Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/0iMx3qIp9PVj0sJgICAY_gzQ0yg.roa
File: 0iMx3qIp9PVj0sJgICAY_gzQ0yg.roa (raw, json)
Hash identifier: tckRbizxYK82ymj/tWx9fSQ5oum2CUQARZZgPWYZvKU=
Subject key identifier: D2:23:31:DE:A2:29:F4:F5:63:D2:C2:60:20:20:18:FE:0C:D0:D3:28
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1483
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0iMx3qIp9PVj0sJgICAY_gzQ0yg.roa
Signing time: Mon 10 Feb 2025 14:34:59 +0000
ROA not before: Mon 10 Feb 2025 14:34:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 23675
IP address blocks: 203.66.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5251 (0x1483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:59 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D22331DEA229F4F563D2C260202018FE0CD0D328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:03:eb:0c:0f:0d:34:b5:ac:38:2e:62:f7:79:
d5:b2:a7:de:da:02:d9:35:5d:ac:ac:d6:7f:08:d7:
e0:2d:24:5d:ed:84:6c:31:f4:55:34:ba:67:e9:b4:
d0:de:44:01:01:60:96:fd:1b:12:a4:7c:aa:bb:e8:
ca:76:54:e0:07:f2:e2:c3:72:a0:63:cd:ae:b6:65:
21:da:6c:19:6a:e8:67:de:28:51:20:28:b9:d5:cc:
92:c8:ca:8b:cf:ba:89:7d:c0:78:19:61:07:be:b3:
45:0f:88:ac:7a:b1:81:dc:15:d6:f5:bd:9e:cb:8b:
5f:3c:21:f7:2e:4e:13:ad:cd:06:14:98:c2:ef:a5:
cd:4d:25:46:b0:36:14:b7:c4:b7:ba:c9:33:5a:d1:
bd:0b:51:dc:02:60:c8:76:7f:9c:cd:06:2f:34:76:
b1:8a:a0:72:aa:7a:c9:31:49:18:e0:ec:1d:61:f7:
e9:18:5d:f3:3c:bf:66:04:18:42:78:4d:7d:4e:30:
e7:51:6d:d5:7e:d6:d6:9e:9a:8d:17:42:fd:64:69:
fd:c4:34:b5:3c:4a:03:00:c1:a4:89:ef:a2:5b:34:
3a:5f:9e:e4:1e:5f:54:58:d3:82:f9:f1:ec:4e:a4:
7f:80:87:df:9d:26:2a:8b:af:00:02:fa:f2:e0:fa:
54:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:23:31:DE:A2:29:F4:F5:63:D2:C2:60:20:20:18:FE:0C:D0:D3:28
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/0iMx3qIp9PVj0sJgICAY_gzQ0yg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.66.100.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:48:c5:f8:4a:9a:6f:08:4f:a2:c3:7d:40:a2:71:26:7d:93:
54:3e:66:a6:41:f9:7e:95:35:23:cb:dc:d0:59:d7:c9:49:74:
21:5a:c3:aa:f1:b1:02:1e:a1:75:3c:36:a4:e7:eb:97:82:82:
57:e3:ab:fa:d5:06:36:20:cf:08:8c:b3:70:25:45:8f:3f:a2:
3c:9a:40:41:d6:6d:d5:45:3e:a9:f8:4b:95:86:2e:a9:7a:b8:
b5:cd:39:70:21:9f:98:b4:ba:e1:d3:06:46:a8:e8:50:ba:3d:
10:94:14:97:77:be:d6:bc:4b:07:cf:ff:da:6a:b9:da:4c:2e:
3b:f4:98:fb:f1:5e:77:73:fa:84:4e:d9:89:73:f7:70:c3:58:
04:0f:85:0b:fe:dc:ea:b1:98:e2:90:b9:29:f5:46:a1:3b:b5:
92:68:55:8a:23:f1:c4:fd:af:0d:0b:ac:5c:20:84:f9:e0:35:
20:59:97:71:60:49:b4:18:61:c5:7a:d8:d2:35:7d:5a:76:39:
d8:ef:01:37:a5:d6:db:ca:77:05:5b:4e:4c:40:07:c7:d7:15:
fc:e1:61:3c:c1:36:15:fb:ee:2f:48:7f:45:0c:46:87:ff:91:
a2:fa:a6:ae:51:1b:77:97:f2:72:ac:30:3f:cd:d6:76:1d:93:
f1:95:47:42
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQyMjMzMURFQTIyOUY0
RjU2M0QyQzI2MDIwMjAxOEZFMENEMEQzMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmA+sMDw00taw4LmL3edWyp97aAtk1Xays1n8I1+AtJF3thGwx
9FU0umfptNDeRAEBYJb9GxKkfKq76Mp2VOAH8uLDcqBjza62ZSHabBlq6GfeKFEg
KLnVzJLIyovPuol9wHgZYQe+s0UPiKx6sYHcFdb1vZ7Li188IfcuThOtzQYUmMLv
pc1NJUawNhS3xLe6yTNa0b0LUdwCYMh2f5zNBi80drGKoHKqeskxSRjg7B1h9+kY
XfM8v2YEGEJ4TX1OMOdRbdV+1taemo0XQv1kaf3ENLU8SgMAwaSJ76JbNDpfnuQe
X1RY04L58exOpH+Ah9+dJiqLrwAC+vLg+lQPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU0iMx3qIp9PVj0sJgICAY/gzQ0ygwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8waU14M3FJcDlQVmowc0pnSUNB
WV9nelEweWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Jk
MA0GCSqGSIb3DQEBCwUAA4IBAQCoSMX4SppvCE+iw31AonEmfZNUPmamQfl+lTUj
y9zQWdfJSXQhWsOq8bECHqF1PDak5+uXgoJX46v61QY2IM8IjLNwJUWPP6I8mkBB
1m3VRT6p+EuVhi6peri1zTlwIZ+YtLrh0wZGqOhQuj0QlBSXd77WvEsHz//aarna
TC479Jj78V53c/qETtmJc/dww1gED4UL/tzqsZjikLkp9UahO7WSaFWKI/HE/a8N
C6xcIIT54DUgWZdxYEm0GGHFetjSNX1adjnY7wE3pdbbyncFW05MQAfH1xX84WE8
wTYV++4vSH9FDEaH/5Gi+qauURt3l/JyrDA/zdZ2HZPxlUdC
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:27:57 2025 by rpki-client