Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/Z92FeBHzi4Ybl1gIHwtfFDwaaKI.roa
File: Z92FeBHzi4Ybl1gIHwtfFDwaaKI.roa (raw, json)
Hash identifier: O/BnlV2Ro25GFvKDQZxFFkNju4Qh6I8whJeLfo0XgjU=
Subject key identifier: 67:DD:85:78:11:F3:8B:86:1B:97:58:08:1F:0B:5F:14:3C:1A:68:A2
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0C54
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Z92FeBHzi4Ybl1gIHwtfFDwaaKI.roa
Signing time: Wed 13 Nov 2024 02:19:04 +0000
ROA not before: Wed 13 Nov 2024 02:19:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 114.29.240.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Nov 2024 05:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3156 (0xc54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Nov 13 02:19:04 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=67DD857811F38B861B9758081F0B5F143C1A68A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:77:7c:38:58:82:1c:1d:f7:6d:6d:54:1d:b3:
e4:f4:b8:92:b4:4c:a2:c5:43:c5:0a:fb:c3:75:ab:
11:cc:63:fe:bd:2d:43:a7:1d:67:dc:27:6c:c4:67:
21:79:4a:c6:25:ed:1a:bb:c0:99:ca:f1:a7:45:d8:
74:d9:4d:df:12:fe:6c:1b:ed:17:9c:c3:38:b6:b3:
cf:ca:c8:1f:9e:57:ff:cc:33:89:b5:fb:cf:ee:f4:
f1:09:5f:e9:6a:ae:3c:e8:0d:96:42:39:ec:2a:61:
fc:fd:67:4e:eb:6c:7d:12:72:16:eb:4a:0f:2b:3b:
e5:59:d4:07:99:63:80:83:95:7b:20:bf:e9:62:1f:
8d:19:2c:20:34:ac:c7:94:24:63:ac:b4:f0:44:88:
2c:26:8d:7b:29:54:a3:ad:8a:cc:c0:15:a5:1b:29:
0f:cc:96:c6:8e:49:3a:ed:75:25:12:b8:e0:13:34:
21:57:48:15:50:df:4a:ed:af:db:71:35:00:7f:c9:
7f:35:0e:92:c2:f4:b9:5c:b0:57:d9:3a:23:1a:59:
57:d5:47:8e:07:23:fe:d2:d4:8c:06:71:09:2a:33:
37:5b:b5:04:11:55:eb:3e:60:3e:01:9a:30:31:7a:
c4:12:16:a8:4d:e8:78:9c:3d:ba:0f:95:f8:37:90:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DD:85:78:11:F3:8B:86:1B:97:58:08:1F:0B:5F:14:3C:1A:68:A2
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Z92FeBHzi4Ybl1gIHwtfFDwaaKI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:2e:cc:19:c2:5c:f7:d8:aa:84:52:0d:09:16:29:05:65:57:
77:31:7f:34:f3:e9:1f:3b:6f:2b:59:ac:26:72:80:8b:a5:7a:
40:59:ca:c8:16:9b:76:58:28:d6:5f:72:b1:11:96:75:d6:f5:
d2:8d:d7:4a:2a:7f:3a:d3:53:9e:9f:76:4d:5b:77:96:c7:6c:
c4:51:27:3b:8a:2c:5e:90:ed:3b:8b:6a:ba:29:aa:e6:cf:ec:
d7:30:3a:96:33:f1:43:d0:d4:7b:df:02:5a:c6:8a:db:50:ad:
7b:90:66:97:a8:46:90:47:8f:3f:90:a2:e2:10:7c:02:28:02:
3b:d0:d7:b0:b5:e3:5b:df:34:75:46:d8:34:ed:f8:56:4e:22:
55:c5:7f:42:da:46:99:1a:ad:e4:1a:5d:c6:f6:eb:05:83:e3:
7d:1c:aa:48:a5:ca:2b:00:6d:4e:4f:09:2d:07:dd:9d:da:7a:
1e:31:a9:41:4b:5b:40:ce:b1:7a:74:44:e1:38:50:01:7a:5f:
f8:fe:80:89:ea:0b:bb:65:b3:0b:6c:0b:4d:da:3a:c8:5a:94:
4a:f0:77:90:df:83:e5:00:b4:3f:5d:61:e8:9b:af:c0:58:b0:
71:22:1b:ed:9c:6f:7f:77:a5:6b:b1:a5:01:41:24:72:70:29:
a2:52:c0:91
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDFQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNDExMTMw
MjE5MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY3REQ4NTc4MTFGMzhC
ODYxQjk3NTgwODFGMEI1RjE0M0MxQTY4QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHd3w4WIIcHfdtbVQds+T0uJK0TKLFQ8UK+8N1qxHMY/69LUOn
HWfcJ2zEZyF5SsYl7Rq7wJnK8adF2HTZTd8S/mwb7Recwzi2s8/KyB+eV//MM4m1
+8/u9PEJX+lqrjzoDZZCOewqYfz9Z07rbH0SchbrSg8rO+VZ1AeZY4CDlXsgv+li
H40ZLCA0rMeUJGOstPBEiCwmjXspVKOtiszAFaUbKQ/MlsaOSTrtdSUSuOATNCFX
SBVQ30rtr9txNQB/yX81DpLC9LlcsFfZOiMaWVfVR44HI/7S1IwGcQkqMzdbtQQR
Ves+YD4BmjAxesQSFqhN6HicPboPlfg3kKUzAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUZ92FeBHzi4Ybl1gIHwtfFDwaaKIwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL1o5MkZlQkh6aTRZYmwxZ0lId3RmRkR3
YWFLSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBAKwuzBnCXPfYqoRSDQkWKQVlV3cxfzTz6R87bytZrCZy
gIulekBZysgWm3ZYKNZfcrERlnXW9dKN10oqfzrTU56fdk1bd5bHbMRRJzuKLF6Q
7TuLaropqubP7NcwOpYz8UPQ1HvfAlrGittQrXuQZpeoRpBHjz+QouIQfAIoAjvQ
17C141vfNHVG2DTt+FZOIlXFf0LaRpkareQaXcb26wWD430cqkilyisAbU5PCS0H
3Z3aeh4xqUFLW0DOsXp0ROE4UAF6X/j+gInqC7tlswtsC03aOshalErwd5Dfg+UA
tD9dYeibr8BYsHEiG+2cb393pWuxpQFBJHJwKaJSwJE=
Generated at Wed Nov 13 07:17:13 2024 by rpki-client on console-ams.rpki-client.org