Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/HcK01-3CpcXzfMDNq8OSImbgKdg.roa
File: HcK01-3CpcXzfMDNq8OSImbgKdg.roa (raw, json)
Hash identifier: +IIX6x59I4NhTxyJxDNmiEY/MtTyY0vsqGl8ivG68eU=
Subject key identifier: 1D:C2:B4:D7:ED:C2:A5:C5:F3:7C:C0:CD:AB:C3:92:22:66:E0:29:D8
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1470
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HcK01-3CpcXzfMDNq8OSImbgKdg.roa
Signing time: Mon 10 Feb 2025 14:34:55 +0000
ROA not before: Mon 10 Feb 2025 14:34:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 2001:b000::/23 maxlen: 64
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5232 (0x1470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1DC2B4D7EDC2A5C5F37CC0CDABC3922266E029D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c5:43:2b:29:d8:3f:76:67:4a:c8:e7:66:c5:
8f:5f:a2:dd:46:75:84:9a:d2:b7:3c:6c:ac:29:9e:
cd:66:12:31:26:88:b3:00:78:65:54:ad:d6:59:e2:
8a:03:d1:cc:7d:78:d1:72:72:46:1a:b5:9c:a7:36:
e7:d5:7e:b7:95:a0:1a:6c:c8:59:78:9a:f5:fc:05:
04:24:00:db:cb:e0:b5:a9:3c:00:e1:42:2d:b5:cf:
10:ce:25:1c:55:c7:be:be:f3:45:b8:83:5b:d5:e2:
20:85:88:a9:7b:e1:90:5d:f5:1f:d1:e2:9a:f8:b4:
15:a5:27:31:c8:26:29:e2:f5:0f:88:69:ad:4a:90:
0f:e9:a7:4d:06:d1:1f:e7:f8:23:96:62:cc:89:2e:
df:f0:3f:96:9d:14:dc:45:24:4f:41:d4:25:2b:6b:
2b:64:04:50:9f:45:d2:ea:e2:35:51:c6:8d:0b:bf:
b4:4c:8e:35:3c:36:5a:cd:94:44:89:e4:9c:d3:2e:
6e:2d:2d:03:3f:ab:2a:f0:73:a3:27:d5:62:7e:2e:
81:71:c8:35:79:0c:e9:b2:66:68:00:6c:5e:79:03:
a6:64:f3:32:6c:21:78:b9:c6:ec:85:b0:e5:51:43:
a6:29:b3:ff:04:7e:5a:3e:25:5c:86:85:6a:cd:47:
72:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C2:B4:D7:ED:C2:A5:C5:F3:7C:C0:CD:AB:C3:92:22:66:E0:29:D8
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HcK01-3CpcXzfMDNq8OSImbgKdg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000::/23
Signature Algorithm: sha256WithRSAEncryption
77:55:87:70:eb:35:e6:dd:5a:1d:89:54:39:c5:1b:2e:17:91:
90:7c:ef:59:75:6f:f0:04:ca:0f:fc:7f:f1:d0:34:ee:8d:93:
c6:6b:99:f5:39:9b:20:c5:83:0c:bb:dd:dc:53:af:a2:53:bd:
f7:21:60:12:22:20:af:f1:8b:31:af:8b:d5:65:e3:97:5c:a4:
7b:f2:29:c2:53:4c:ff:ec:a1:73:ce:9b:de:43:57:d0:ca:00:
ca:e6:cf:22:12:ad:8f:0d:9c:97:c0:e1:4a:c8:f5:fe:a3:46:
5a:c0:75:d7:fc:c7:95:44:f5:d1:88:38:30:a9:7c:0f:1a:ae:
ea:04:90:0c:79:3d:ee:ab:c1:17:e4:cb:f0:45:7a:9d:7a:08:
c3:51:37:72:db:8c:c2:17:2c:35:9c:c3:67:fa:90:cf:92:ea:
c2:df:64:cd:58:33:db:4d:7b:7e:eb:25:c9:40:89:9c:e6:20:
2e:66:56:d7:b8:bc:d6:8a:c1:db:8a:3d:fb:33:f4:6f:28:85:
45:ed:e4:10:9c:42:36:8f:79:88:d5:17:e2:66:a4:16:64:e2:
2e:08:8a:af:04:7c:a9:b3:ea:c9:21:ed:0a:23:79:b3:9e:99:
00:db:69:8e:c4:ca:8f:c9:04:88:72:4a:71:a9:2c:18:ac:e8:
36:23:6d:2e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFEQzJCNEQ3RURDMkE1
QzVGMzdDQzBDREFCQzM5MjIyNjZFMDI5RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZxUMrKdg/dmdKyOdmxY9fot1GdYSa0rc8bKwpns1mEjEmiLMA
eGVUrdZZ4ooD0cx9eNFyckYatZynNufVfreVoBpsyFl4mvX8BQQkANvL4LWpPADh
Qi21zxDOJRxVx76+80W4g1vV4iCFiKl74ZBd9R/R4pr4tBWlJzHIJini9Q+Iaa1K
kA/pp00G0R/n+COWYsyJLt/wP5adFNxFJE9B1CUraytkBFCfRdLq4jVRxo0Lv7RM
jjU8NlrNlESJ5JzTLm4tLQM/qyrwc6Mn1WJ+LoFxyDV5DOmyZmgAbF55A6Zk8zJs
IXi5xuyFsOVRQ6Yps/8Eflo+JVyGhWrNR3L7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHcK01+3CpcXzfMDNq8OSImbgKdgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9IY0swMS0zQ3BjWHpmTUROcThP
U0ltYmdLZGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBIAGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB3VYdw6zXm3VodiVQ5xRsuF5GQfO9ZdW/wBMoP
/H/x0DTujZPGa5n1OZsgxYMMu93cU6+iU733IWASIiCv8Ysxr4vVZeOXXKR78inC
U0z/7KFzzpveQ1fQygDK5s8iEq2PDZyXwOFKyPX+o0ZawHXX/MeVRPXRiDgwqXwP
Gq7qBJAMeT3uq8EX5MvwRXqdegjDUTdy24zCFyw1nMNn+pDPkurC32TNWDPbTXt+
6yXJQImc5iAuZlbXuLzWisHbij37M/RvKIVF7eQQnEI2j3mI1RfiZqQWZOIuCIqv
BHyps+rJIe0KI3mznpkA22mOxMqPyQSIckpxqSwYrOg2I20u
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:32:13 2025 by rpki-client