Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/mTHzUpQ1e1Juagv6b0QqzqUpdmQ.roa
File: mTHzUpQ1e1Juagv6b0QqzqUpdmQ.roa (raw, json)
Hash identifier: DXK2u9KEOzx/5Z+zSK4bJ11SjdmMJ1wqG1GOsgKOuj8=
Subject key identifier: 99:31:F3:52:94:35:7B:52:6E:6A:0B:FA:6F:44:2A:CE:A5:29:76:64
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F5E
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mTHzUpQ1e1Juagv6b0QqzqUpdmQ.roa
Signing time: Mon 10 Feb 2025 14:08:00 +0000
ROA not before: Mon 10 Feb 2025 14:08:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 192.72.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Aug 2025 08:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3934 (0xf5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9931F35294357B526E6A0BFA6F442ACEA5297664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:9b:30:97:ab:6a:4d:c0:21:98:2d:5f:1d:
0d:91:81:a8:0a:5e:e1:2a:29:1b:7f:63:26:1a:52:
ee:20:9e:f4:75:af:e9:7c:b0:43:26:f2:71:f0:d4:
6d:a6:88:d9:5c:22:ee:b8:61:68:9e:b5:38:bf:1d:
01:e6:9e:84:f6:0f:e7:49:b1:f1:b9:5e:e6:b7:82:
f6:5a:47:33:fa:81:72:0c:ef:d0:0c:d2:e7:0a:51:
df:75:87:24:1f:64:bd:83:96:2a:e3:8c:50:fc:f2:
d4:02:b5:3b:86:14:bd:7e:df:ff:0e:92:18:b7:08:
b2:64:b9:8d:a7:07:d8:90:86:68:90:18:7b:63:83:
f6:23:55:0e:36:a5:60:9c:3d:6a:7e:c1:25:d4:d3:
4e:47:35:1f:0a:a0:16:ad:c6:f5:14:15:f9:8f:cd:
86:e0:e8:dc:6c:a4:cc:1e:60:44:1a:22:89:f5:57:
8c:c5:85:d3:e5:f7:20:b7:85:d9:40:c1:16:26:e1:
63:9c:83:80:44:c0:28:5e:df:74:dc:3b:16:19:62:
53:76:4d:2e:ff:61:e7:f4:81:ea:6f:d5:87:b0:d7:
0a:16:de:c6:b6:be:7e:a1:60:fe:65:2e:a9:41:d5:
c5:aa:f5:9d:91:e6:22:2d:af:cd:2b:be:24:a9:1f:
72:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:31:F3:52:94:35:7B:52:6E:6A:0B:FA:6F:44:2A:CE:A5:29:76:64
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/mTHzUpQ1e1Juagv6b0QqzqUpdmQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.4.0/22
Signature Algorithm: sha256WithRSAEncryption
40:ee:6e:7e:9f:5a:d6:f7:ad:f6:4b:95:b6:22:4c:6a:66:9d:
84:43:d0:bf:76:cf:58:19:a3:82:52:d6:c5:3d:45:8f:8e:74:
ab:0a:cc:50:39:c3:72:14:a6:de:0b:fb:7f:15:3c:29:09:67:
e0:d6:a4:91:75:f4:de:44:db:51:79:7a:68:d5:0f:d6:5b:80:
34:c0:e1:6c:2b:2f:28:16:11:8d:8c:f6:f8:01:fb:1c:85:c1:
20:c7:0d:f5:7c:00:0c:a5:a6:ff:8f:9c:a5:f2:9d:3a:e7:93:
d9:a4:9e:ee:e7:8f:46:cd:d9:c9:2e:43:53:24:32:4d:0b:5f:
5b:12:a7:dc:86:d3:e0:89:2a:29:08:ec:9e:28:75:c9:1a:24:
7c:04:90:6b:fe:fa:c6:6b:07:0a:f5:be:ba:ca:72:e8:a3:95:
fd:4c:06:ef:e5:a6:c3:ec:c9:fe:6d:8d:4c:74:de:3e:9a:69:
c0:0c:28:30:1f:c8:e9:9a:b2:ed:73:ad:15:f3:78:14:2f:42:
4e:60:30:0e:1c:a1:f6:46:cb:43:27:b9:b3:fd:0d:1d:72:c0:
4a:49:88:1e:a2:24:d1:6e:b6:58:36:dc:0f:d1:e4:94:e8:19:
cf:93:56:80:52:a1:b5:a4:84:a9:fd:56:03:77:3b:6a:7b:71:
06:5c:54:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk5MzFGMzUyOTQzNTdC
NTI2RTZBMEJGQTZGNDQyQUNFQTUyOTc2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClDZswl6tqTcAhmC1fHQ2RgagKXuEqKRt/YyYaUu4gnvR1r+l8
sEMm8nHw1G2miNlcIu64YWietTi/HQHmnoT2D+dJsfG5Xua3gvZaRzP6gXIM79AM
0ucKUd91hyQfZL2DlirjjFD88tQCtTuGFL1+3/8Okhi3CLJkuY2nB9iQhmiQGHtj
g/YjVQ42pWCcPWp+wSXU005HNR8KoBatxvUUFfmPzYbg6NxspMweYEQaIon1V4zF
hdPl9yC3hdlAwRYm4WOcg4BEwChe33TcOxYZYlN2TS7/Yef0gepv1Yew1woW3sa2
vn6hYP5lLqlB1cWq9Z2R5iItr80rviSpH3JFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmTHzUpQ1e1Juagv6b0QqzqUpdmQwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbVRIelVwUTFlMUp1YWd2NmIwUXF6
cVVwZG1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsBIBDAN
BgkqhkiG9w0BAQsFAAOCAQEAQO5ufp9a1vet9kuVtiJMamadhEPQv3bPWBmjglLW
xT1Fj450qwrMUDnDchSm3gv7fxU8KQln4NakkXX03kTbUXl6aNUP1luANMDhbCsv
KBYRjYz2+AH7HIXBIMcN9XwADKWm/4+cpfKdOueT2aSe7uePRs3ZyS5DUyQyTQtf
WxKn3IbT4IkqKQjsnih1yRokfASQa/76xmsHCvW+uspy6KOV/UwG7+Wmw+zJ/m2N
THTePpppwAwoMB/I6Zqy7XOtFfN4FC9CTmAwDhyh9kbLQye5s/0NHXLASkmIHqIk
0W62WDbcD9HklOgZz5NWgFKhtaSEqf1WA3c7antxBlxUng==
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:44:58 2025 by rpki-client