Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/HtBh5iMFIGN_OtmuZMHmQ0sfQps.roa
File: HtBh5iMFIGN_OtmuZMHmQ0sfQps.roa (raw, json)
Hash identifier: /49KG17lKTgMiUOO/4CPt5xN14yV/4bYe9Qp2J4xfgE=
Subject key identifier: 1E:D0:61:E6:23:05:20:63:7F:3A:D9:AE:64:C1:E6:43:4B:1F:42:9B
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1562
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HtBh5iMFIGN_OtmuZMHmQ0sfQps.roa
Signing time: Tue 11 Feb 2025 23:44:36 +0000
ROA not before: Tue 11 Feb 2025 23:44:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 198949
IP address blocks: 210.61.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5474 (0x1562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1ED061E6230520637F3AD9AE64C1E6434B1F429B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:82:3e:bb:d7:73:c1:e2:52:27:bd:40:99:15:
4e:a7:de:54:6a:9a:b1:f6:bd:83:ee:89:47:93:d1:
b4:f4:de:ae:81:03:b1:5c:de:ae:b4:8a:c1:af:de:
a8:90:ae:c5:d5:a4:32:4c:96:62:7e:d5:61:be:7c:
a6:54:50:1e:18:b8:30:03:89:c3:20:fe:0f:e5:51:
1a:26:68:83:81:4f:ba:b0:fa:81:3f:07:5b:6f:b7:
3e:18:3f:29:06:44:fd:12:d8:ff:68:31:7f:cf:0e:
af:6a:27:f8:36:c2:2e:fe:4b:73:05:e2:37:ae:06:
4c:77:94:23:eb:12:d8:67:da:17:1e:87:35:33:45:
93:40:ff:ef:80:14:99:03:b8:e2:ad:1b:e3:7d:e4:
7d:7d:d5:54:a2:97:b2:e8:ca:46:c2:98:c1:25:4e:
18:f4:9e:9b:e6:d0:05:d6:d9:db:9d:63:07:7f:46:
47:67:89:b8:a9:d0:3b:e2:ec:22:5d:71:8f:b3:0d:
08:63:e1:78:62:1f:b6:d3:f6:23:16:4a:1c:a7:f7:
d4:d8:5f:a3:4b:7e:fb:dc:3d:31:4d:5e:49:18:ec:
79:62:7b:ee:35:26:46:a5:5f:19:d7:e9:86:f6:f1:
c7:b1:55:7c:e1:e3:92:44:60:70:ae:a7:e8:07:19:
1b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D0:61:E6:23:05:20:63:7F:3A:D9:AE:64:C1:E6:43:4B:1F:42:9B
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HtBh5iMFIGN_OtmuZMHmQ0sfQps.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.61.114.0/24
Signature Algorithm: sha256WithRSAEncryption
78:d1:96:df:5a:fc:61:96:02:19:a1:2e:78:39:78:c2:d8:fe:
33:2a:dc:23:0f:d3:cb:ac:03:48:bc:43:25:dc:b7:43:5a:66:
c9:95:f7:77:44:81:ce:99:f0:3e:fb:bc:4d:38:ab:ea:ee:ce:
30:cc:ee:1c:21:1a:30:70:d1:f0:4a:cc:dc:3b:20:3a:57:fc:
fb:2a:a7:6d:79:42:03:7a:d6:8d:2c:3b:cc:1c:cb:26:2c:95:
18:b2:19:b7:ed:b8:3f:90:44:97:a9:f3:96:ac:6b:14:09:a2:
4c:ac:7e:8b:12:26:2e:5d:27:b1:02:62:f3:24:95:53:c3:61:
7b:b4:aa:50:1f:e5:db:04:f2:22:8d:b4:0e:0b:32:06:b3:bf:
89:42:d4:b7:ae:d7:ff:7b:b6:68:17:c3:a6:b6:11:ee:ad:ea:
3c:4d:a4:9c:00:10:37:d6:98:0d:c9:bf:34:18:04:c2:32:91:
49:f4:03:26:32:af:b3:64:b5:57:85:63:aa:0f:d9:66:10:92:
e6:02:63:a5:52:3c:98:7b:de:7b:12:19:49:ee:97:e3:35:7f:
75:db:1a:38:9c:c3:eb:05:01:ad:0e:24:c5:34:c0:09:53:51:
1f:91:fd:3e:13:cf:c9:0c:16:e0:93:2a:1a:a4:c6:60:6a:67:
5e:7e:e2:08
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFRDA2MUU2MjMwNTIw
NjM3RjNBRDlBRTY0QzFFNjQzNEIxRjQyOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDogj6713PB4lInvUCZFU6n3lRqmrH2vYPuiUeT0bT03q6BA7Fc
3q60isGv3qiQrsXVpDJMlmJ+1WG+fKZUUB4YuDADicMg/g/lURomaIOBT7qw+oE/
B1tvtz4YPykGRP0S2P9oMX/PDq9qJ/g2wi7+S3MF4jeuBkx3lCPrEthn2hcehzUz
RZNA/++AFJkDuOKtG+N95H191VSil7LoykbCmMElThj0npvm0AXW2dudYwd/Rkdn
ibip0Dvi7CJdcY+zDQhj4XhiH7bT9iMWShyn99TYX6NLfvvcPTFNXkkY7Hlie+41
JkalXxnX6Yb28cexVXzh45JEYHCup+gHGRtBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHtBh5iMFIGN/OtmuZMHmQ0sfQpswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9IdEJoNWlNRklHTl9PdG11Wk1I
bVEwc2ZRcHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j1y
MA0GCSqGSIb3DQEBCwUAA4IBAQB40ZbfWvxhlgIZoS54OXjC2P4zKtwjD9PLrANI
vEMl3LdDWmbJlfd3RIHOmfA++7xNOKvq7s4wzO4cIRowcNHwSszcOyA6V/z7Kqdt
eUIDetaNLDvMHMsmLJUYshm37bg/kESXqfOWrGsUCaJMrH6LEiYuXSexAmLzJJVT
w2F7tKpQH+XbBPIijbQOCzIGs7+JQtS3rtf/e7ZoF8OmthHureo8TaScABA31pgN
yb80GATCMpFJ9AMmMq+zZLVXhWOqD9lmEJLmAmOlUjyYe957EhlJ7pfjNX912xo4
nMPrBQGtDiTFNMAJU1Efkf0+E8/JDBbgkyoapMZgamdefuII
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:56 2025 by rpki-client