Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/MnhdM6JmJZvXuaEEyx2JVtO5EfI.roa
File: MnhdM6JmJZvXuaEEyx2JVtO5EfI.roa (raw, json)
Hash identifier: PYydULbsrVjucqjnVXIegpgTvYvwox/hVblE/Bw2UjU=
Subject key identifier: 32:78:5D:33:A2:66:25:9B:D7:B9:A1:04:CB:1D:89:56:D3:B9:11:F2
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11B9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MnhdM6JmJZvXuaEEyx2JVtO5EfI.roa
Signing time: Mon 26 Aug 2024 05:17:52 +0000
ROA not before: Mon 26 Aug 2024 05:17:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 211.21.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4537 (0x11b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:52 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=32785D33A266259BD7B9A104CB1D8956D3B911F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:6d:06:56:41:9d:d1:c9:f1:4f:12:c0:0d:
ce:3a:20:de:2d:bf:70:60:89:eb:6f:b8:71:28:6d:
5f:32:d8:75:0d:ca:4d:00:76:f8:8b:38:0f:d0:24:
74:14:16:b6:23:8f:6b:61:44:37:5c:01:eb:8d:00:
c5:b2:63:95:c2:15:af:87:93:e9:7f:73:bf:06:be:
16:9e:53:e6:62:01:4d:9e:d5:d2:91:78:22:a4:5e:
99:d1:53:dc:82:fd:57:79:3e:0c:ba:d5:0f:e3:20:
6d:25:7d:91:cf:ce:1b:10:cf:10:dc:13:63:df:20:
f1:be:5a:2a:78:20:0f:a7:04:90:57:0a:a1:fd:e8:
7a:80:0b:1d:a4:b7:f0:a8:a5:98:1a:c8:a2:38:cf:
96:98:1f:a1:4e:20:8a:64:10:8b:cc:ef:63:2e:6d:
a7:98:49:2d:2c:2b:e7:46:3a:c2:44:da:d8:78:31:
fa:20:7e:5e:13:9c:ba:a6:44:dc:11:e6:03:46:f7:
43:2a:e5:a0:04:00:7c:4d:c3:da:e3:5d:a8:51:38:
6f:57:3d:00:15:73:32:3a:65:24:15:dd:d8:35:85:
6b:d4:f9:ab:32:e3:c1:ae:5c:55:f4:87:1a:b9:7b:
03:ab:18:ca:86:ca:6b:91:56:5e:84:66:8f:8b:60:
ff:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:78:5D:33:A2:66:25:9B:D7:B9:A1:04:CB:1D:89:56:D3:B9:11:F2
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MnhdM6JmJZvXuaEEyx2JVtO5EfI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c2:19:87:52:d1:2e:86:6c:42:3d:68:b7:7e:c1:bd:88:26:99:
06:e4:5b:46:44:27:c7:2c:fa:98:ab:9f:bd:44:86:b2:ba:66:
a0:b7:d0:31:fa:d1:74:8c:65:43:bb:75:b1:f3:9a:13:3d:5b:
77:92:6f:6e:c0:77:8e:e6:53:73:d5:45:cb:12:02:de:cb:86:
da:20:b5:cd:49:76:e2:d9:99:65:19:d1:ad:ad:fc:35:a1:99:
11:b6:a6:d1:e5:ab:a0:82:24:38:77:9f:34:9a:8d:9f:f7:c4:
57:a5:1f:82:a5:c1:c3:d6:92:e2:f0:d5:cc:65:09:98:21:6d:
7d:1c:37:4b:a5:6a:01:c8:85:68:61:17:7a:eb:37:d9:f7:28:
2b:43:e2:51:0f:2f:8d:7a:f6:2d:55:d7:49:da:ab:f6:43:41:
70:9e:87:05:c7:61:73:03:c2:ba:5d:b7:a2:0b:5a:6d:30:42:
fe:17:8b:5f:99:1f:d6:0b:14:6b:20:26:89:2d:a2:1a:d6:e1:
6b:7d:e9:13:21:3f:fe:71:89:39:a2:9e:f4:b2:56:69:c4:f8:
51:6d:bd:7c:41:5d:3f:1c:f7:a0:c4:37:12:54:66:bd:76:a2:
06:0b:aa:0d:04:bf:cc:8f:36:4a:ef:c2:81:f5:15:b4:b7:25:
7b:e0:0e:83
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICEbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMyNzg1RDMzQTI2NjI1
OUJEN0I5QTEwNENCMUQ4OTU2RDNCOTExRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnSW0GVkGd0cnxTxLADc46IN4tv3BgietvuHEobV8y2HUNyk0A
dviLOA/QJHQUFrYjj2thRDdcAeuNAMWyY5XCFa+Hk+l/c78GvhaeU+ZiAU2e1dKR
eCKkXpnRU9yC/Vd5Pgy61Q/jIG0lfZHPzhsQzxDcE2PfIPG+Wip4IA+nBJBXCqH9
6HqACx2kt/CopZgayKI4z5aYH6FOIIpkEIvM72MubaeYSS0sK+dGOsJE2th4Mfog
fl4TnLqmRNwR5gNG90Mq5aAEAHxNw9rjXahROG9XPQAVczI6ZSQV3dg1hWvU+asy
48GuXFX0hxq5ewOrGMqGymuRVl6EZo+LYP+lAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUMnhdM6JmJZvXuaEEyx2JVtO5EfIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9NbmhkTTZKbUpadlh1YUVFeXgy
SlZ0TzVFZkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xUw
DQYJKoZIhvcNAQELBQADggEBAMIZh1LRLoZsQj1ot37BvYgmmQbkW0ZEJ8cs+pir
n71EhrK6ZqC30DH60XSMZUO7dbHzmhM9W3eSb27Ad47mU3PVRcsSAt7Lhtogtc1J
duLZmWUZ0a2t/DWhmRG2ptHlq6CCJDh3nzSajZ/3xFelH4KlwcPWkuLw1cxlCZgh
bX0cN0ulagHIhWhhF3rrN9n3KCtD4lEPL4169i1V10naq/ZDQXCehwXHYXMDwrpd
t6ILWm0wQv4Xi1+ZH9YLFGsgJoktohrW4Wt96RMhP/5xiTminvSyVmnE+FFtvXxB
XT8c96DENxJUZr12ogYLqg0Ev8yPNkrvwoH1FbS3JXvgDoM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:42 2025 by rpki-client