Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/eKlcd6Cpg2ucE30mSSeSu4I716I.roa
File: eKlcd6Cpg2ucE30mSSeSu4I716I.roa (raw, json)
Hash identifier: MJU0/ZQ4ztuoQg1DwPjnXJa7AxqtxrpBv/J/LY4hQMs=
Subject key identifier: 78:A9:5C:77:A0:A9:83:6B:9C:13:7D:26:49:27:92:BB:82:3B:D7:A2
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 08AD
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/eKlcd6Cpg2ucE30mSSeSu4I716I.roa
Signing time: Sun 07 Feb 2021 12:35:08 +0000
ROA not before: Sun 07 Feb 2021 12:35:08 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 10085
IP address blocks: 114.29.240.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Feb 7 12:35:08 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=78A95C77A0A9836B9C137D26492792BB823BD7A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:a3:91:5c:ed:69:f8:6d:38:54:3c:5d:4e:
83:47:ad:28:31:8e:c4:5b:c8:7c:a5:85:5c:09:74:
94:15:24:30:67:ca:67:3d:36:21:25:fe:e6:31:cc:
e7:80:60:92:38:10:0f:ac:5d:d7:f1:8e:d9:87:a9:
5c:b3:f1:71:fb:69:f7:0c:da:af:85:e6:81:83:34:
a9:5c:a2:a2:b5:9a:e8:d2:b8:ff:c6:7e:09:20:78:
39:09:9f:86:07:24:0c:40:d4:44:dd:83:e1:b5:8b:
1d:ea:ad:ec:59:c5:47:c3:26:fe:2d:bb:7f:c6:17:
f2:82:0e:dc:de:68:e1:0d:6d:29:04:a8:d8:21:39:
b7:4d:6c:fd:8c:9e:96:1f:28:d8:92:89:2d:ab:62:
8f:c9:cc:b8:8e:b5:f2:21:fa:f8:f5:78:cf:b4:b0:
63:26:1f:6a:0c:80:51:f1:9b:40:24:b7:f3:89:de:
ae:9b:90:cb:26:fb:2d:4c:b5:e8:c3:f5:27:bd:7f:
2f:a8:7e:8b:4d:64:7d:d7:ba:a1:1a:df:83:94:13:
5b:74:37:93:ab:41:ac:12:36:e4:b4:40:77:76:a5:
f1:86:08:ca:08:93:6e:6e:31:95:cc:5c:0f:93:ae:
82:00:33:87:b7:4b:4b:bf:7d:87:c2:ae:f3:e0:c8:
d0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A9:5C:77:A0:A9:83:6B:9C:13:7D:26:49:27:92:BB:82:3B:D7:A2
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/eKlcd6Cpg2ucE30mSSeSu4I716I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:76:57:0b:4e:cb:20:8d:9c:ad:6f:6c:61:33:43:f1:ce:4d:
fc:03:3c:bf:d1:b4:c4:93:ef:86:3b:ab:b5:4e:cd:4a:35:2b:
2d:1e:a9:48:5f:df:6b:4a:6d:eb:63:e7:62:03:c8:37:dd:bf:
b4:53:8c:23:35:1b:f2:fd:15:5e:4d:92:20:e0:7c:cc:d5:1c:
97:fd:68:1a:68:bb:72:8d:f6:d0:1a:de:ef:d7:29:fa:bf:8b:
c7:73:fd:4d:b9:8a:fe:09:fe:26:41:a7:f4:bb:79:23:02:98:
19:f2:88:e7:e2:eb:11:70:09:1c:29:f1:14:c3:a4:21:e1:b8:
24:48:06:d5:30:9b:96:4f:6d:03:48:fe:0e:9e:e7:b8:97:75:
64:40:07:8f:8a:a7:f2:c0:38:23:ee:f4:9a:1b:50:3b:2b:37:
b4:5a:6a:b1:69:a3:12:9a:eb:ce:da:06:b2:7e:82:1e:96:34:
ee:1b:85:55:b8:cb:5d:c9:4e:0e:26:9d:7b:5b:d8:40:ba:2b:
de:b4:6f:bd:c1:73:6c:f3:bd:ce:f0:4b:fb:9e:d8:c6:5c:f4:
36:27:9d:9f:3a:5b:c2:89:a9:18:0f:08:ba:2a:3e:1b:10:f7:
e3:f2:85:be:05:21:80:62:a3:79:2a:cd:a3:43:58:53:c7:91:
0c:77:b4:31
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yMTAyMDcx
MjM1MDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDc4QTk1Qzc3QTBBOTgz
NkI5QzEzN0QyNjQ5Mjc5MkJCODIzQkQ3QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAXqORXO1p+G04VDxdToNHrSgxjsRbyHylhVwJdJQVJDBnymc9
NiEl/uYxzOeAYJI4EA+sXdfxjtmHqVyz8XH7afcM2q+F5oGDNKlcoqK1mujSuP/G
fgkgeDkJn4YHJAxA1ETdg+G1ix3qrexZxUfDJv4tu3/GF/KCDtzeaOENbSkEqNgh
ObdNbP2MnpYfKNiSiS2rYo/JzLiOtfIh+vj1eM+0sGMmH2oMgFHxm0Akt/OJ3q6b
kMsm+y1MtejD9Se9fy+ofotNZH3XuqEa34OUE1t0N5OrQawSNuS0QHd2pfGGCMoI
k25uMZXMXA+TroIAM4e3S0u/fYfCrvPgyNATAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUeKlcd6Cpg2ucE30mSSeSu4I716IwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL2VLbGNkNkNwZzJ1Y0UzMG1TU2VTdTRJ
NzE2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBABp2VwtOyyCNnK1vbGEzQ/HOTfwDPL/RtMST74Y7q7VO
zUo1Ky0eqUhf32tKbetj52IDyDfdv7RTjCM1G/L9FV5NkiDgfMzVHJf9aBpou3KN
9tAa3u/XKfq/i8dz/U25iv4J/iZBp/S7eSMCmBnyiOfi6xFwCRwp8RTDpCHhuCRI
BtUwm5ZPbQNI/g6e57iXdWRAB4+Kp/LAOCPu9JobUDsrN7RaarFpoxKa687aBrJ+
gh6WNO4bhVW4y13JTg4mnXtb2EC6K960b73Bc2zzvc7wS/ue2MZc9DYnnZ86W8KJ
qRgPCLoqPhsQ9+Pyhb4FIYBio3kqzaNDWFPHkQx3tDE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:29 2025 by rpki-client