Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/L2a-eLiKAvnLQXPK8oc7MJENl24.roa
File: L2a-eLiKAvnLQXPK8oc7MJENl24.roa (raw, json)
Hash identifier: hBYVAAPJ8G/oV9T9QkkZTYxHYV7pYOPnmtr7V7C0CAw=
Subject key identifier: 2F:66:BE:78:B8:8A:02:F9:CB:41:73:CA:F2:87:3B:30:91:0D:97:6E
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/L2a-eLiKAvnLQXPK8oc7MJENl24.roa
Signing time: Thu 15 Sep 2022 02:48:16 +0000
ROA not before: Thu 15 Sep 2022 02:48:16 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17714
IP address blocks: 220.128.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:16 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2F66BE78B88A02F9CB4173CAF2873B30910D976E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c0:78:e4:07:0d:f0:4c:db:cf:e5:0b:a2:b7:
94:a7:96:b2:43:ce:58:20:5d:31:24:c1:2a:17:5c:
0e:05:5b:55:16:c9:a9:cd:e5:ec:cd:ff:62:73:01:
52:4b:22:90:1c:51:38:20:5f:44:f0:b0:db:9c:ff:
00:42:a1:39:5e:f8:69:74:69:6c:81:9b:23:e3:e8:
51:d6:4e:06:ec:e3:aa:be:e0:78:c9:f1:eb:8c:1e:
f8:cb:d0:d4:0e:f6:bd:b9:23:c9:45:8e:44:62:a0:
39:8b:15:1c:b6:60:6d:a1:05:70:e8:a7:4e:44:0a:
52:3d:b7:55:a0:a1:3e:29:07:23:ca:0f:59:44:91:
d1:51:59:2e:00:d1:c3:c7:b7:78:4c:48:fa:80:80:
3f:f1:70:bd:0b:41:a7:38:2c:ae:ba:cc:46:ea:24:
d7:e6:15:56:d9:6e:9f:ef:f7:3b:d4:a5:1c:73:54:
70:be:f0:49:77:f5:37:95:7b:02:6f:f1:44:54:ce:
89:a2:5f:50:fa:41:f8:40:dc:87:fd:4b:c5:6d:a0:
4f:1f:55:9e:59:e5:ba:8a:05:9e:6c:54:e3:4b:7a:
1b:87:1c:f7:97:20:20:84:a2:d3:54:03:5d:c3:dc:
ac:e3:23:1b:9a:e1:b1:e3:a7:ca:d8:76:64:e1:41:
8b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:66:BE:78:B8:8A:02:F9:CB:41:73:CA:F2:87:3B:30:91:0D:97:6E
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/L2a-eLiKAvnLQXPK8oc7MJENl24.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.48.0/24
Signature Algorithm: sha256WithRSAEncryption
09:21:78:6d:f7:d7:59:13:1d:bd:14:d2:ea:7f:c1:25:54:57:
66:b8:2c:6c:69:59:77:2c:85:b8:43:58:0b:70:b4:97:01:34:
39:54:c7:a7:c7:57:04:bf:1f:12:cc:54:a6:79:ba:64:38:8a:
14:9c:2d:50:f2:d9:f7:6e:25:c8:32:3a:78:c1:79:b4:f3:61:
7b:c5:ea:cc:e4:4b:ef:8b:e5:ef:e1:f4:99:6a:23:d9:ac:68:
62:48:1a:04:da:96:a6:9d:10:e2:42:3c:83:41:7f:5b:8f:27:
3d:ff:45:e3:2e:00:72:a5:32:e3:e2:93:fa:e2:71:78:ee:41:
04:3b:2a:aa:65:6a:55:9d:0d:ba:be:f2:c8:2e:e1:0a:ec:17:
4c:35:6c:5c:77:ee:7c:cf:d8:3f:ae:c0:86:1c:e6:16:54:fe:
1a:d9:30:a3:25:34:bf:eb:ef:0a:44:03:80:cb:8e:23:7c:f9:
6c:ec:b7:27:b4:53:61:93:4f:32:ea:5b:f5:9f:44:b6:2f:c9:
4f:93:7a:f3:d9:f3:00:34:0e:61:49:90:a4:6c:73:ef:b5:dd:
93:b0:65:aa:6f:fb:d5:ed:17:2c:e8:08:e1:15:4f:cc:27:93:
a1:0b:02:9f:9e:77:86:b9:13:e6:dd:09:6b:03:f6:cd:d7:aa:
5c:8a:0a:81
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJGNjZCRTc4Qjg4QTAy
RjlDQjQxNzNDQUYyODczQjMwOTEwRDk3NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbwHjkBw3wTNvP5Quit5SnlrJDzlggXTEkwSoXXA4FW1UWyanN
5ezN/2JzAVJLIpAcUTggX0TwsNuc/wBCoTle+Gl0aWyBmyPj6FHWTgbs46q+4HjJ
8euMHvjL0NQO9r25I8lFjkRioDmLFRy2YG2hBXDop05EClI9t1WgoT4pByPKD1lE
kdFRWS4A0cPHt3hMSPqAgD/xcL0LQac4LK66zEbqJNfmFVbZbp/v9zvUpRxzVHC+
8El39TeVewJv8URUzomiX1D6QfhA3If9S8VtoE8fVZ5Z5bqKBZ5sVONLehuHHPeX
ICCEotNUA13D3KzjIxua4bHjp8rYdmThQYuRAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUL2a+eLiKAvnLQXPK8oc7MJENl24wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9MMmEtZUxpS0F2bkxRWFBLOG9j
N01KRU5sMjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IAw
MA0GCSqGSIb3DQEBCwUAA4IBAQAJIXht99dZEx29FNLqf8ElVFdmuCxsaVl3LIW4
Q1gLcLSXATQ5VMenx1cEvx8SzFSmebpkOIoUnC1Q8tn3biXIMjp4wXm082F7xerM
5Evvi+Xv4fSZaiPZrGhiSBoE2pamnRDiQjyDQX9bjyc9/0XjLgBypTLj4pP64nF4
7kEEOyqqZWpVnQ26vvLILuEK7BdMNWxcd+58z9g/rsCGHOYWVP4a2TCjJTS/6+8K
RAOAy44jfPls7LcntFNhk08y6lv1n0S2L8lPk3rz2fMANA5hSZCkbHPvtd2TsGWq
b/vV7Rcs6AjhFU/MJ5OhCwKfnneGuRPm3QlrA/bN16pcigqB
-----END CERTIFICATE-----
Generated at Fri Sep 1 09:23:40 2023 by rpki-client on console-ams.rpki-client.org