Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa
File: mHKLaJUu5fP_elsl-G5gAp2rfXk.roa (raw, json)
Hash identifier: QB03YnuSFCeAN1Ac2kq4YgmmY/WJZkL8zUL/lfuohbM=
Subject key identifier: 98:72:8B:68:95:2E:E5:F3:FF:7A:5B:25:F8:6E:60:02:9D:AB:7D:79
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1221
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa
Signing time: Mon 10 Feb 2025 14:28:06 +0000
ROA not before: Mon 10 Feb 2025 14:28:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 219.91.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Aug 2025 09:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4641 (0x1221)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=98728B68952EE5F3FF7A5B25F86E60029DAB7D79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:80:5b:2b:d7:32:95:da:b7:05:b2:23:38:13:
bb:0c:0e:9a:01:2b:84:46:bc:9f:0d:0b:29:e6:58:
92:65:3c:e7:a7:0d:81:b5:81:3a:1e:dd:53:c6:c2:
39:cb:c9:d0:6d:5a:74:a4:d0:de:48:88:6c:e4:02:
f9:c4:e9:f9:6c:9e:4b:4e:9c:21:1b:76:5b:92:a0:
c0:70:54:51:67:52:1c:a7:2a:ab:4f:04:c7:c3:a2:
ca:ce:1f:a4:79:d6:1c:6a:6f:60:f5:1b:cb:9f:b2:
50:b1:28:a2:03:2a:20:38:b9:c4:24:5a:f2:a9:6d:
43:9d:c7:e6:ab:e1:23:f8:ea:ad:d0:2a:8a:e9:d6:
4e:0e:02:3a:cf:f5:d1:34:dd:49:69:bb:6b:95:28:
7a:97:3d:f3:8b:13:d2:ac:10:18:ab:85:4d:65:2f:
cc:a7:6c:4c:10:5a:ac:f3:76:45:20:71:bc:aa:a4:
31:27:7c:c1:08:aa:c0:3d:d3:e3:04:66:ee:8e:49:
7f:90:ff:16:9a:99:c2:0a:45:cb:4c:5f:4e:49:fb:
45:a1:e6:39:77:53:82:ba:49:f8:bd:7a:51:7c:57:
f8:f7:dd:70:a9:30:b0:97:31:1a:c2:17:68:c4:ad:
4d:8e:49:fc:fa:90:a1:0b:4b:f9:a1:f3:2e:b1:f3:
0b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:72:8B:68:95:2E:E5:F3:FF:7A:5B:25:F8:6E:60:02:9D:AB:7D:79
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mHKLaJUu5fP_elsl-G5gAp2rfXk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.64.0/22
Signature Algorithm: sha256WithRSAEncryption
95:b5:37:35:88:b1:ee:84:34:4d:73:ba:7d:ea:ba:95:a9:af:
0e:09:75:e7:86:93:f5:21:8c:df:5e:45:3e:b3:69:b0:96:e6:
ee:2a:09:4b:ca:94:b1:af:aa:6b:a9:6b:54:31:4a:13:35:5a:
fc:1a:d9:d5:a7:75:3a:09:21:0a:88:64:f8:31:5c:2e:12:d9:
53:1e:a2:c5:31:0b:47:04:a5:f7:db:75:28:95:2f:ff:f5:89:
2d:17:8b:16:17:af:d4:b5:6b:fb:9e:8f:aa:99:22:8c:8c:dd:
1a:e1:1d:35:4c:a5:40:f5:b7:dc:c2:49:00:f3:6b:79:12:b6:
bf:15:ab:d1:6c:b7:ea:03:ce:6b:5a:74:69:d8:d5:d9:68:32:
53:48:55:57:93:09:de:31:bb:2b:2b:fc:9d:b3:54:fa:16:0c:
81:ba:fa:48:9c:75:06:c2:98:81:22:2d:30:7b:0d:0f:9b:ab:
ea:9a:39:7a:17:c6:47:83:4c:0e:31:3c:ca:cd:61:20:5f:6c:
6b:52:c6:96:c4:c9:d9:23:ef:6c:73:8d:ec:b4:f6:be:f4:88:
f0:ed:b3:21:46:75:5e:8a:1a:f5:aa:b6:af:03:41:7d:61:bc:
a4:0c:3d:74:82:96:17:7f:fc:82:b1:78:d3:54:a0:b9:e7:f2:
f6:0d:fd:69
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk4NzI4QjY4OTUyRUU1
RjNGRjdBNUIyNUY4NkU2MDAyOURBQjdENzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJgFsr1zKV2rcFsiM4E7sMDpoBK4RGvJ8NCynmWJJlPOenDYG1
gToe3VPGwjnLydBtWnSk0N5IiGzkAvnE6flsnktOnCEbdluSoMBwVFFnUhynKqtP
BMfDosrOH6R51hxqb2D1G8ufslCxKKIDKiA4ucQkWvKpbUOdx+ar4SP46q3QKorp
1k4OAjrP9dE03Ulpu2uVKHqXPfOLE9KsEBirhU1lL8ynbEwQWqzzdkUgcbyqpDEn
fMEIqsA90+MEZu6OSX+Q/xaamcIKRctMX05J+0Wh5jl3U4K6Sfi9elF8V/j33XCp
MLCXMRrCF2jErU2OSfz6kKELS/mh8y6x8wsFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUmHKLaJUu5fP/elsl+G5gAp2rfXkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL21IS0xhSlV1NWZQX2Vsc2wtRzVnQXAy
cmZYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALbW0AwDQYJ
KoZIhvcNAQELBQADggEBAJW1NzWIse6ENE1zun3qupWprw4JdeeGk/UhjN9eRT6z
abCW5u4qCUvKlLGvqmupa1QxShM1Wvwa2dWndToJIQqIZPgxXC4S2VMeosUxC0cE
pffbdSiVL//1iS0XixYXr9S1a/uej6qZIoyM3RrhHTVMpUD1t9zCSQDza3kStr8V
q9Fst+oDzmtadGnY1dloMlNIVVeTCd4xuysr/J2zVPoWDIG6+kicdQbCmIEiLTB7
DQ+bq+qaOXoXxkeDTA4xPMrNYSBfbGtSxpbEydkj72xzjey09r70iPDtsyFGdV6K
GvWqtq8DQX1hvKQMPXSClhd//IKxeNNUoLnn8vYN/Wk=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:41:39 2025 by rpki-client