Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/9fbCwqIAl51je88yMN4EgWo3FdU.roa
File: 9fbCwqIAl51je88yMN4EgWo3FdU.roa (raw, json)
Hash identifier: jdJYi5ALrk7VmCiKaV1IPqLNQ8csFNi1EsNUf8vFYzI=
Subject key identifier: F5:F6:C2:C2:A2:00:97:9D:63:7B:CF:32:30:DE:04:81:6A:37:15:D5
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 12A6
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9fbCwqIAl51je88yMN4EgWo3FdU.roa
Signing time: Fri 24 Jan 2025 10:19:00 +0000
ROA not before: Fri 24 Jan 2025 10:19:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131660
IP address blocks: 203.74.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 12:51:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4774 (0x12a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Jan 24 10:19:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F5F6C2C2A200979D637BCF3230DE04816A3715D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:09:5c:1c:c8:ad:18:41:6a:5d:0c:b8:fc:
3b:44:f3:76:06:0d:99:12:13:0f:6c:58:11:84:c6:
25:bf:ad:8d:60:ed:39:40:e1:76:44:13:cd:72:f3:
59:d7:5e:6f:18:e4:41:95:3b:53:63:f8:5b:79:f3:
9e:56:92:60:08:de:74:96:2c:11:4e:07:57:e8:56:
e4:51:5f:84:b1:3d:08:16:f1:d8:f7:69:4b:66:e5:
f9:91:43:77:a3:d4:2e:2b:c4:11:dd:b2:42:7f:aa:
70:30:f6:d9:d0:9b:67:6e:cf:20:ce:a2:f7:11:77:
a0:24:9b:f4:fb:1b:71:08:3d:0a:cf:88:25:a1:1d:
1a:49:f5:7a:6f:e4:0e:e9:7a:0e:8a:e0:a9:ba:45:
fa:11:a4:2c:44:bd:68:76:d9:4a:9f:9b:69:92:b5:
8f:95:1f:05:d3:06:45:d8:58:9f:92:59:06:02:5e:
27:be:6f:8d:4c:00:a8:30:ce:7d:e0:45:e3:28:a1:
98:e8:a5:fd:85:a2:57:62:3c:19:fd:23:e1:19:5e:
5b:18:3f:cf:40:61:58:46:f3:19:5f:af:84:69:c6:
64:eb:cf:99:3f:94:1b:2e:e4:76:cf:40:04:57:6f:
c0:47:c5:47:51:d6:64:38:61:6c:85:11:8b:47:58:
e4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F6:C2:C2:A2:00:97:9D:63:7B:CF:32:30:DE:04:81:6A:37:15:D5
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9fbCwqIAl51je88yMN4EgWo3FdU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.74.220.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:03:5f:9e:8a:4f:1c:05:fa:6e:aa:6f:33:fe:9a:36:c9:ac:
71:ff:ed:b5:20:4c:28:f1:4b:5f:b7:db:eb:42:de:90:02:7c:
55:fb:a3:27:7e:d0:45:96:ce:64:ea:fd:d0:42:1c:94:e9:58:
71:77:88:a9:b7:f8:39:ef:f7:a3:ea:9f:4e:70:39:a8:07:c4:
60:b2:4c:ce:62:a6:32:dd:fb:e4:45:00:de:38:ad:34:4f:76:
1e:e2:ba:c0:cf:3b:a5:be:72:74:11:3b:77:c5:45:60:1c:99:
98:af:26:2b:9a:a4:be:7f:bc:f3:8e:e0:8e:ed:89:fa:20:4c:
e6:41:c7:49:55:00:08:1b:35:a3:20:c8:08:36:e4:8d:38:2c:
e5:b7:57:55:b0:4a:4d:7d:43:49:66:48:46:93:fe:b6:0b:07:
68:7f:ee:7e:8c:d5:82:35:02:c4:27:70:29:5f:88:b7:ca:75:
85:12:ca:4d:f0:35:63:52:e7:30:e6:6f:7b:86:98:2f:30:32:
c7:4b:5f:a7:b0:86:b2:51:00:79:92:53:25:25:13:e4:a7:1e:
cb:27:69:50:e0:8a:05:47:df:af:74:8f:65:ab:39:37:85:8f:
67:79:12:05:13:2d:d0:f6:26:7c:29:1c:2d:2f:c2:8d:19:3f:
04:36:a7:1c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAxMjQx
MDE5MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY1RjZDMkMyQTIwMDk3
OUQ2MzdCQ0YzMjMwREUwNDgxNkEzNzE1RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr1glcHMitGEFqXQy4/DtE83YGDZkSEw9sWBGExiW/rY1g7TlA
4XZEE81y81nXXm8Y5EGVO1Nj+Ft5855WkmAI3nSWLBFOB1foVuRRX4SxPQgW8dj3
aUtm5fmRQ3ej1C4rxBHdskJ/qnAw9tnQm2duzyDOovcRd6Akm/T7G3EIPQrPiCWh
HRpJ9Xpv5A7peg6K4Km6RfoRpCxEvWh22Uqfm2mStY+VHwXTBkXYWJ+SWQYCXie+
b41MAKgwzn3gReMooZjopf2FoldiPBn9I+EZXlsYP89AYVhG8xlfr4RpxmTrz5k/
lBsu5HbPQARXb8BHxUdR1mQ4YWyFEYtHWOSlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9fbCwqIAl51je88yMN4EgWo3FdUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC85ZmJDd3FJQWw1MWplODh5TU40
RWdXbzNGZFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCy0rc
MA0GCSqGSIb3DQEBCwUAA4IBAQC/A1+eik8cBfpuqm8z/po2yaxx/+21IEwo8Utf
t9vrQt6QAnxV+6MnftBFls5k6v3QQhyU6Vhxd4ipt/g57/ej6p9OcDmoB8RgskzO
YqYy3fvkRQDeOK00T3Ye4rrAzzulvnJ0ETt3xUVgHJmYryYrmqS+f7zzjuCO7Yn6
IEzmQcdJVQAIGzWjIMgINuSNOCzlt1dVsEpNfUNJZkhGk/62Cwdof+5+jNWCNQLE
J3ApX4i3ynWFEspN8DVjUucw5m97hpgvMDLHS1+nsIayUQB5klMlJRPkpx7LJ2lQ
4IoFR9+vdI9lqzk3hY9neRIFEy3Q9iZ8KRwtL8KNGT8ENqcc
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:54 2025 by rpki-client