Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa
File: C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa (raw, json)
Hash identifier: kNuMKHWwvvg5c+Jj1R0QAj1b2H6lhLc9MBxFMEqW0x4=
Subject key identifier: 0B:4A:9F:18:D2:BC:33:CC:12:13:45:92:D4:9A:3A:8B:40:5C:75:B5
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0C64
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa
Signing time: Wed 13 Nov 2024 05:45:59 +0000
ROA not before: Wed 13 Nov 2024 05:45:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 114.29.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3172 (0xc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Nov 13 05:45:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0B4A9F18D2BC33CC12134592D49A3A8B405C75B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:f2:b0:55:8b:62:f7:ec:07:1c:9b:de:b4:
f5:27:77:44:2d:df:3b:2d:0e:ed:71:dd:63:90:f0:
48:e0:5a:bf:5b:03:ab:a4:a3:20:a0:37:51:cf:5f:
2b:6e:dc:cc:8a:87:ee:6d:ab:69:d7:e9:e5:8f:d4:
a9:e7:3d:02:72:01:0d:c8:b5:d0:0f:a3:fb:99:33:
10:bc:b6:5b:f5:b5:ff:a3:94:03:46:49:ab:c4:34:
44:8f:48:31:05:b5:b9:e0:59:52:68:4f:6a:a3:f2:
93:e6:f2:f7:65:d9:b0:c3:7b:4c:80:2b:48:41:67:
a9:47:16:2c:39:24:1c:e2:f7:cf:04:bd:42:a6:76:
b8:95:69:1e:ab:3c:5b:be:3d:7e:ac:0b:9b:9e:8a:
41:17:81:9e:1b:40:95:35:50:13:bf:89:be:80:d8:
27:61:de:89:15:4b:3d:e8:d3:1d:5f:9d:8a:5f:84:
03:bb:ff:2e:fb:55:74:41:99:4a:2e:c3:37:b5:f0:
e2:c9:a2:38:b8:a4:e3:18:fb:0f:b1:77:79:01:b2:
47:3d:db:6a:7f:76:7e:76:3c:c4:96:e5:97:99:5b:
63:06:07:d5:b3:8d:ae:03:03:fe:9f:62:17:66:15:
22:6c:e1:dd:1c:cb:da:08:cb:6e:f2:11:f5:07:fd:
47:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4A:9F:18:D2:BC:33:CC:12:13:45:92:D4:9A:3A:8B:40:5C:75:B5
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/C0qfGNK8M8wSE0WS1Jo6i0BcdbU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
32:0a:cb:01:10:51:c3:ae:95:c7:b4:be:97:b2:2a:b8:1a:a6:
c8:b5:62:19:58:d1:71:3e:a8:ca:6f:35:f3:7a:00:ef:3b:e0:
90:40:0e:74:e6:86:d0:22:33:b2:90:d7:a6:c3:f6:a1:2b:43:
21:7b:2d:37:4b:03:44:07:bd:00:e1:73:e5:2f:b0:2b:44:f2:
13:3f:97:61:bc:3c:00:8c:79:91:5d:21:25:1e:7a:02:eb:31:
d1:76:74:80:1b:10:ed:78:d1:cb:85:df:d3:ed:17:bf:40:26:
62:44:04:1a:a1:fd:01:16:27:9b:e5:d6:16:07:3a:d6:32:fc:
79:3e:61:f3:79:a4:c3:26:45:d8:73:49:f5:31:dd:f3:0e:ea:
2b:ad:31:b4:45:7f:71:99:9e:ec:1f:62:9b:f2:89:1e:40:94:
0e:89:af:1f:88:8e:23:2a:77:87:99:16:ed:a4:be:b0:30:a1:
9c:85:02:d9:9a:77:9c:84:ab:95:b3:3d:01:12:4e:7e:aa:ec:
1b:56:3f:cc:4e:00:35:86:72:ef:06:d0:a1:55:8b:8d:d4:77:
ee:23:2b:c8:3d:10:81:05:e3:15:d5:bc:46:83:71:3d:0c:cd:
b0:2c:fc:d4:08:fd:cd:47:5e:09:27:ec:d8:45:5d:5b:21:af:
f9:c8:2e:9d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNDExMTMw
NTQ1NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBCNEE5RjE4RDJCQzMz
Q0MxMjEzNDU5MkQ0OUEzQThCNDA1Qzc1QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGyPKwVYti9+wHHJvetPUnd0Qt3zstDu1x3WOQ8EjgWr9bA6uk
oyCgN1HPXytu3MyKh+5tq2nX6eWP1KnnPQJyAQ3ItdAPo/uZMxC8tlv1tf+jlANG
SavENESPSDEFtbngWVJoT2qj8pPm8vdl2bDDe0yAK0hBZ6lHFiw5JBzi988EvUKm
driVaR6rPFu+PX6sC5ueikEXgZ4bQJU1UBO/ib6A2Cdh3okVSz3o0x1fnYpfhAO7
/y77VXRBmUouwze18OLJoji4pOMY+w+xd3kBskc922p/dn52PMSW5ZeZW2MGB9Wz
ja4DA/6fYhdmFSJs4d0cy9oIy27yEfUH/UfFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUC0qfGNK8M8wSE0WS1Jo6i0BcdbUwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0MwcWZHTks4TTh3U0UwV1MxSm82aTBC
Y2RiVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBADIKywEQUcOulce0vpeyKrgapsi1YhlY0XE+qMpvNfN6
AO874JBADnTmhtAiM7KQ16bD9qErQyF7LTdLA0QHvQDhc+UvsCtE8hM/l2G8PACM
eZFdISUeegLrMdF2dIAbEO140cuF39PtF79AJmJEBBqh/QEWJ5vl1hYHOtYy/Hk+
YfN5pMMmRdhzSfUx3fMO6iutMbRFf3GZnuwfYpvyiR5AlA6Jrx+IjiMqd4eZFu2k
vrAwoZyFAtmad5yEq5WzPQESTn6q7BtWP8xOADWGcu8G0KFVi43Ud+4jK8g9EIEF
4xXVvEaDcT0MzbAs/NQI/c1HXgkn7NhFXVshr/nILp0=
-----END CERTIFICATE-----
Generated at Tue Feb 11 03:42:45 2025 by rpki-client on console.sobornost.net