Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/7skKex8ShCkkp3g4issU6RNrNV0.roa
File: 7skKex8ShCkkp3g4issU6RNrNV0.roa (raw, json)
Hash identifier: xwxoSLaWshZcSBNmMqMNfJe5wpTjtdeB6j7hgjuo76c=
Subject key identifier: EE:C9:0A:7B:1F:12:84:29:24:A7:78:38:8A:CB:14:E9:13:6B:35:5D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1560
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/7skKex8ShCkkp3g4issU6RNrNV0.roa
Signing time: Tue 11 Feb 2025 23:44:35 +0000
ROA not before: Tue 11 Feb 2025 23:44:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5472 (0x1560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:35 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=EEC90A7B1F12842924A778388ACB14E9136B355D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:78:ff:fa:33:ee:94:5e:21:a1:9c:8c:ab:f6:
be:e8:70:92:d2:ff:d2:c5:9a:f4:1b:5a:dc:2d:3e:
28:c6:f4:a3:88:91:99:fd:c4:dd:95:bf:a4:ff:6e:
81:21:ba:d4:1c:4d:e9:64:ad:3e:7e:0a:b7:a5:8c:
b0:3d:da:b8:62:00:e2:77:74:26:80:4f:d6:0e:1b:
c3:36:01:2a:be:fc:8c:39:4e:d7:4f:e9:d9:f8:ab:
13:9a:d0:69:9b:6f:ee:e5:9e:05:d9:b2:57:d0:51:
34:44:57:55:7b:bb:93:cf:c1:4c:0b:18:24:e7:4c:
79:fd:8f:19:d3:36:ef:3d:dd:fc:9e:5a:a4:2d:4a:
a0:74:b4:81:bf:4d:6a:16:c1:b2:16:27:ae:bc:d3:
1f:a8:46:21:89:3e:19:bb:2a:46:61:8f:1d:57:e8:
aa:47:d3:14:0a:aa:45:fc:f5:f0:4a:3b:f5:3c:0d:
a8:d7:2e:cd:74:cc:be:d3:f1:b8:b4:59:c2:02:09:
c8:26:9f:38:93:f8:61:e7:f1:00:58:d3:b2:ac:2a:
b0:df:de:c2:08:63:84:8b:1b:22:41:a0:f4:4b:cf:
32:9e:bb:0d:81:e8:4c:88:15:72:05:b6:19:d0:a4:
35:90:3c:40:07:a1:29:37:fa:66:91:6b:54:a9:fe:
34:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C9:0A:7B:1F:12:84:29:24:A7:78:38:8A:CB:14:E9:13:6B:35:5D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/7skKex8ShCkkp3g4issU6RNrNV0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.79.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:58:a7:22:de:31:ba:ee:e6:a2:b8:37:92:67:ca:09:18:83:
96:15:54:4f:72:d8:f9:e4:09:82:fa:ef:27:e7:b5:6f:55:ac:
b8:56:26:c0:c2:87:1d:52:17:b9:f6:f5:18:96:85:5a:84:28:
c5:5a:19:23:e8:58:c1:e8:ad:c7:1f:c9:3e:83:d6:5d:78:03:
1f:51:38:47:67:02:d1:83:2b:3b:09:a0:6c:fc:5c:70:a8:13:
b5:1c:8f:86:5a:92:86:6d:3e:df:0c:8e:8b:02:00:c1:55:14:
df:be:46:28:e3:6a:54:30:06:2d:de:0d:ca:ee:69:d2:87:e4:
ed:fd:11:c0:a7:f5:ea:fb:76:dc:e6:e2:24:b3:21:5c:40:c6:
04:0b:3d:9f:c6:d4:97:b8:40:b2:fc:55:ef:e5:ee:43:75:98:
9c:2b:b5:8f:24:23:5f:cb:25:5d:38:33:10:6f:0f:13:1c:d6:
98:4b:24:b0:7d:5b:26:a9:67:79:cd:e9:53:29:9b:43:ca:03:
ff:67:d6:d6:a8:99:b0:96:51:4f:37:3e:17:81:3c:7c:78:cc:
d6:cd:1d:e3:72:a4:bd:e8:8b:ff:52:6c:76:8a:f3:76:37:da:
63:3a:76:db:8c:81:af:40:3a:59:62:36:b6:1c:a7:c3:9c:78:
3d:24:ff:2f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVFQzkwQTdCMUYxMjg0
MjkyNEE3NzgzODhBQ0IxNEU5MTM2QjM1NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCveP/6M+6UXiGhnIyr9r7ocJLS/9LFmvQbWtwtPijG9KOIkZn9
xN2Vv6T/boEhutQcTelkrT5+CreljLA92rhiAOJ3dCaAT9YOG8M2ASq+/Iw5TtdP
6dn4qxOa0Gmbb+7lngXZslfQUTREV1V7u5PPwUwLGCTnTHn9jxnTNu893fyeWqQt
SqB0tIG/TWoWwbIWJ6680x+oRiGJPhm7KkZhjx1X6KpH0xQKqkX89fBKO/U8DajX
Ls10zL7T8bi0WcICCcgmnziT+GHn8QBY07KsKrDf3sIIY4SLGyJBoPRLzzKeuw2B
6EyIFXIFthnQpDWQPEAHoSk3+maRa1Sp/jSBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU7skKex8ShCkkp3g4issU6RNrNV0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC83c2tLZXg4U2hDa2twM2c0aXNz
VTZSTnJOVjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBP
MA0GCSqGSIb3DQEBCwUAA4IBAQDKWKci3jG67uaiuDeSZ8oJGIOWFVRPctj55AmC
+u8n57VvVay4VibAwocdUhe59vUYloVahCjFWhkj6FjB6K3HH8k+g9ZdeAMfUThH
ZwLRgys7CaBs/FxwqBO1HI+GWpKGbT7fDI6LAgDBVRTfvkYo42pUMAYt3g3K7mnS
h+Tt/RHAp/Xq+3bc5uIksyFcQMYECz2fxtSXuECy/FXv5e5DdZicK7WPJCNfyyVd
ODMQbw8THNaYSySwfVsmqWd5zelTKZtDygP/Z9bWqJmwllFPNz4XgTx8eMzWzR3j
cqS96Iv/Umx2ivN2N9pjOnbbjIGvQDpZYja2HKfDnHg9JP8v
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:43:11 2025 by rpki-client