Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/0BgXNxfJMK3ShubpJpV-GknYkHU.roa
File: 0BgXNxfJMK3ShubpJpV-GknYkHU.roa (raw, json)
Hash identifier: MRajqmK1IEiZ5kbs7NVvgenJUqwquHix5PKgdMd87T8=
Subject key identifier: D0:18:17:37:17:C9:30:AD:D2:86:E6:E9:26:95:7E:1A:49:D8:90:75
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 158A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0BgXNxfJMK3ShubpJpV-GknYkHU.roa
Signing time: Tue 11 Feb 2025 23:44:44 +0000
ROA not before: Tue 11 Feb 2025 23:44:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 61.217.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5514 (0x158a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D018173717C930ADD286E6E926957E1A49D89075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:a0:4f:d1:6e:1c:e2:d8:bb:30:97:00:7c:
e7:45:25:56:fc:e2:4b:53:d2:df:b3:08:fa:4b:4e:
c5:e4:80:76:fa:2a:41:35:3f:28:60:31:ab:d7:94:
8d:c5:52:55:ec:16:c0:df:dd:6e:3a:98:fa:f8:50:
fc:af:1b:81:8b:94:7e:83:57:69:0c:1d:df:d6:f8:
79:9d:17:b1:8d:f9:ec:26:28:17:6c:6c:b2:8f:75:
cf:4e:29:63:3b:cd:ee:53:86:2f:86:ab:2d:75:6b:
e1:95:1f:d0:bb:cb:6f:b8:b9:3d:76:96:81:a0:22:
46:f8:c7:7a:56:8e:71:dc:55:15:1a:d6:72:fd:5d:
cf:d1:c8:07:90:f6:c8:95:b2:cd:cc:1a:74:f1:47:
1b:42:97:6e:e3:d5:5a:9d:7e:c0:76:cc:f9:df:6c:
0f:0b:09:e0:46:6d:ba:77:fc:dd:51:d1:4e:70:74:
24:39:6b:c8:e9:46:1e:97:40:a2:2a:be:3a:d9:41:
d1:d9:55:5b:b2:6b:26:25:5f:9a:a8:00:20:05:7e:
eb:f6:eb:e7:4b:ec:a3:78:2d:26:66:7c:87:64:15:
90:f5:7b:98:a4:62:f0:78:0d:77:c4:95:b6:ea:4c:
23:40:c4:ab:42:16:2f:52:a5:25:be:ee:4c:8a:22:
a3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:18:17:37:17:C9:30:AD:D2:86:E6:E9:26:95:7E:1A:49:D8:90:75
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0BgXNxfJMK3ShubpJpV-GknYkHU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:83:0c:3e:bf:f6:7c:07:3e:6d:78:30:1c:75:05:5f:39:34:
01:13:c2:46:02:c8:a4:ce:ee:2d:44:34:4f:46:9e:7d:e6:39:
bf:ea:fb:69:4c:a7:19:59:21:74:fc:5b:67:1e:ca:80:b5:95:
b3:f1:0b:2a:37:b9:83:09:4d:f5:05:c9:81:96:17:7d:c7:05:
79:be:07:89:5b:0f:d3:53:f7:91:03:6a:d2:c0:4f:97:61:24:
cb:c1:d0:a0:eb:04:42:5c:6f:e1:1e:a2:14:e3:1b:7f:b0:97:
6f:90:f4:76:64:3b:5b:5c:5f:97:ad:a8:55:50:0b:05:af:0b:
23:ee:6d:b1:e2:da:f7:86:48:a6:f0:9d:e3:e1:b3:7f:8b:28:
0b:64:b7:8b:29:15:c4:ac:f7:99:02:91:08:58:58:ca:62:66:
03:15:f2:15:40:f8:f2:6d:2f:c5:02:12:51:a2:3b:f1:ec:bf:
fb:ca:c7:bf:b3:0b:ee:e2:91:46:94:54:57:57:e9:d6:c1:f3:
d6:25:7d:00:1b:02:a5:fa:25:bb:31:34:77:ef:fc:db:d8:f0:
35:38:7e:08:2e:97:59:a5:74:b7:ca:62:d9:b8:9c:2f:e3:8a:
d9:a3:0c:cb:0e:f8:90:55:a8:bf:75:29:75:4f:54:b5:da:d1:
ed:62:02:51
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQwMTgxNzM3MTdDOTMw
QUREMjg2RTZFOTI2OTU3RTFBNDlEODkwNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxKaBP0W4c4ti7MJcAfOdFJVb84ktT0t+zCPpLTsXkgHb6KkE1
PyhgMavXlI3FUlXsFsDf3W46mPr4UPyvG4GLlH6DV2kMHd/W+HmdF7GN+ewmKBds
bLKPdc9OKWM7ze5Thi+Gqy11a+GVH9C7y2+4uT12loGgIkb4x3pWjnHcVRUa1nL9
Xc/RyAeQ9siVss3MGnTxRxtCl27j1VqdfsB2zPnfbA8LCeBGbbp3/N1R0U5wdCQ5
a8jpRh6XQKIqvjrZQdHZVVuyayYlX5qoACAFfuv26+dL7KN4LSZmfIdkFZD1e5ik
YvB4DXfElbbqTCNAxKtCFi9SpSW+7kyKIqMjAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU0BgXNxfJMK3ShubpJpV+GknYkHUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8wQmdYTnhmSk1LM1NodWJwSnBW
LUdrbllrSFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAPdkw
DQYJKoZIhvcNAQELBQADggEBALeDDD6/9nwHPm14MBx1BV85NAETwkYCyKTO7i1E
NE9Gnn3mOb/q+2lMpxlZIXT8W2ceyoC1lbPxCyo3uYMJTfUFyYGWF33HBXm+B4lb
D9NT95EDatLAT5dhJMvB0KDrBEJcb+EeohTjG3+wl2+Q9HZkO1tcX5etqFVQCwWv
CyPubbHi2veGSKbwnePhs3+LKAtkt4spFcSs95kCkQhYWMpiZgMV8hVA+PJtL8UC
ElGiO/Hsv/vKx7+zC+7ikUaUVFdX6dbB89YlfQAbAqX6JbsxNHfv/NvY8DU4fggu
l1mldLfKYtm4nC/jitmjDMsO+JBVqL91KXVPVLXa0e1iAlE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:40:21 2025 by rpki-client