Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/CnPMxvvlOua-wHkphkAZdjK-tlc.roa
File: CnPMxvvlOua-wHkphkAZdjK-tlc.roa (raw, json)
Hash identifier: Kb4UyE431MlAEQwCyYbdgndW7ez+jyveVdJ8A9MchDw=
Subject key identifier: 0A:73:CC:C6:FB:E5:3A:E6:BE:C0:79:29:86:40:19:76:32:BE:B6:57
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 142A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CnPMxvvlOua-wHkphkAZdjK-tlc.roa
Signing time: Mon 10 Feb 2025 14:34:40 +0000
ROA not before: Mon 10 Feb 2025 14:34:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 114.32.0.0/12 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5162 (0x142a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0A73CCC6FBE53AE6BEC079298640197632BEB657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d3:a2:3e:77:90:85:53:0e:75:03:b4:c9:c4:
d4:9b:72:c7:34:2f:4f:dd:10:d2:5a:e3:a8:66:9a:
7b:60:70:13:72:ba:82:da:69:86:fb:d6:79:38:5c:
d9:bf:31:0a:16:a1:80:a9:6f:05:4e:45:24:bb:ba:
88:80:04:a0:36:0e:ad:b1:fb:15:90:b0:70:00:1f:
ef:25:dd:0e:6e:09:eb:37:b7:54:ed:a0:42:1d:5c:
d1:38:94:a4:74:e9:06:89:da:3a:20:79:56:85:e8:
98:0d:bf:b8:fb:75:6c:4f:0c:3a:ce:fe:83:69:31:
f6:6d:21:db:89:c4:31:9a:62:d5:da:55:40:55:e2:
26:83:ea:80:66:34:67:e9:38:5e:e7:2e:fa:3a:fa:
e2:f1:2e:6d:4b:18:13:91:9a:07:e2:c1:c9:33:80:
f6:3b:3c:18:d2:b3:e7:de:35:34:39:79:4f:ad:5f:
6f:e2:56:cb:1f:52:a7:20:21:d5:ca:1b:ee:ca:56:
8b:1f:a3:38:4d:ff:25:21:4b:35:25:a3:f9:7f:4a:
b3:94:27:d9:8a:b0:97:6e:93:bb:fd:74:00:1b:9d:
2a:fe:b4:8d:e8:a9:65:c8:2b:3e:bd:f9:3e:bc:5a:
e7:26:08:06:12:78:e3:3e:a7:28:24:b6:b7:e7:9e:
1c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:73:CC:C6:FB:E5:3A:E6:BE:C0:79:29:86:40:19:76:32:BE:B6:57
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CnPMxvvlOua-wHkphkAZdjK-tlc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.32.0.0/12
Signature Algorithm: sha256WithRSAEncryption
22:04:06:1d:51:91:b7:a6:d1:f2:ec:21:92:d7:61:35:35:4b:
53:b5:32:b9:64:21:49:f8:70:45:27:d2:89:42:00:30:15:74:
62:7b:b9:c6:e3:82:36:86:7b:a4:7b:3a:9a:2d:24:e6:79:51:
2e:b9:eb:15:ba:48:6e:32:35:4c:92:61:1a:ab:8a:e4:5e:d5:
d9:89:ba:8c:bd:5e:03:06:cf:83:4c:7e:60:c3:36:23:95:7d:
ee:08:92:3b:00:25:f4:51:d9:ba:1f:bc:41:b8:b5:10:70:06:
0a:8a:ac:89:78:64:de:5f:62:43:b1:b0:0d:3c:c7:56:68:42:
3b:6c:6e:2e:13:a5:34:0e:34:12:f9:68:2a:93:db:21:ea:05:
4b:fa:0d:cf:af:e7:c8:ab:a5:50:c2:e4:bd:1e:37:b5:ab:ea:
46:00:b1:c5:61:55:57:90:ea:6a:7e:9c:61:bb:d8:4e:e2:a3:
82:1f:b4:9e:7e:fd:7f:28:ad:ec:43:ae:be:f6:29:21:b7:12:
4f:26:8e:e6:28:25:d2:a0:7a:77:76:a2:d0:7c:83:3d:48:e1:
e3:b2:6b:54:23:58:f0:ba:53:44:58:90:b1:dd:2f:32:27:2c:
04:9b:7f:b4:10:40:e6:78:3c:d4:49:88:a4:f7:c0:c3:3b:7c:
d5:6f:90:6a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBBNzNDQ0M2RkJFNTNB
RTZCRUMwNzkyOTg2NDAxOTc2MzJCRUI2NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDk06I+d5CFUw51A7TJxNSbcsc0L0/dENJa46hmmntgcBNyuoLa
aYb71nk4XNm/MQoWoYCpbwVORSS7uoiABKA2Dq2x+xWQsHAAH+8l3Q5uCes3t1Tt
oEIdXNE4lKR06QaJ2jogeVaF6JgNv7j7dWxPDDrO/oNpMfZtIduJxDGaYtXaVUBV
4iaD6oBmNGfpOF7nLvo6+uLxLm1LGBORmgfiwckzgPY7PBjSs+feNTQ5eU+tX2/i
VssfUqcgIdXKG+7KVosfozhN/yUhSzUlo/l/SrOUJ9mKsJduk7v9dAAbnSr+tI3o
qWXIKz69+T68WucmCAYSeOM+pygktrfnnhz3AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUCnPMxvvlOua+wHkphkAZdjK+tlcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9DblBNeHZ2bE91YS13SGtwaGtB
WmRqSy10bGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEciAw
DQYJKoZIhvcNAQELBQADggEBACIEBh1Rkbem0fLsIZLXYTU1S1O1MrlkIUn4cEUn
0olCADAVdGJ7ucbjgjaGe6R7OpotJOZ5US656xW6SG4yNUySYRqriuRe1dmJuoy9
XgMGz4NMfmDDNiOVfe4IkjsAJfRR2bofvEG4tRBwBgqKrIl4ZN5fYkOxsA08x1Zo
Qjtsbi4TpTQONBL5aCqT2yHqBUv6Dc+v58irpVDC5L0eN7Wr6kYAscVhVVeQ6mp+
nGG72E7io4IftJ5+/X8orexDrr72KSG3Ek8mjuYoJdKgend2otB8gz1I4eOya1Qj
WPC6U0RYkLHdLzInLASbf7QQQOZ4PNRJiKT3wMM7fNVvkGo=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:26:55 2025 by rpki-client