Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa
File: CQxg2TuzshyBUsyDgRszBEJK8X8.roa (raw, json)
Hash identifier: /QgB91b4CwAjP0K0cp3XvNVc7tuH1xPLQ/MqDsODIRA=
Subject key identifier: 09:0C:60:D9:3B:B3:B2:1C:81:52:CC:83:81:1B:33:04:42:4A:F1:7F
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 123E
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa
Signing time: Fri 20 Sep 2024 02:48:26 +0000
ROA not before: Fri 20 Sep 2024 02:48:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 2001:b400::/23 maxlen: 64
Validation: Failed, certificate revoked on Mon 10 Feb 2025 12:51:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4670 (0x123e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 20 02:48:26 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=090C60D93BB3B21C8152CC83811B3304424AF17F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:8b:54:b4:b5:8e:0e:4b:16:7a:4d:7c:05:
79:05:fa:20:ac:0f:f8:09:84:53:eb:0c:c4:a8:fe:
8f:91:cd:e0:7c:37:21:5c:d4:8e:46:f9:ab:c0:b4:
e7:f6:b3:cb:a3:b8:97:bd:2b:85:0a:9c:99:9d:ab:
62:e8:91:b9:ce:0e:d5:cc:a0:b6:e2:be:10:82:0c:
cf:32:36:e9:14:0a:26:97:75:c2:0a:6d:6e:ef:0f:
96:c9:00:1a:f8:2d:d2:a9:b3:dd:80:2d:08:02:71:
9a:ba:76:40:d9:6a:1a:2a:c6:7b:ac:8c:3e:be:74:
6d:f8:80:44:ed:29:ab:11:b9:2c:1f:8c:2b:d2:70:
a1:a2:f2:ff:41:01:be:9f:07:b9:f3:8e:36:3d:28:
90:b6:f0:d0:ea:2c:3a:e1:98:cb:d6:91:0f:9d:c0:
43:28:e3:96:3e:d5:f1:d5:b5:7d:64:d5:36:fd:6b:
04:26:ea:d5:f8:36:11:1e:c8:3d:4e:f9:a5:27:b4:
fc:ee:92:e8:86:de:60:6c:e8:dd:6b:27:a1:a7:25:
ca:60:34:fb:03:d4:cd:0c:fe:0d:9a:45:dc:89:89:
db:e8:20:0f:a2:5c:df:e7:08:8a:cd:f8:66:c5:a4:
a6:f5:38:e1:18:c5:cc:1c:65:0f:bf:0c:57:71:3d:
58:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0C:60:D9:3B:B3:B2:1C:81:52:CC:83:81:1B:33:04:42:4A:F1:7F
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQxg2TuzshyBUsyDgRszBEJK8X8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b400::/23
Signature Algorithm: sha256WithRSAEncryption
82:02:f0:2c:53:6b:20:e2:fd:ee:44:e4:07:d7:3e:a6:bb:bb:
7a:ba:a4:71:58:6d:1c:93:fe:a6:bf:d0:27:6d:35:57:e7:2a:
a6:b9:53:3f:c8:00:b4:44:d5:21:68:a3:28:69:94:54:c4:2c:
70:9f:a7:09:f4:64:2b:34:17:7c:0c:37:05:ed:c2:55:dc:aa:
06:af:a6:ea:f3:d5:c9:b7:17:32:7d:94:c3:98:85:4a:e8:5d:
a7:6b:da:05:ee:7c:2f:f9:5c:fb:64:98:f4:df:63:fc:60:86:
3a:1d:62:40:b4:49:c6:73:4c:82:30:24:b0:83:e8:99:ca:c8:
b2:9c:c1:d1:4c:97:26:91:f3:ac:85:52:52:ba:40:50:b7:ad:
71:80:6e:7a:ac:97:ad:1a:24:9d:92:b0:bb:48:cf:c5:ee:1d:
84:58:63:36:77:db:f4:ef:4b:65:22:6c:6b:4c:e6:5b:fa:9c:
db:f8:2f:3f:c3:22:57:26:3d:43:1e:49:86:3c:0d:14:81:47:
65:c3:d5:c9:83:dd:d0:4d:e9:f8:d0:7c:f7:a7:db:0b:13:79:
e0:f6:18:eb:8b:06:2f:bf:f2:44:51:1e:e9:0e:10:0b:b9:2c:
a3:f3:6b:94:61:02:92:c6:a2:77:c8:3f:83:12:67:71:67:59:
2d:96:17:8d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA5MjAw
MjQ4MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5MEM2MEQ5M0JCM0Iy
MUM4MTUyQ0M4MzgxMUIzMzA0NDI0QUYxN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzn4tUtLWODksWek18BXkF+iCsD/gJhFPrDMSo/o+RzeB8NyFc
1I5G+avAtOf2s8ujuJe9K4UKnJmdq2LokbnODtXMoLbivhCCDM8yNukUCiaXdcIK
bW7vD5bJABr4LdKps92ALQgCcZq6dkDZahoqxnusjD6+dG34gETtKasRuSwfjCvS
cKGi8v9BAb6fB7nzjjY9KJC28NDqLDrhmMvWkQ+dwEMo45Y+1fHVtX1k1Tb9awQm
6tX4NhEeyD1O+aUntPzukuiG3mBs6N1rJ6GnJcpgNPsD1M0M/g2aRdyJidvoIA+i
XN/nCIrN+GbFpKb1OOEYxcwcZQ+/DFdxPVjbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCQxg2TuzshyBUsyDgRszBEJK8X8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9DUXhnMlR1enNoeUJVc3lEZ1Jz
ekJFSks4WDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBIAG0
MA0GCSqGSIb3DQEBCwUAA4IBAQCCAvAsU2sg4v3uROQH1z6mu7t6uqRxWG0ck/6m
v9AnbTVX5yqmuVM/yAC0RNUhaKMoaZRUxCxwn6cJ9GQrNBd8DDcF7cJV3KoGr6bq
89XJtxcyfZTDmIVK6F2na9oF7nwv+Vz7ZJj032P8YIY6HWJAtEnGc0yCMCSwg+iZ
ysiynMHRTJcmkfOshVJSukBQt61xgG56rJetGiSdkrC7SM/F7h2EWGM2d9v070tl
ImxrTOZb+pzb+C8/wyJXJj1DHkmGPA0UgUdlw9XJg93QTen40Hz3p9sLE3ng9hjr
iwYvv/JEUR7pDhALuSyj82uUYQKSxqJ3yD+DEmdxZ1ktlheN
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:35:41 2025 by rpki-client