Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/AAfwGprIQmIdnnSmzNjDrZCJh3s.roa
File: AAfwGprIQmIdnnSmzNjDrZCJh3s.roa (raw, json)
Hash identifier: hqrbQxxhc/+8rTJM00RDYu5Y3GQKsHTEJZkOPiCnCsc=
Subject key identifier: 00:07:F0:1A:9A:C8:42:62:1D:9E:74:A6:CC:D8:C3:AD:90:89:87:7B
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0C56
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/AAfwGprIQmIdnnSmzNjDrZCJh3s.roa
Signing time: Wed 13 Nov 2024 02:19:18 +0000
ROA not before: Wed 13 Nov 2024 02:19:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 103.252.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Nov 2024 05:43:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Nov 13 02:19:18 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0007F01A9AC842621D9E74A6CCD8C3AD9089877B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:81:c9:e5:34:b9:0f:ff:8b:1c:36:ed:a6:61:
e2:2f:fb:cc:cc:03:be:41:e2:cc:1e:92:4f:2a:dc:
0f:b6:c9:bf:bd:9e:fb:82:59:87:1b:52:06:af:f2:
63:af:0b:b7:14:42:25:7d:3f:4c:f7:a5:e2:d5:51:
7e:46:48:dd:8d:ca:3b:57:0b:09:aa:ed:a5:0f:60:
47:48:e0:2e:73:f8:af:67:f9:6b:cd:f4:81:51:71:
4d:68:20:c1:1c:26:de:de:8c:24:7f:cd:f1:83:6f:
f8:c9:65:56:d3:1a:cc:2b:52:0f:c2:d3:04:19:3d:
61:9d:14:a3:ca:52:25:c9:f0:8e:83:50:c3:c9:ca:
95:37:02:3a:f8:19:46:a0:76:bd:cd:b0:f2:84:e1:
0a:93:c2:a1:7a:74:de:55:8d:40:13:47:1d:b1:c3:
ba:d1:c7:07:46:21:c4:5d:2c:64:72:cd:0b:a0:dc:
99:d3:05:2c:6a:92:08:88:50:a0:7a:d4:8f:ec:2b:
89:2c:a6:f7:b7:0b:24:8a:ca:97:bc:fc:fc:9e:b5:
ae:fe:e4:35:8f:5b:43:e5:f6:da:30:fd:ed:6b:f4:
e9:7c:ad:d4:69:48:52:26:83:61:9c:7a:4b:8a:03:
d7:ec:e2:92:b7:6a:0f:ec:e1:95:fe:2a:4e:f0:d8:
f4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:07:F0:1A:9A:C8:42:62:1D:9E:74:A6:CC:D8:C3:AD:90:89:87:7B
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/AAfwGprIQmIdnnSmzNjDrZCJh3s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.128.0/22
Signature Algorithm: sha256WithRSAEncryption
99:05:54:eb:83:09:18:76:00:04:a4:94:8a:ee:0e:9a:16:ab:
ad:df:1d:89:17:e6:fa:fa:14:7a:25:e4:0e:14:5b:ee:d8:da:
4f:14:8b:77:73:8a:f7:d4:cc:7f:3b:97:41:cf:6b:7e:c9:84:
e6:d9:ce:ce:8b:e4:79:ec:01:ae:71:4a:16:e6:5c:47:22:f7:
0c:a5:ac:bf:c1:03:60:e5:f3:41:85:49:d3:a1:a8:07:35:bb:
b6:00:0f:06:ca:2b:87:44:0f:42:8d:a0:da:4c:6c:79:64:82:
8a:1d:4a:23:4f:7e:90:cb:de:db:33:b2:2a:c6:9d:a9:6e:c4:
e2:0f:fa:ae:12:de:7d:d3:c1:a0:52:0a:4d:ed:61:4d:a9:55:
0a:d8:98:e5:d5:e7:01:cb:80:97:35:82:cc:6f:93:18:1c:13:
b5:0e:d0:42:ac:89:6c:75:cb:83:b6:bc:89:f6:9b:11:2d:32:
fb:1a:6e:34:96:b4:b8:17:da:9e:1e:a7:72:66:02:6b:94:61:
c1:dd:75:a9:1a:c3:36:5f:6a:84:41:c0:94:3a:09:00:f2:90:
33:1e:69:66:fc:90:36:40:a8:12:15:30:79:7f:74:46:18:2f:
16:fb:7c:35:29:f4:38:80:6d:90:1d:ad:01:47:6a:8a:85:91:
c7:39:7b:92
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNDExMTMw
MjE5MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAwMDdGMDFBOUFDODQy
NjIxRDlFNzRBNkNDRDhDM0FEOTA4OTg3N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCygcnlNLkP/4scNu2mYeIv+8zMA75B4swekk8q3A+2yb+9nvuC
WYcbUgav8mOvC7cUQiV9P0z3peLVUX5GSN2NyjtXCwmq7aUPYEdI4C5z+K9n+WvN
9IFRcU1oIMEcJt7ejCR/zfGDb/jJZVbTGswrUg/C0wQZPWGdFKPKUiXJ8I6DUMPJ
ypU3Ajr4GUagdr3NsPKE4QqTwqF6dN5VjUATRx2xw7rRxwdGIcRdLGRyzQug3JnT
BSxqkgiIUKB61I/sK4kspve3CySKype8/Pyeta7+5DWPW0Pl9tow/e1r9Ol8rdRp
SFImg2GcekuKA9fs4pK3ag/s4ZX+Kk7w2PTTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUAAfwGprIQmIdnnSmzNjDrZCJh3swHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0FBZndHcHJJUW1JZG5uU216TmpEclpD
Smgzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ
KoZIhvcNAQELBQADggEBAJkFVOuDCRh2AASklIruDpoWq63fHYkX5vr6FHol5A4U
W+7Y2k8Ui3dzivfUzH87l0HPa37JhObZzs6L5HnsAa5xShbmXEci9wylrL/BA2Dl
80GFSdOhqAc1u7YADwbKK4dED0KNoNpMbHlkgoodSiNPfpDL3tszsirGnaluxOIP
+q4S3n3TwaBSCk3tYU2pVQrYmOXV5wHLgJc1gsxvkxgcE7UO0EKsiWx1y4O2vIn2
mxEtMvsabjSWtLgX2p4ep3JmAmuUYcHddakawzZfaoRBwJQ6CQDykDMeaWb8kDZA
qBIVMHl/dEYYLxb7fDUp9DiAbZAdrQFHaoqFkcc5e5I=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:58 2025 by rpki-client