Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/NpRMo9ujyTk9qrWnxXcvXVCK2KA.roa
File: NpRMo9ujyTk9qrWnxXcvXVCK2KA.roa (raw, json)
Hash identifier: B3nXuv7+opAVJb2Vz8QI+awf8loA8gqCFcQs3MLChiY=
Subject key identifier: 36:94:4C:A3:DB:A3:C9:39:3D:AA:B5:A7:C5:77:2F:5D:50:8A:D8:A0
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1430
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NpRMo9ujyTk9qrWnxXcvXVCK2KA.roa
Signing time: Mon 10 Feb 2025 14:34:42 +0000
ROA not before: Mon 10 Feb 2025 14:34:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 20940
IP address blocks: 203.74.67.0/25 maxlen: 25
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5168 (0x1430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:42 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=36944CA3DBA3C9393DAAB5A7C5772F5D508AD8A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0f:05:40:8a:67:ff:20:f6:a9:09:f9:94:54:
d6:10:24:ea:fa:45:f1:2d:54:5f:4d:c5:7a:00:b2:
eb:16:df:77:17:c6:cd:a3:39:8b:cb:bb:50:b7:63:
af:a8:03:31:e1:ad:09:5e:c0:27:fa:5b:dc:23:9a:
06:a1:85:b1:f5:41:ea:1d:8c:78:19:56:79:87:aa:
75:e6:f2:49:d5:59:31:1b:46:4d:a7:68:ab:68:60:
21:88:a7:7d:98:11:45:3b:2f:fa:53:da:87:78:61:
72:0a:f6:54:27:39:4f:48:58:32:e9:ee:9d:b7:ec:
5c:96:a1:b4:96:a0:0a:65:55:97:c8:82:da:f2:39:
6b:ff:35:80:27:f3:22:5a:2f:c3:6d:73:61:5a:a6:
73:e5:a0:6c:11:81:1e:9b:ce:fd:27:a5:f2:95:fa:
b9:4d:5b:70:7e:1c:7a:c2:af:d9:ef:8a:c2:d2:c5:
e6:67:4a:c7:06:8a:d5:00:aa:a3:de:b1:88:c3:b4:
54:68:36:d0:5e:ee:3f:18:59:69:db:26:69:72:33:
ff:ce:d6:43:27:9d:63:dd:6d:b9:59:b2:80:01:c4:
b3:75:04:33:e8:d0:53:3a:55:f0:28:8b:8a:ee:2e:
9d:03:6d:88:87:b8:40:69:32:67:2a:ce:f2:e3:20:
7e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:94:4C:A3:DB:A3:C9:39:3D:AA:B5:A7:C5:77:2F:5D:50:8A:D8:A0
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NpRMo9ujyTk9qrWnxXcvXVCK2KA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.74.67.0/25
Signature Algorithm: sha256WithRSAEncryption
57:4f:b7:43:bc:ae:77:3d:cf:f9:2c:c2:6d:d1:11:88:01:e0:
61:d9:3b:f1:43:98:e6:6b:3b:2c:54:f9:21:25:92:a7:0f:e1:
12:31:37:df:85:7e:1e:81:99:f7:c4:3f:ca:bf:ec:18:67:bf:
1b:c2:9b:ef:9c:ca:57:ab:de:2c:12:5e:8f:f1:20:ff:28:4c:
63:d9:67:23:81:43:74:a5:85:67:25:cf:22:f3:6a:54:af:e9:
7a:60:ca:5c:9e:51:51:30:03:89:e0:f7:0e:a3:73:26:26:53:
be:9e:e5:e4:98:e5:6c:d2:c9:03:7d:6d:ee:52:33:18:b3:d3:
7c:f1:3d:3f:3f:d7:96:7a:46:60:94:b6:2a:03:f3:b1:97:7a:
29:06:0e:22:c8:8c:05:14:d3:89:78:6d:87:c2:85:43:eb:49:
1d:ea:d7:6b:be:4c:99:d4:71:cc:bf:f4:bf:d9:60:7b:40:e0:
22:0c:11:dc:f2:aa:7f:d7:8c:ac:5f:d0:1d:36:7c:a9:eb:fa:
3b:7d:4e:cd:1b:4e:f7:1e:31:19:54:2f:74:4a:79:bb:dd:db:
72:92:68:ec:36:9d:4b:b7:8e:ca:2a:0f:37:19:33:ef:40:21:
07:86:f5:57:d1:86:49:d5:db:de:e8:97:ff:7a:43:88:3c:81:
c8:68:a0:66
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICFDAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM2OTQ0Q0EzREJBM0M5
MzkzREFBQjVBN0M1NzcyRjVENTA4QUQ4QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdDwVAimf/IPapCfmUVNYQJOr6RfEtVF9NxXoAsusW33cXxs2j
OYvLu1C3Y6+oAzHhrQlewCf6W9wjmgahhbH1QeodjHgZVnmHqnXm8knVWTEbRk2n
aKtoYCGIp32YEUU7L/pT2od4YXIK9lQnOU9IWDLp7p237FyWobSWoAplVZfIgtry
OWv/NYAn8yJaL8Ntc2FapnPloGwRgR6bzv0npfKV+rlNW3B+HHrCr9nvisLSxeZn
SscGitUAqqPesYjDtFRoNtBe7j8YWWnbJmlyM//O1kMnnWPdbblZsoABxLN1BDPo
0FM6VfAoi4ruLp0DbYiHuEBpMmcqzvLjIH4LAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUNpRMo9ujyTk9qrWnxXcvXVCK2KAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OcFJNbzl1anlUazlxcldueFhj
dlhWQ0syS0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHy0pD
ADANBgkqhkiG9w0BAQsFAAOCAQEAV0+3Q7yudz3P+SzCbdERiAHgYdk78UOY5ms7
LFT5ISWSpw/hEjE334V+HoGZ98Q/yr/sGGe/G8Kb75zKV6veLBJej/Eg/yhMY9ln
I4FDdKWFZyXPIvNqVK/pemDKXJ5RUTADieD3DqNzJiZTvp7l5JjlbNLJA31t7lIz
GLPTfPE9Pz/XlnpGYJS2KgPzsZd6KQYOIsiMBRTTiXhth8KFQ+tJHerXa75MmdRx
zL/0v9lge0DgIgwR3PKqf9eMrF/QHTZ8qev6O31OzRtO9x4xGVQvdEp5u93bcpJo
7DadS7eOyioPNxkz70AhB4b1V9GGSdXb3uiX/3pDiDyByGigZg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:29:53 2025 by rpki-client