Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa
File: Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa (raw, json)
Hash identifier: 5B7bxTtqB5AGLp+HO/EoefOncpraWCAYsXduch10Qgw=
Subject key identifier: 1A:DD:65:15:DB:BA:A9:96:45:DA:DB:37:CB:59:4A:D9:77:71:62:2D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1179
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa
Signing time: Mon 26 Aug 2024 05:17:34 +0000
ROA not before: Mon 26 Aug 2024 05:17:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.132.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4473 (0x1179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:34 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1ADD6515DBBAA99645DADB37CB594AD97771622D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3d:d5:b2:be:c1:d4:fe:a8:63:cd:44:2d:f0:
8f:dc:37:a7:e9:cb:8c:32:de:8c:61:85:f0:d7:8d:
fe:9a:b4:17:b7:1f:3c:61:de:62:6f:76:be:a9:a7:
19:03:b3:34:7c:b9:64:d2:0c:53:04:3d:7c:06:62:
53:26:22:fa:05:8a:af:20:b7:94:81:24:43:bb:e7:
51:7f:58:24:2b:15:0d:d8:d9:f0:08:12:2a:8b:e8:
36:b0:8b:5e:a4:22:6b:95:99:0a:f4:54:ce:5e:fa:
6b:76:57:e9:bf:9b:10:1d:42:df:9b:1e:e6:d4:6c:
df:df:28:5f:e8:5c:70:14:ce:35:d5:b3:78:1e:70:
23:80:b6:17:d4:70:4b:16:05:32:22:c5:df:41:ab:
61:e5:b1:0f:b1:98:f4:62:5a:8a:48:52:51:e0:ed:
75:6e:28:a0:c2:48:12:13:e2:96:63:a5:3d:52:3f:
71:e5:e9:73:6e:cc:b0:6a:a2:17:20:7b:52:f6:bc:
8c:ac:79:67:d2:58:0e:a1:01:67:f0:c1:2e:c4:53:
90:fe:d2:4f:ec:db:2e:f6:de:90:33:5f:68:19:ce:
62:5b:e1:cb:f8:85:c6:05:30:8d:94:ad:ae:f7:19:
40:6e:cf:7d:4d:02:8d:3b:94:bb:2f:c6:98:a6:7a:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DD:65:15:DB:BA:A9:96:45:DA:DB:37:CB:59:4A:D9:77:71:62:2D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Gt1lFdu6qZZF2ts3y1lK2XdxYi0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.132.0.0/14
Signature Algorithm: sha256WithRSAEncryption
4d:56:c8:52:01:88:97:b2:3b:3f:76:44:8e:8e:e1:f5:59:e1:
9d:2b:50:b1:36:a3:61:66:23:b1:65:89:63:9a:b9:6a:7c:b3:
3b:98:35:62:ab:bb:66:43:0b:1b:7f:0f:28:b9:30:cc:85:49:
33:8a:53:a4:df:d3:6b:57:ae:cf:9f:5c:71:55:65:5d:6e:d6:
0e:19:e1:0e:ce:aa:2b:02:a8:18:4e:26:ea:da:6e:0b:e4:5d:
6a:28:54:62:06:1c:6d:06:7f:a9:92:41:af:af:cb:aa:27:ac:
c4:8f:de:eb:58:1d:f7:37:99:63:21:1c:f7:67:5b:ae:5d:c3:
8f:fc:31:24:a9:d1:63:3d:d9:ad:aa:11:6a:47:29:b5:03:a8:
96:e1:ca:eb:a7:53:b3:af:17:86:8f:6a:4e:34:24:80:29:b3:
12:b9:0c:40:19:65:2e:29:a1:d6:91:1c:49:be:72:53:80:3e:
30:69:92:00:4a:f6:d9:72:a3:82:5d:23:f5:b8:bb:04:d1:fc:
2f:d5:20:81:36:68:10:ba:e3:7d:5f:45:96:a8:23:b8:77:74:
cf:4d:99:9e:79:93:f0:d2:e6:f2:85:f5:59:fa:79:e6:36:79:
dc:a8:86:6e:0b:f6:ca:16:ac:30:25:8d:57:13:2e:b8:54:26:
ad:07:09:53
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICEXkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFBREQ2NTE1REJCQUE5
OTY0NURBREIzN0NCNTk0QUQ5Nzc3MTYyMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOPdWyvsHU/qhjzUQt8I/cN6fpy4wy3oxhhfDXjf6atBe3Hzxh
3mJvdr6ppxkDszR8uWTSDFMEPXwGYlMmIvoFiq8gt5SBJEO751F/WCQrFQ3Y2fAI
EiqL6Dawi16kImuVmQr0VM5e+mt2V+m/mxAdQt+bHubUbN/fKF/oXHAUzjXVs3ge
cCOAthfUcEsWBTIixd9Bq2HlsQ+xmPRiWopIUlHg7XVuKKDCSBIT4pZjpT1SP3Hl
6XNuzLBqohcge1L2vIyseWfSWA6hAWfwwS7EU5D+0k/s2y723pAzX2gZzmJb4cv4
hcYFMI2Ura73GUBuz31NAo07lLsvxpimeoHHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUGt1lFdu6qZZF2ts3y1lK2XdxYi0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9HdDFsRmR1NnFaWkYydHMzeTFs
SzJYZHhZaTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC3IQw
DQYJKoZIhvcNAQELBQADggEBAE1WyFIBiJeyOz92RI6O4fVZ4Z0rULE2o2FmI7Fl
iWOauWp8szuYNWKru2ZDCxt/Dyi5MMyFSTOKU6Tf02tXrs+fXHFVZV1u1g4Z4Q7O
qisCqBhOJurabgvkXWooVGIGHG0Gf6mSQa+vy6onrMSP3utYHfc3mWMhHPdnW65d
w4/8MSSp0WM92a2qEWpHKbUDqJbhyuunU7OvF4aPak40JIApsxK5DEAZZS4podaR
HEm+clOAPjBpkgBK9tlyo4JdI/W4uwTR/C/VIIE2aBC6431fRZaoI7h3dM9NmZ55
k/DS5vKF9Vn6eeY2edyohm4L9soWrDAljVcTLrhUJq0HCVM=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:37:54 2025 by rpki-client