f:
a1:f5:57:d9:64:a1:06:20:f4:5e:19:c1:e6:6c:2c:
4c:37:d3:5b:99:2d:50:b1:2a:1d:b6:23:1b:a6:ed:
aa:d8:39:1b:45:ba:d7:81:16:29:9d:71:63:27:b9:
57:18:fb:bb:dd:65:a9:30:b3:90:12:10:94:df:82:
93:1e:b6:06:b3:ae:04:fb:3f:ec:17:35:73:8f:00:
87:59:0b:db:1a:86:0d:4e:13:28:f9:a3:94:c8:00:
f8:4c:66:31:01:ba:e5:7e:41:46:8d:cf:2d:9c:25:
40:84:b8:3e:5b:a2:1d:11:ac:7d:9f:73:06:4b:95:
bd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6C:B1:72:AE:78:E4:62:60:CC:DA:E8:F1:00:95:2C:B5:82:B8:6C
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/h2yxcq545GJgzNro8QCVLLWCuGw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.189.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ca:87:06:e9:42:f1:2e:a9:09:34:d5:7b:83:bb:89:2f:63:
a7:00:56:4b:f1:dd:6f:00:42:7b:91:b1:ee:0d:4e:10:af:be:
1d:ba:05:b8:b0:eb:24:84:c8:4e:bc:23:04:0c:26:68:85:c2:
ac:70:cd:fa:84:d1:70:b1:7e:93:30:fe:45:27:3e:b9:12:18:
c1:c7:cd:8e:ed:12:88:5c:d8:f6:e3:29:96:38:28:23:b7:c8:
6c:d1:6b:9c:de:4e:54:d7:13:37:7e:75:80:d3:83:7b:69:80:
e9:63:c9:99:7d:4c:21:f0:11:fc:51:3b:e6:af:3b:5a:c8:89:
2c:aa:76:5c:92:dd:5c:0e:3e:e2:05:42:ba:ee:57:fb:c8:40:
42:40:99:5b:f6:ce:a4:b9:1c:b3:e6:ac:3a:95:0c:43:a0:f2:
c2:d6:f3:bd:04:21:51:f0:c2:43:74:3a:04:2f:1b:de:31:20:
7f:60:c8:27:67:fd:59:01:f1:4f:2c:48:d7:41:57:64:95:a4:
f9:e2:1f:18:8a:ce:b0:03:5d:27:ec:55:d0:12:69:d5:54:3c:
0a:2d:e8:67:e4:95:8f:6c:40:73:ca:db:36:26:5a:4a:51:71:
13:1b:32:3b:ca:9d:7f:dc:a1:5d:61:01:55:d2:a6:d2:5a:f6:
b5:81:1e:66
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yNTAyMTAx
NDI0MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3NkNCMTcyQUU3OEU0
NjI2MENDREFFOEYxMDA5NTJDQjU4MkI4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9vdPW+7q21gzpR9j48MiNP1+INTtn1QOaSGPWAZokWZt3RbBR
qHvicZtXn4Up1KOkaLyBNMchdlK2/Jee9XD4l8fuHuvXx6Mndp02ptx/zH7HZg23
AH87J5kFZWR2TdTAW+oYs7T898EzfNxiZtSHsI5qVUtY0ULE/vYa6TjhqLB3O+Vm
b6H1V9lkoQYg9F4ZweZsLEw301uZLVCxKh22Ixum7arYORtFuteBFimdcWMnuVcY
+7vdZakws5ASEJTfgpMetgazrgT7P+wXNXOPAIdZC9sahg1OEyj5o5TIAPhMZjEB
uuV+QUaNzy2cJUCEuD5boh0RrH2fcwZLlb0LAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUh2yxcq545GJgzNro8QCVLLWCuGwwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL2gyeXhjcTU0NUdK
Z3pOcm84UUNWTExXQ3VHdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne70wDQYJKoZIhvcNAQELBQADggEBABnKhwbpQvEuqQk01XuDu4kvY6cA
Vkvx3W8AQnuRse4NThCvvh26Bbiw6ySEyE68IwQMJmiFwqxwzfqE0XCxfpMw/kUn
PrkSGMHHzY7tEohc2PbjKZY4KCO3yGzRa5zeTlTXEzd+dYDTg3tpgOljyZl9TCHw
EfxRO+avO1rIiSyqdlyS3VwOPuIFQrruV/vIQEJAmVv2zqS5HLPmrDqVDEOg8sLW
870EIVHwwkN0OgQvG94xIH9gyCdn/VkB8U8sSNdBV2SVpPniHxiKzrADXSfsVdAS
adVUPAot6GfklY9sQHPK2zYmWkpRcRMbMjvKnX/coV1hAVXSptJa9rWBHmY=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:43:04 2025 by rpki-client