Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/ow_CPpngbOHz85OfeYqPLeLTr04.roa
File: ow_CPpngbOHz85OfeYqPLeLTr04.roa (raw, json)
Hash identifier: VA9FXc1JFwL4WmQ/GmCOLnP5QhjfZTUCkCbeYqzAUK0=
Subject key identifier: A3:0F:C2:3E:99:E0:6C:E1:F3:F3:93:9F:79:8A:8F:2D:E2:D3:AF:4E
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1290
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ow_CPpngbOHz85OfeYqPLeLTr04.roa
Signing time: Fri 27 Dec 2024 08:10:17 +0000
ROA not before: Fri 27 Dec 2024 08:10:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131660
IP address blocks: 203.74.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 10:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4752 (0x1290)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Dec 27 08:10:17 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A30FC23E99E06CE1F3F3939F798A8F2DE2D3AF4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:0a:2f:a9:81:53:fe:56:96:78:65:b2:64:
ef:f3:52:45:4d:c8:64:01:50:f1:5c:44:c9:37:82:
f5:60:47:5a:cc:8a:9f:03:74:4e:5b:59:6a:60:4b:
16:1a:4d:af:09:ed:2f:81:43:e5:a5:fb:e6:f3:5a:
25:19:18:e0:2c:4a:e2:1e:7f:f8:53:ad:d9:99:56:
dc:97:c8:da:2a:1f:6f:e1:fb:60:60:21:f4:33:c7:
76:6c:2d:74:4b:eb:d4:6e:b8:09:61:8b:f4:ce:53:
6c:fe:48:81:56:5a:1b:24:aa:c3:a4:e5:50:2b:91:
63:b2:9a:99:7a:84:20:97:39:2a:36:2f:e3:d4:27:
18:69:3e:28:6e:7a:68:9e:16:d1:3e:55:49:60:ef:
c7:20:ff:31:2d:fb:21:dd:09:7f:37:27:98:08:79:
ca:a9:8f:d8:a7:df:df:7f:5d:30:2d:a6:a0:0a:87:
e4:da:20:36:25:66:fe:9a:09:de:50:b5:4a:12:d4:
14:db:b9:04:5c:b8:49:a6:ff:09:97:04:af:13:b0:
84:55:61:f4:9d:82:e5:11:b6:5d:45:97:8b:29:c8:
b4:a4:54:d8:98:2e:56:46:3d:51:bb:9c:43:df:3b:
29:ae:74:59:ea:81:13:19:02:96:66:9e:0c:22:f8:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0F:C2:3E:99:E0:6C:E1:F3:F3:93:9F:79:8A:8F:2D:E2:D3:AF:4E
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ow_CPpngbOHz85OfeYqPLeLTr04.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.74.223.0/24
Signature Algorithm: sha256WithRSAEncryption
65:87:d5:e1:29:29:49:3e:42:6e:c7:e5:af:18:a5:0c:fa:e5:
e8:02:00:a5:40:b7:54:b9:11:45:12:4a:6a:7d:fa:24:d3:f1:
e6:55:1f:50:21:eb:49:be:79:29:4e:d3:ca:60:7f:03:56:85:
ab:75:64:7d:88:d4:f9:a0:82:70:9a:a2:b9:bd:b8:5f:31:5f:
ac:c0:03:5d:54:8c:71:d5:b1:45:4b:48:46:c1:31:fd:f0:40:
8c:32:62:b3:e4:21:44:33:29:e9:98:e3:33:0b:ef:0e:82:43:
5f:97:92:33:61:7a:45:8d:36:69:9c:19:f0:53:ca:f8:c7:52:
ca:b7:9d:93:32:b5:71:39:75:82:b0:4b:c6:9b:12:1b:6d:75:
90:38:14:9f:a1:12:70:d3:8e:aa:4f:76:8f:9f:19:69:c2:43:
0a:b4:06:b7:1c:73:fd:3b:3a:e9:58:8d:cf:ac:1b:3f:71:8c:
bd:89:28:ec:ba:d3:28:b1:8e:18:1e:87:a6:1c:77:70:1f:8d:
5e:0f:d3:de:b3:31:fd:aa:85:4d:2c:ad:e8:f1:75:13:ba:52:
51:5d:e5:4d:e7:1d:f0:56:c5:f2:0d:7f:d5:41:25:5a:d1:8b:
a1:03:42:86:77:2e:58:0e:e9:75:cd:aa:3d:b7:a3:47:5b:26:
7a:2c:34:05
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDEyMjcw
ODEwMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEzMEZDMjNFOTlFMDZD
RTFGM0YzOTM5Rjc5OEE4RjJERTJEM0FGNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy0govqYFT/laWeGWyZO/zUkVNyGQBUPFcRMk3gvVgR1rMip8D
dE5bWWpgSxYaTa8J7S+BQ+Wl++bzWiUZGOAsSuIef/hTrdmZVtyXyNoqH2/h+2Bg
IfQzx3ZsLXRL69RuuAlhi/TOU2z+SIFWWhskqsOk5VArkWOympl6hCCXOSo2L+PU
JxhpPihuemieFtE+VUlg78cg/zEt+yHdCX83J5gIecqpj9in399/XTAtpqAKh+Ta
IDYlZv6aCd5QtUoS1BTbuQRcuEmm/wmXBK8TsIRVYfSdguURtl1Fl4spyLSkVNiY
LlZGPVG7nEPfOymudFnqgRMZApZmngwi+NXHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUow/CPpngbOHz85OfeYqPLeLTr04wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vd19DUHBuZ2JPSHo4NU9mZVlx
UExlTFRyMDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0rf
MA0GCSqGSIb3DQEBCwUAA4IBAQBlh9XhKSlJPkJux+WvGKUM+uXoAgClQLdUuRFF
Ekpqffok0/HmVR9QIetJvnkpTtPKYH8DVoWrdWR9iNT5oIJwmqK5vbhfMV+swANd
VIxx1bFFS0hGwTH98ECMMmKz5CFEMynpmOMzC+8OgkNfl5IzYXpFjTZpnBnwU8r4
x1LKt52TMrVxOXWCsEvGmxIbbXWQOBSfoRJw046qT3aPnxlpwkMKtAa3HHP9Ozrp
WI3PrBs/cYy9iSjsutMosY4YHoemHHdwH41eD9PeszH9qoVNLK3o8XUTulJRXeVN
5x3wVsXyDX/VQSVa0YuhA0KGdy5YDul1zao9t6NHWyZ6LDQF
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:29:52 2025 by rpki-client