Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa
File: 2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa (raw, json)
Hash identifier: FVD6rxrqSA4OFojar0vc2NJkdo+0CjcrN/uiS/T9N6A=
Subject key identifier: D8:CC:20:0D:C0:B6:33:EC:DF:13:66:E9:2C:1D:91:35:23:D3:67:B3
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11B5
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa
Signing time: Mon 26 Aug 2024 05:17:51 +0000
ROA not before: Mon 26 Aug 2024 05:17:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 33717
IP address blocks: 220.128.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4533 (0x11b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:51 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D8CC200DC0B633ECDF1366E92C1D913523D367B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e3:6e:fe:e7:7a:10:f5:90:66:96:a8:5f:88:
ad:a8:76:ae:7a:5a:38:0a:d7:f3:0f:8e:a7:cb:db:
f3:49:6e:1d:48:c5:ed:da:9b:94:cd:70:2c:06:2f:
9f:fb:e8:65:c1:54:2a:67:d8:5c:74:83:17:63:3f:
36:fc:aa:76:47:b0:04:6a:58:95:be:34:f7:f6:3c:
59:fa:04:eb:80:08:e9:5c:37:4e:c1:af:69:df:5a:
7b:e8:e2:0a:1a:50:47:68:f6:df:56:d4:66:91:a9:
e9:89:e2:ac:d9:0b:ba:75:3c:28:78:6b:23:b9:90:
7c:fe:bb:e7:e2:2d:43:c1:24:72:1d:64:df:ce:b7:
95:34:a6:d2:b2:89:f0:0f:05:60:95:72:e4:94:e7:
86:22:d5:20:ff:4d:81:66:85:bf:4e:2f:ce:ba:25:
ce:47:1a:3e:1f:0b:65:13:1f:26:5b:80:2e:2b:88:
89:91:5b:7f:73:75:9d:2b:d4:f0:29:98:9b:68:b9:
79:3d:d7:32:8d:0f:1c:5c:2f:e5:8e:2b:22:2b:50:
57:39:02:24:77:ed:fe:59:7c:7c:2a:80:da:46:17:
33:17:1c:ff:f0:75:b4:6b:6f:2c:b8:70:83:a2:5d:
80:0a:2c:7b:72:69:4a:6b:ca:1a:d4:54:05:bb:d8:
77:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CC:20:0D:C0:B6:33:EC:DF:13:66:E9:2C:1D:91:35:23:D3:67:B3
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2MwgDcC2M-zfE2bpLB2RNSPTZ7M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.55.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:63:0f:1e:ab:32:83:28:05:d1:54:82:fb:45:b0:01:7a:40:
f2:9c:25:aa:7a:c0:c4:dc:ce:ad:59:25:00:fb:81:e5:c7:0d:
7e:91:c5:55:c1:d4:fa:f9:69:ca:22:f2:79:3c:18:cf:15:ae:
3c:1c:33:f7:73:8e:a1:b3:20:5e:24:b0:2c:9a:c2:2d:48:06:
2b:56:93:ed:3c:dc:3f:68:56:ed:4b:31:db:63:fe:fe:06:0c:
3f:60:76:ef:0d:2d:bb:36:3e:e3:a7:78:3d:ff:ef:e7:b1:05:
36:d8:91:32:8d:97:04:53:79:8e:6c:5f:fe:2b:ef:d8:8e:56:
02:b1:98:36:0f:5f:86:64:49:09:cc:16:06:a4:65:3e:6f:d4:
ff:d4:ae:1f:e2:9b:90:8f:d6:c5:c6:44:7d:e7:99:f0:86:c6:
b1:78:4b:a5:f7:1c:e0:49:5a:4f:87:1d:3e:1b:f2:a7:7f:4b:
f9:c7:e3:fd:3c:a8:61:aa:18:c9:db:71:c3:67:3f:13:91:99:
af:15:2e:9f:d8:2c:71:2e:68:2e:67:ae:80:ba:00:95:48:ed:
65:6e:a8:5a:3d:49:a0:37:64:4c:44:56:6f:67:1b:5f:3d:60:
c8:78:f6:32:29:05:32:20:c5:e1:3c:5d:d0:e4:ac:16:de:70:
37:2d:b6:de
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4Q0MyMDBEQzBCNjMz
RUNERjEzNjZFOTJDMUQ5MTM1MjNEMzY3QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW427+53oQ9ZBmlqhfiK2odq56WjgK1/MPjqfL2/NJbh1Ixe3a
m5TNcCwGL5/76GXBVCpn2Fx0gxdjPzb8qnZHsARqWJW+NPf2PFn6BOuACOlcN07B
r2nfWnvo4goaUEdo9t9W1GaRqemJ4qzZC7p1PCh4ayO5kHz+u+fiLUPBJHIdZN/O
t5U0ptKyifAPBWCVcuSU54Yi1SD/TYFmhb9OL866Jc5HGj4fC2UTHyZbgC4riImR
W39zdZ0r1PApmJtouXk91zKNDxxcL+WOKyIrUFc5AiR37f5ZfHwqgNpGFzMXHP/w
dbRrbyy4cIOiXYAKLHtyaUpryhrUVAW72HeBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2MwgDcC2M+zfE2bpLB2RNSPTZ7MwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yTXdnRGNDMk0temZFMmJwTEIy
Uk5TUFRaN00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IA3
MA0GCSqGSIb3DQEBCwUAA4IBAQCyYw8eqzKDKAXRVIL7RbABekDynCWqesDE3M6t
WSUA+4Hlxw1+kcVVwdT6+WnKIvJ5PBjPFa48HDP3c46hsyBeJLAsmsItSAYrVpPt
PNw/aFbtSzHbY/7+Bgw/YHbvDS27Nj7jp3g9/+/nsQU22JEyjZcEU3mObF/+K+/Y
jlYCsZg2D1+GZEkJzBYGpGU+b9T/1K4f4puQj9bFxkR955nwhsaxeEul9xzgSVpP
hx0+G/Knf0v5x+P9PKhhqhjJ23HDZz8TkZmvFS6f2CxxLmguZ66AugCVSO1lbqha
PUmgN2RMRFZvZxtfPWDIePYyKQUyIMXhPF3Q5KwW3nA3Lbbe
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:19:09 2025 by rpki-client