Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/IfqzGq9gd5ufkiGTmnjpV9SczNA.roa
File: IfqzGq9gd5ufkiGTmnjpV9SczNA.roa (raw, json)
Hash identifier: yHG5xXyLIWO04/WPcKKKlQ8M8bcTpg9fjYtnaomw/O8=
Subject key identifier: 21:FA:B3:1A:AF:60:77:9B:9F:92:21:93:9A:78:E9:57:D4:9C:CC:D0
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1505
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IfqzGq9gd5ufkiGTmnjpV9SczNA.roa
Signing time: Tue 11 Feb 2025 23:44:15 +0000
ROA not before: Tue 11 Feb 2025 23:44:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 203.66.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5381 (0x1505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=21FAB31AAF60779B9F9221939A78E957D49CCCD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:b4:6c:89:80:62:b1:83:27:79:f7:09:5e:
76:bb:a6:85:35:2c:96:2b:1a:bd:56:a0:3a:d0:6b:
3f:7e:88:52:55:d4:f7:ec:8c:d9:e0:22:93:ca:a7:
82:af:99:6a:2d:9d:bd:d1:10:9d:56:54:26:88:7a:
ef:47:19:9b:7b:5f:11:c0:88:a8:19:7a:e9:16:d7:
62:48:a3:57:d5:e3:7e:50:42:91:43:14:f7:47:70:
06:48:c9:ba:92:77:7d:51:0d:04:70:b3:37:3c:29:
1a:90:b5:9a:fe:75:fc:f3:f5:db:63:d0:98:22:3e:
07:7a:e5:94:3e:66:fb:b7:3b:f0:25:2c:a6:9b:e0:
78:ee:9d:3a:a4:13:db:a4:a1:31:e2:ba:26:6b:05:
a0:1a:fb:71:0f:8f:44:59:36:d5:b3:d4:0c:0e:61:
23:f3:87:45:7d:9a:d4:8c:3f:4b:f6:c1:9c:20:b2:
19:09:98:9f:72:38:35:7f:33:37:9a:f0:c5:4e:d6:
aa:2a:f6:89:6b:f8:43:a2:c1:54:4c:8c:6f:b2:d9:
65:03:97:63:ef:0b:01:57:ae:22:0d:13:ac:20:38:
7a:fb:4f:b3:4c:13:d3:a8:bc:fc:8f:f0:62:04:6e:
de:8f:91:f5:6c:7b:c6:1f:42:ce:74:e1:c7:b7:89:
3e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FA:B3:1A:AF:60:77:9B:9F:92:21:93:9A:78:E9:57:D4:9C:CC:D0
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IfqzGq9gd5ufkiGTmnjpV9SczNA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.66.151.0/24
Signature Algorithm: sha256WithRSAEncryption
47:3c:88:9e:e4:35:0d:e7:96:cd:4d:da:b6:d7:10:f7:15:64:
e0:1f:4a:92:a8:1f:69:18:11:4d:72:d9:68:8b:4c:e8:a1:6e:
9d:66:79:07:3e:89:96:c6:eb:96:38:ff:5d:f9:cc:a4:26:58:
bb:07:8c:23:99:bc:61:ff:bd:e0:b2:b0:82:e4:ff:70:e0:e8:
5f:a5:04:79:ea:38:c2:f6:fd:51:59:62:f7:c6:83:49:27:c9:
3e:fb:ba:c6:e5:0a:24:86:ed:e8:02:85:e1:d6:51:04:1c:c2:
69:3c:d5:15:f7:50:28:00:1a:f5:8a:b5:3b:7c:a5:8e:4c:a7:
21:42:d3:84:6b:8d:4a:d5:c7:6b:9e:cf:8f:77:7f:e5:a2:59:
15:5a:32:90:57:33:f4:ba:9f:5a:7e:29:59:79:d4:1f:67:b7:
d6:89:c3:48:33:0b:c6:e0:9a:be:d6:fa:6e:44:98:c3:ce:5f:
61:73:42:98:a6:97:46:c6:72:c4:1a:db:89:fe:50:92:24:6c:
ae:a1:9e:0b:44:94:bf:d9:d6:28:c7:d5:5a:e1:9f:20:34:53:
ab:29:70:45:1b:10:74:82:f2:b9:60:33:1a:0f:7f:d1:7f:9c:
bb:0d:31:f3:e2:68:cc:db:23:3b:ae:bf:8e:a9:3c:a4:89:0d:
a6:ae:78:25
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIxRkFCMzFBQUY2MDc3
OUI5RjkyMjE5MzlBNzhFOTU3RDQ5Q0NDRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx9rRsiYBisYMnefcJXna7poU1LJYrGr1WoDrQaz9+iFJV1Pfs
jNngIpPKp4KvmWotnb3REJ1WVCaIeu9HGZt7XxHAiKgZeukW12JIo1fV435QQpFD
FPdHcAZIybqSd31RDQRwszc8KRqQtZr+dfzz9dtj0JgiPgd65ZQ+Zvu3O/AlLKab
4HjunTqkE9ukoTHiuiZrBaAa+3EPj0RZNtWz1AwOYSPzh0V9mtSMP0v2wZwgshkJ
mJ9yODV/Mzea8MVO1qoq9olr+EOiwVRMjG+y2WUDl2PvCwFXriINE6wgOHr7T7NM
E9OovPyP8GIEbt6PkfVse8YfQs504ce3iT7vAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIfqzGq9gd5ufkiGTmnjpV9SczNAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9JZnF6R3E5Z2Q1dWZraUdUbW5q
cFY5U2N6TkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0KX
MA0GCSqGSIb3DQEBCwUAA4IBAQBHPIie5DUN55bNTdq21xD3FWTgH0qSqB9pGBFN
ctloi0zooW6dZnkHPomWxuuWOP9d+cykJli7B4wjmbxh/73gsrCC5P9w4OhfpQR5
6jjC9v1RWWL3xoNJJ8k++7rG5Qokhu3oAoXh1lEEHMJpPNUV91AoABr1irU7fKWO
TKchQtOEa41K1cdrns+Pd3/lolkVWjKQVzP0up9afilZedQfZ7fWicNIMwvG4Jq+
1vpuRJjDzl9hc0KYppdGxnLEGtuJ/lCSJGyuoZ4LRJS/2dYox9Va4Z8gNFOrKXBF
GxB0gvK5YDMaD3/Rf5y7DTHz4mjM2yM7rr+OqTykiQ2mrngl
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:38:24 2025 by rpki-client