Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa
File: 2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa (raw, json)
Hash identifier: p9r8UYg6EyrP7n2+ea2Ykd3IpMUlVE/7ZrkLyJ5PiuE=
Subject key identifier: DA:19:81:50:AD:FE:63:E8:B9:19:D0:D2:90:D9:A5:98:82:61:C0:48
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1249
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa
Signing time: Mon 10 Feb 2025 14:28:15 +0000
ROA not before: Mon 10 Feb 2025 14:28:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 219.91.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Aug 2025 09:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4681 (0x1249)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DA198150ADFE63E8B919D0D290D9A5988261C048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d1:2a:f0:98:6e:22:44:69:3d:a8:38:d2:a7:
9f:d2:62:a5:d8:bb:48:34:a4:34:63:2f:2f:7b:3d:
70:ff:a7:45:64:c0:76:64:bb:ba:de:33:61:10:f4:
43:ab:87:3d:cf:9c:2f:e2:47:ec:a7:7e:3d:11:ee:
42:5d:bc:39:d6:79:35:9c:f9:f6:0e:a2:c8:85:02:
7c:7e:eb:18:a9:b8:16:02:f7:1e:17:68:52:23:2a:
2c:ee:59:71:8d:1d:8c:2b:ec:f6:78:b2:d8:f5:36:
23:66:33:65:dc:14:a6:ae:4e:a2:e5:37:db:0a:a6:
a0:1a:d4:19:f0:18:1c:c5:d4:a3:91:8a:79:27:3c:
50:f5:60:fa:82:a5:e9:34:81:89:e1:c7:23:90:87:
2e:63:d9:3e:60:60:20:81:50:66:5f:3b:98:25:ec:
9f:08:db:ae:3b:50:f1:42:6d:b2:0d:ee:fa:f3:b5:
04:c1:e1:96:de:a5:ac:f8:da:ca:c0:7c:87:5f:1c:
7b:2a:25:51:06:bd:07:87:60:a6:eb:3c:53:19:9b:
dc:dd:70:02:a2:ce:60:38:d4:07:dc:e0:f0:a9:30:
ba:07:bc:8d:3e:b5:8e:d0:1f:36:43:d0:33:3f:fc:
73:ac:36:2a:26:2c:e5:b2:93:98:05:76:df:96:ca:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:19:81:50:AD:FE:63:E8:B9:19:D0:D2:90:D9:A5:98:82:61:C0:48
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/2hmBUK3-Y-i5GdDSkNmlmIJhwEg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.0.0/18
Signature Algorithm: sha256WithRSAEncryption
23:05:32:41:d4:ec:e1:37:45:10:81:95:96:66:57:ee:b1:14:
aa:81:8b:66:e0:c3:00:80:fe:a8:d4:1f:2d:ae:a9:9a:a5:d2:
71:ee:6a:37:3b:f7:ae:83:0c:92:89:37:05:44:c5:11:43:90:
dc:1c:1f:c1:f5:f0:a4:55:a9:68:85:c8:fd:03:e3:16:c9:03:
17:11:bb:89:0b:f2:05:82:c7:f8:fb:ca:4d:77:3f:5b:73:56:
46:d1:a6:a4:85:02:b0:f9:87:1d:11:19:e9:96:24:79:e2:b5:
dd:9c:72:48:f2:5b:af:6c:a2:1d:b2:f1:9d:aa:b1:04:58:63:
2f:dc:db:6c:36:3e:fb:de:1f:57:59:1e:a2:76:c7:29:e7:dc:
88:56:3e:6c:60:1a:2b:08:72:ea:6c:82:8a:fd:41:93:c3:7e:
57:d5:a3:f5:60:7f:40:e2:e0:2b:3a:39:f7:db:dc:79:cc:2b:
80:6d:80:57:9a:01:1c:de:78:42:6e:12:47:99:e5:da:2c:9a:
6b:59:b1:62:8d:e4:96:e6:b3:d4:d4:3e:28:e0:56:e1:d7:92:
ab:bf:a9:24:f4:33:57:41:eb:3a:fb:4c:68:d8:8f:21:a9:08:
4a:6e:3e:bf:9f:1f:03:f9:e5:1f:c8:57:25:12:40:87:ea:85:
c9:8a:02:90
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBMTk4MTUwQURGRTYz
RThCOTE5RDBEMjkwRDlBNTk4ODI2MUMwNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC50SrwmG4iRGk9qDjSp5/SYqXYu0g0pDRjLy97PXD/p0VkwHZk
u7reM2EQ9EOrhz3PnC/iR+ynfj0R7kJdvDnWeTWc+fYOosiFAnx+6xipuBYC9x4X
aFIjKizuWXGNHYwr7PZ4stj1NiNmM2XcFKauTqLlN9sKpqAa1BnwGBzF1KORinkn
PFD1YPqCpek0gYnhxyOQhy5j2T5gYCCBUGZfO5gl7J8I2647UPFCbbIN7vrztQTB
4Zbepaz42srAfIdfHHsqJVEGvQeHYKbrPFMZm9zdcAKizmA41Afc4PCpMLoHvI0+
tY7QHzZD0DM//HOsNiomLOWyk5gFdt+WyoaXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU2hmBUK3+Y+i5GdDSkNmlmIJhwEgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzJobUJVSzMtWS1pNUdkRFNrTm1sbUlK
aHdFZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbbWwAwDQYJ
KoZIhvcNAQELBQADggEBACMFMkHU7OE3RRCBlZZmV+6xFKqBi2bgwwCA/qjUHy2u
qZql0nHuajc7966DDJKJNwVExRFDkNwcH8H18KRVqWiFyP0D4xbJAxcRu4kL8gWC
x/j7yk13P1tzVkbRpqSFArD5hx0RGemWJHnitd2cckjyW69soh2y8Z2qsQRYYy/c
22w2PvveH1dZHqJ2xynn3IhWPmxgGisIcupsgor9QZPDflfVo/Vgf0Di4Cs6Offb
3HnMK4BtgFeaARzeeEJuEkeZ5dosmmtZsWKN5Jbms9TUPijgVuHXkqu/qST0M1dB
6zr7TGjYjyGpCEpuPr+fHwP55R/IVyUSQIfqhcmKApA=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:47:55 2025 by rpki-client