Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/3RMUmo0ZFaT-oNoxr0EpmXoj9_I.roa
File: 3RMUmo0ZFaT-oNoxr0EpmXoj9_I.roa (raw, json)
Hash identifier: TvtaOgBBh2wK/8DqmrmEPVKQbx+gkpklUAkQvJPP4nc=
Subject key identifier: DD:13:14:9A:8D:19:15:A4:FE:A0:DA:31:AF:41:29:99:7A:23:F7:F2
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1559
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3RMUmo0ZFaT-oNoxr0EpmXoj9_I.roa
Signing time: Tue 11 Feb 2025 23:44:33 +0000
ROA not before: Tue 11 Feb 2025 23:44:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 221.120.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5465 (0x1559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:33 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DD13149A8D1915A4FEA0DA31AF4129997A23F7F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:67:bd:38:27:a0:26:68:26:b7:5a:37:b1:
34:20:91:39:ab:7d:4c:f1:97:62:35:28:cb:1d:10:
e7:82:47:73:e5:cc:01:fa:d7:c8:f5:23:10:c7:3f:
5a:a2:d4:e8:bf:9b:20:44:e6:00:34:35:71:ae:ac:
f6:63:27:90:63:ba:9b:34:16:57:2f:3e:b7:85:09:
ba:ee:d9:f6:97:46:94:c9:d0:d8:2b:79:10:3a:85:
25:dc:ba:ca:e7:45:80:75:7c:6a:01:88:9e:ca:77:
f4:0b:99:30:91:43:9f:dc:c4:35:99:95:c6:22:62:
6d:ce:01:f4:a2:a6:4c:d6:1e:0b:83:10:97:1a:9d:
15:32:8c:eb:ed:a6:40:be:8e:0c:db:8c:5c:70:fd:
09:ec:0c:72:13:8e:32:7d:49:22:10:10:e5:51:37:
11:06:2a:78:b8:09:b1:85:ee:6c:53:82:30:0c:f6:
fb:42:75:7c:55:11:1c:8b:fa:90:a4:61:e1:98:b6:
f3:97:0e:f0:05:95:2b:c1:9e:f8:a7:71:85:16:20:
d6:08:b1:e2:93:15:ed:d4:87:ca:af:f1:c8:25:ff:
0c:f3:ff:60:e3:80:1c:29:13:7a:b1:e8:9b:4a:25:
67:69:a7:70:cf:84:70:46:f4:1a:04:f5:ac:7b:61:
69:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:13:14:9A:8D:19:15:A4:FE:A0:DA:31:AF:41:29:99:7A:23:F7:F2
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3RMUmo0ZFaT-oNoxr0EpmXoj9_I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.21.0/24
Signature Algorithm: sha256WithRSAEncryption
82:f2:a4:f9:c5:ce:81:12:ab:51:71:44:7f:c9:ad:e1:5b:e6:
3a:5f:6d:b2:e8:04:d8:6c:2e:06:71:7c:65:0f:77:aa:56:95:
43:9f:23:c1:6d:a0:4d:70:c0:1c:2d:1b:9e:78:00:93:87:52:
35:62:80:bb:f4:70:0e:cc:ab:2e:66:bb:c1:a6:81:47:f5:b4:
62:44:2e:5a:2e:1f:7b:d0:97:13:39:c7:0b:c5:6d:c5:a2:a3:
c1:47:75:4c:fe:7d:90:60:9e:de:bb:9d:a5:92:db:70:2e:a0:
1e:ae:fe:3a:5c:89:7a:28:ed:a2:4d:57:e8:aa:e1:41:86:3e:
14:1f:92:4d:6e:ec:d4:bd:a2:f8:b9:87:48:0c:60:ea:1f:e5:
35:6f:c0:e2:9c:62:1f:d8:34:c2:a9:58:b2:5d:47:33:47:29:
e1:2f:9a:8b:23:1e:d1:9c:ae:b6:a3:a6:21:78:60:42:07:9b:
fc:8e:ef:d6:ac:a5:ab:ac:02:47:98:62:ae:9c:ad:cf:b0:ab:
19:82:4d:c6:88:d8:b4:a3:8c:89:a9:e0:d2:45:61:d6:0c:e2:
77:03:56:10:72:c4:50:21:4d:f8:9c:d1:79:c8:f8:3c:fd:c4:
94:18:8e:ec:49:3f:1c:43:c0:9e:cf:59:f1:0b:30:e1:fb:1f:
bc:0d:4d:c9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREMTMxNDlBOEQxOTE1
QTRGRUEwREEzMUFGNDEyOTk5N0EyM0Y3RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVWGe9OCegJmgmt1o3sTQgkTmrfUzxl2I1KMsdEOeCR3PlzAH6
18j1IxDHP1qi1Oi/myBE5gA0NXGurPZjJ5Bjups0FlcvPreFCbru2faXRpTJ0Ngr
eRA6hSXcusrnRYB1fGoBiJ7Kd/QLmTCRQ5/cxDWZlcYiYm3OAfSipkzWHguDEJca
nRUyjOvtpkC+jgzbjFxw/QnsDHITjjJ9SSIQEOVRNxEGKni4CbGF7mxTgjAM9vtC
dXxVERyL+pCkYeGYtvOXDvAFlSvBnvincYUWINYIseKTFe3Uh8qv8cgl/wzz/2Dj
gBwpE3qx6JtKJWdpp3DPhHBG9BoE9ax7YWn/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3RMUmo0ZFaT+oNoxr0EpmXoj9/IwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8zUk1VbW8wWkZhVC1vTm94cjBF
cG1Yb2o5X0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgV
MA0GCSqGSIb3DQEBCwUAA4IBAQCC8qT5xc6BEqtRcUR/ya3hW+Y6X22y6ATYbC4G
cXxlD3eqVpVDnyPBbaBNcMAcLRueeACTh1I1YoC79HAOzKsuZrvBpoFH9bRiRC5a
Lh970JcTOccLxW3FoqPBR3VM/n2QYJ7eu52lkttwLqAerv46XIl6KO2iTVfoquFB
hj4UH5JNbuzUvaL4uYdIDGDqH+U1b8DinGIf2DTCqViyXUczRynhL5qLIx7RnK62
o6YheGBCB5v8ju/WrKWrrAJHmGKunK3PsKsZgk3GiNi0o4yJqeDSRWHWDOJ3A1YQ
csRQIU34nNF5yPg8/cSUGI7sST8cQ8Cez1nxCzDh+x+8DU3J
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:20:08 2025 by rpki-client