Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/NHGc0QmE0UGn_26DDjv5BRESpno.roa
File: NHGc0QmE0UGn_26DDjv5BRESpno.roa (raw, json)
Hash identifier: 4QOSIORK/RtZqEaqrPkmKTc3ABAt87flBd0JUqleo0Q=
Subject key identifier: 34:71:9C:D1:09:84:D1:41:A7:FF:6E:83:0E:3B:F9:05:11:12:A6:7A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 154C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NHGc0QmE0UGn_26DDjv5BRESpno.roa
Signing time: Tue 11 Feb 2025 23:44:30 +0000
ROA not before: Tue 11 Feb 2025 23:44:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 61.218.0.0/15 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5452 (0x154c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=34719CD10984D141A7FF6E830E3BF9051112A67A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4e:65:d3:12:11:95:2f:9b:77:9e:01:e0:6b:
29:e7:66:e5:c7:85:85:54:0f:94:a7:3b:15:a8:99:
d1:5b:e4:4f:32:b5:77:e3:09:dc:33:72:8e:c4:00:
bd:c0:98:5a:5b:82:5a:23:84:0d:46:b5:70:6e:6d:
02:73:f8:56:04:5a:3d:48:0c:bf:f0:d6:38:e5:d1:
6a:e5:f6:af:61:00:37:1f:22:07:d3:dc:35:bc:a8:
eb:19:09:25:1d:c9:bc:cd:05:cc:9c:47:a5:1d:a2:
fe:cc:42:12:5b:94:1f:e9:ca:af:34:d3:9f:d3:7a:
82:bb:bb:b6:ee:8d:43:46:60:00:41:8f:40:b5:5a:
d7:5c:0f:8f:97:2d:c7:2f:bd:a6:ab:f7:fb:12:e0:
b5:e6:f8:a8:42:b1:6f:cb:5b:be:24:90:02:b6:e6:
30:08:3a:ca:31:36:bf:aa:10:ae:c3:46:ba:db:8c:
e8:5a:12:95:56:af:cf:10:60:95:43:a4:ec:a0:7e:
76:3b:44:e7:47:cf:bd:e3:40:e3:8d:5f:48:9f:54:
2e:b0:46:f3:54:3c:5f:4d:d3:48:d4:37:95:35:76:
20:ab:69:63:52:21:40:c1:ff:69:48:28:9b:ea:a0:
32:42:65:d6:33:6a:42:e5:11:72:37:14:1e:42:f1:
8f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:71:9C:D1:09:84:D1:41:A7:FF:6E:83:0E:3B:F9:05:11:12:A6:7A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NHGc0QmE0UGn_26DDjv5BRESpno.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
54:53:42:36:0b:27:89:46:7b:0a:88:30:fc:28:6b:d3:3d:46:
5e:52:a2:4f:30:e3:02:e5:a0:03:0e:f5:83:f6:27:15:0a:4a:
eb:46:f7:ce:cb:5f:97:7b:82:82:a0:7e:88:bc:7e:1e:ff:12:
f3:43:71:ff:b2:32:26:91:a9:8d:b0:15:0e:e5:b8:e8:db:e4:
6b:bd:da:46:4d:7c:61:b8:ec:7e:af:af:0d:07:c4:21:3a:ca:
d9:b7:8d:36:4a:ba:b3:fc:51:1f:ca:69:34:a2:2f:67:64:2b:
ab:ba:2d:8f:33:3e:d2:b6:1e:79:9d:4d:fd:e6:4f:fc:5d:5e:
49:5f:68:a2:ef:03:8d:39:a3:c3:b7:73:0d:f8:45:47:6f:0c:
36:50:70:0e:10:5f:6e:21:81:8d:24:af:a4:6b:10:29:10:cd:
c4:14:8c:b1:d0:2b:40:4a:24:da:5b:af:03:5f:e6:71:1d:c4:
b2:77:9a:ed:d3:5e:ee:45:51:fe:80:ab:57:00:dc:88:30:37:
7b:99:20:d7:7c:7c:ae:62:c9:06:d1:54:f0:e6:7d:6f:0e:56:
81:4b:27:da:0a:d8:67:33:fc:1a:e5:58:e3:5e:90:5f:7f:59:
5c:df:4a:b1:20:97:98:9a:b1:6a:cb:f2:01:ed:f9:24:5b:77:
19:9f:47:10
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFUwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM0NzE5Q0QxMDk4NEQx
NDFBN0ZGNkU4MzBFM0JGOTA1MTExMkE2N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwTmXTEhGVL5t3ngHgaynnZuXHhYVUD5SnOxWomdFb5E8ytXfj
Cdwzco7EAL3AmFpbglojhA1GtXBubQJz+FYEWj1IDL/w1jjl0Wrl9q9hADcfIgfT
3DW8qOsZCSUdybzNBcycR6Udov7MQhJblB/pyq8005/TeoK7u7bujUNGYABBj0C1
WtdcD4+XLccvvaar9/sS4LXm+KhCsW/LW74kkAK25jAIOsoxNr+qEK7DRrrbjOha
EpVWr88QYJVDpOygfnY7ROdHz73jQOONX0ifVC6wRvNUPF9N00jUN5U1diCraWNS
IUDB/2lIKJvqoDJCZdYzakLlEXI3FB5C8Y+ZAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNHGc0QmE0UGn/26DDjv5BRESpnowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OSEdjMFFtRTBVR25fMjZERGp2
NUJSRVNwbm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBPdow
DQYJKoZIhvcNAQELBQADggEBAFRTQjYLJ4lGewqIMPwoa9M9Rl5Sok8w4wLloAMO
9YP2JxUKSutG987LX5d7goKgfoi8fh7/EvNDcf+yMiaRqY2wFQ7luOjb5Gu92kZN
fGG47H6vrw0HxCE6ytm3jTZKurP8UR/KaTSiL2dkK6u6LY8zPtK2HnmdTf3mT/xd
XklfaKLvA405o8O3cw34RUdvDDZQcA4QX24hgY0kr6RrECkQzcQUjLHQK0BKJNpb
rwNf5nEdxLJ3mu3TXu5FUf6Aq1cA3IgwN3uZINd8fK5iyQbRVPDmfW8OVoFLJ9oK
2Gcz/BrlWONekF9/WVzfSrEgl5iasWrL8gHt+SRbdxmfRxA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:40:49 2025 by rpki-client