Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa
File: P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa (raw, json)
Hash identifier: sO3W4pfC8RKbINstWl/Pv5RYUevKOnZa3OQHxJQS7Jk=
Subject key identifier: 3F:AC:56:40:48:03:82:95:C9:0E:CF:1F:AB:95:0E:25:97:1A:3C:68
Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Certificate serial: 0D1F
Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa
Signing time: Mon 10 Feb 2025 14:23:28 +0000
ROA not before: Mon 10 Feb 2025 14:23:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 101.3.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Aug 2025 09:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3359 (0xd1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Validity
Not Before: Feb 10 14:23:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3FAC564048038295C90ECF1FAB950E25971A3C68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:20:aa:25:ef:cc:f3:0c:17:6e:0e:6d:eb:bc:
01:53:2d:6e:57:de:46:95:44:da:97:90:bb:68:0c:
03:46:3a:84:b3:08:03:8e:53:86:96:97:7d:61:97:
26:0e:11:bd:fd:61:24:b8:df:a4:19:c0:5f:f7:50:
78:77:d5:d4:c6:02:9a:be:f3:a1:e8:ff:2c:6c:ba:
79:90:9f:ea:fd:72:78:c6:6a:44:73:b7:ed:08:57:
b7:dc:ae:67:aa:91:07:b4:d1:2e:1b:23:a1:fa:bf:
36:bc:37:d4:d3:5f:fe:dc:ca:e8:26:77:86:96:1d:
2f:e5:74:58:50:26:27:b2:2c:43:1c:a1:60:33:df:
1a:0b:6a:34:58:31:76:eb:fa:f8:1b:7d:09:72:92:
f2:67:66:b1:f8:04:cc:98:b7:ef:85:10:94:2a:7d:
f5:04:2a:9c:41:0a:6f:f8:37:94:e2:15:f6:2c:21:
c5:6f:ed:c1:a1:b9:26:4a:da:d3:b1:26:bd:d6:42:
f8:8f:e4:d7:1a:ab:61:24:b4:99:62:19:1a:32:c8:
93:17:88:75:79:90:c2:db:34:13:c7:82:0e:4f:a6:
72:8c:59:04:77:4c:67:c2:a4:6d:02:e5:8d:cc:3c:
f3:65:f8:67:20:f9:fc:d8:be:02:45:85:c3:94:77:
af:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AC:56:40:48:03:82:95:C9:0E:CF:1F:AB:95:0E:25:97:1A:3C:68
X509v3 Authority Key Identifier:
keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/P6xWQEgDgpXJDs8fq5UOJZcaPGg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.3.106.0/23
Signature Algorithm: sha256WithRSAEncryption
60:4e:7f:db:ae:0e:77:e5:60:88:bf:db:1f:84:df:54:4e:7a:
00:09:bc:12:15:60:fc:67:db:44:35:18:7f:05:16:bd:3b:57:
16:e6:2f:df:8b:aa:67:ad:3d:69:c5:cd:76:70:96:51:5e:c4:
c9:76:03:38:e7:ba:dd:3a:a3:5e:02:c7:b4:a7:76:e3:9a:3d:
a2:0e:d7:5f:e1:2f:da:a6:99:ed:47:d0:4e:bd:b5:09:07:11:
e4:ad:f9:1a:a2:cd:ce:05:c8:83:e3:27:51:af:cb:01:8f:f8:
ca:ba:a1:9c:65:02:24:c3:68:1f:d4:44:bf:5f:46:c1:81:51:
af:5d:2d:21:f6:5a:a1:93:b3:d4:7b:c8:50:16:84:77:af:82:
28:f3:05:0c:a6:12:38:f9:94:2a:e8:b3:ef:9a:74:0d:68:c1:
ca:0a:02:07:b3:a6:dd:c3:c8:b9:1a:c1:57:bb:19:b7:9b:ad:
9d:dd:a9:14:25:a3:f1:8c:f3:d0:14:47:f8:d3:10:21:fb:b3:
53:02:ed:18:91:d2:db:69:c5:f3:59:7d:7c:74:57:59:5f:9a:
f4:6a:5f:52:4d:5e:41:88:97:db:eb:93:83:e9:09:0a:be:b1:
1e:c3:d2:e5:8b:a3:50:dc:69:78:ac:38:ef:80:7d:02:10:35:
a5:37:ad:a5
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1
NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTAyMTAx
NDIzMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGQUM1NjQwNDgwMzgy
OTVDOTBFQ0YxRkFCOTUwRTI1OTcxQTNDNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMIKol78zzDBduDm3rvAFTLW5X3kaVRNqXkLtoDANGOoSzCAOO
U4aWl31hlyYOEb39YSS436QZwF/3UHh31dTGApq+86Ho/yxsunmQn+r9cnjGakRz
t+0IV7fcrmeqkQe00S4bI6H6vza8N9TTX/7cyugmd4aWHS/ldFhQJieyLEMcoWAz
3xoLajRYMXbr+vgbfQlykvJnZrH4BMyYt++FEJQqffUEKpxBCm/4N5TiFfYsIcVv
7cGhuSZK2tOxJr3WQviP5Ncaq2EktJliGRoyyJMXiHV5kMLbNBPHgg5PpnKMWQR3
TGfCpG0C5Y3MPPNl+Gcg+fzYvgJFhcOUd6/pAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUP6xWQEgDgpXJDs8fq5UOJZcaPGgwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N
UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83
NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L1A2eFdRRWdEZ3BY
SkRzOGZxNVVPSlpjYVBHZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFlA2owDQYJKoZIhvcNAQELBQADggEBAGBOf9uuDnflYIi/2x+E31ROegAJ
vBIVYPxn20Q1GH8FFr07VxbmL9+LqmetPWnFzXZwllFexMl2Azjnut06o14Cx7Sn
duOaPaIO11/hL9qmme1H0E69tQkHEeSt+Rqizc4FyIPjJ1GvywGP+Mq6oZxlAiTD
aB/URL9fRsGBUa9dLSH2WqGTs9R7yFAWhHevgijzBQymEjj5lCros++adA1owcoK
Agezpt3DyLkawVe7GbebrZ3dqRQlo/GM89AUR/jTECH7s1MC7RiR0ttpxfNZfXx0
V1lfmvRqX1JNXkGIl9vrk4PpCQq+sR7D0uWLo1DcaXisOO+AfQIQNaU3raU=
-----END CERTIFICATE-----
Generated at Sun Aug 24 02:39:58 2025 by rpki-client