Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/HQ5nF-8uIrZRa0glIGrXCkoCMD0.roa
File: HQ5nF-8uIrZRa0glIGrXCkoCMD0.roa (raw, json)
Hash identifier: tXkRmjo+Jvq/33tnJe8iQwrOIdw0gpaEv+dPqHhDUBw=
Subject key identifier: 1D:0E:67:17:EF:2E:22:B6:51:6B:48:25:20:6A:D7:0A:4A:02:30:3D
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0C7F
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/HQ5nF-8uIrZRa0glIGrXCkoCMD0.roa
Signing time: Mon 26 Aug 2024 05:26:35 +0000
ROA not before: Mon 26 Aug 2024 05:26:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18182
IP address blocks: 2404:80::/28 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3199 (0xc7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Aug 26 05:26:35 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1D0E6717EF2E22B6516B4825206AD70A4A02303D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:40:d6:91:d7:74:fe:c8:ae:79:8f:55:1c:
3d:12:8e:d4:53:18:09:49:27:8f:80:cb:4a:0d:41:
6b:88:8f:47:31:32:1f:ce:ea:13:6d:02:49:b0:22:
17:a6:23:9b:27:ee:30:3a:19:ea:a8:cb:f3:c6:69:
b2:2f:8d:8c:81:1b:30:ac:95:da:d8:3c:fb:67:d4:
8e:fa:fc:37:be:13:ad:ea:49:bc:c2:ba:c6:63:88:
47:ae:2a:dc:b4:68:57:f5:86:bb:e4:c2:2b:69:d7:
b9:f0:68:db:57:3d:7a:f4:ba:13:4b:0a:2c:1d:ea:
f1:6b:09:48:4f:31:bc:22:ed:6c:75:39:1e:26:97:
84:c7:27:ae:c0:fb:44:59:41:81:b2:cf:4b:f8:a0:
eb:46:e9:79:04:e1:f3:cd:df:2c:91:52:a2:e9:01:
ea:d2:b0:39:e7:bb:9a:4a:5b:1a:97:76:94:93:b0:
5a:68:cb:8e:e5:55:3d:77:e0:a5:72:3b:7e:87:c6:
dd:d6:4b:43:4d:74:52:ad:a9:f1:a2:03:8a:4e:fa:
b0:5e:d0:c2:69:1f:b9:e7:b7:ac:3a:5a:4e:a3:cd:
c8:20:2a:0e:44:3a:62:94:90:9e:68:c6:62:21:5e:
14:d3:d2:34:3d:db:28:f8:8b:3c:eb:e7:a5:4f:ef:
6a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0E:67:17:EF:2E:22:B6:51:6B:48:25:20:6A:D7:0A:4A:02:30:3D
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/HQ5nF-8uIrZRa0glIGrXCkoCMD0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:80::/28
Signature Algorithm: sha256WithRSAEncryption
6c:05:f3:9b:08:f5:f1:18:c8:d0:00:06:0a:24:02:a4:10:52:
07:d8:1b:b0:92:7a:c6:2c:5a:08:c7:12:bc:ec:ee:bb:c3:5c:
8a:9f:7b:d3:ab:4d:12:f3:7f:e5:be:dc:71:ed:47:a8:04:20:
79:ef:71:1a:02:5f:f8:a9:c4:d1:37:7c:3b:bd:5d:ac:ad:1c:
07:8e:33:9f:45:be:33:b1:a9:74:b6:b2:3a:51:0a:fe:b1:12:
e2:01:c5:42:f5:ee:f7:9b:ec:50:92:9c:7c:6a:86:89:e6:bc:
0e:a3:47:46:5a:db:71:d9:a0:58:64:3f:3e:b5:95:7d:47:a7:
d9:29:7b:fd:3d:c2:7c:74:93:ef:11:26:8a:bc:37:83:e8:e4:
bd:32:a8:e8:fc:e8:70:9f:3e:3f:f5:ec:17:67:38:6e:29:25:
47:60:c2:2c:59:07:b8:2b:a3:fc:86:fa:68:14:83:08:24:88:
ed:90:c2:ff:72:51:14:aa:1a:1c:b3:54:b9:75:3e:f8:16:43:
c6:4f:13:d0:df:13:11:84:a0:24:af:4f:73:cb:d6:66:f8:89:
dd:f9:34:1f:52:2d:25:02:c2:62:ce:ec:49:56:15:bc:92:15:
95:d0:86:7d:1e:f8:9f:83:4e:38:d5:f8:6a:2a:51:b6:f8:cb:
22:ad:40:26
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICDH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNDA4MjYw
NTI2MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFEMEU2NzE3RUYyRTIy
QjY1MTZCNDgyNTIwNkFENzBBNEEwMjMwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8bEDWkdd0/siueY9VHD0SjtRTGAlJJ4+Ay0oNQWuIj0cxMh/O
6hNtAkmwIhemI5sn7jA6Geqoy/PGabIvjYyBGzCsldrYPPtn1I76/De+E63qSbzC
usZjiEeuKty0aFf1hrvkwitp17nwaNtXPXr0uhNLCiwd6vFrCUhPMbwi7Wx1OR4m
l4THJ67A+0RZQYGyz0v4oOtG6XkE4fPN3yyRUqLpAerSsDnnu5pKWxqXdpSTsFpo
y47lVT134KVyO36Hxt3WS0NNdFKtqfGiA4pO+rBe0MJpH7nnt6w6Wk6jzcggKg5E
OmKUkJ5oxmIhXhTT0jQ92yj4izzr56VP72rPAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUHQ5nF+8uIrZRa0glIGrXCkoCMD0wHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9IUTVuRi04dUlyWlJhMGdsSUdy
WENrb0NNRDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUEJAQA
gDANBgkqhkiG9w0BAQsFAAOCAQEAbAXzmwj18RjI0AAGCiQCpBBSB9gbsJJ6xixa
CMcSvOzuu8Ncip9706tNEvN/5b7cce1HqAQgee9xGgJf+KnE0Td8O71drK0cB44z
n0W+M7GpdLayOlEK/rES4gHFQvXu95vsUJKcfGqGiea8DqNHRlrbcdmgWGQ/PrWV
fUen2Sl7/T3CfHST7xEmirw3g+jkvTKo6PzocJ8+P/XsF2c4biklR2DCLFkHuCuj
/Ib6aBSDCCSI7ZDC/3JRFKoaHLNUuXU++BZDxk8T0N8TEYSgJK9Pc8vWZviJ3fk0
H1ItJQLCYs7sSVYVvJIVldCGfR74n4NOONX4aipRtvjLIq1AJg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:21:11 2025 by rpki-client