Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/OKsQnPszdk8PvLDZ8efl3scaMdM.roa
File: OKsQnPszdk8PvLDZ8efl3scaMdM.roa (raw, json)
Hash identifier: 6HpoV2G04L1ohrW6zYu6z6IQhPyn4354qXYNQeL6hzg=
Subject key identifier: 38:AB:10:9C:FB:33:76:4F:0F:BC:B0:D9:F1:E7:E5:DE:C7:1A:31:D3
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 153B
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OKsQnPszdk8PvLDZ8efl3scaMdM.roa
Signing time: Tue 11 Feb 2025 23:44:27 +0000
ROA not before: Tue 11 Feb 2025 23:44:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9680
IP address blocks: 202.39.80.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5435 (0x153b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:27 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=38AB109CFB33764F0FBCB0D9F1E7E5DEC71A31D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7e:04:33:6b:1b:01:64:05:6e:c5:a4:f2:be:
93:46:56:21:43:9a:30:ce:08:77:b3:0a:de:af:40:
34:da:8a:3a:46:24:fe:5f:11:ea:97:47:12:8a:24:
df:76:58:a8:db:3c:25:89:c7:37:0f:f6:ea:7e:f4:
cc:e7:2a:fc:e7:98:32:97:03:86:0e:35:bf:48:ae:
ad:eb:bb:68:fa:ff:b7:23:ac:89:d6:a7:8f:09:1d:
f4:5f:0d:23:22:81:68:84:12:7f:33:fb:a5:12:d0:
98:0b:59:c6:9e:e3:87:12:99:d9:b9:5c:24:6e:a9:
34:70:9f:a7:16:51:ce:4e:bf:37:d0:83:8d:c9:8e:
eb:3b:e4:f3:5f:8b:49:50:db:52:cb:02:e7:04:02:
c8:a2:74:44:74:87:e6:8a:81:c8:a8:b8:e6:b8:a6:
16:33:e2:7d:37:fd:24:8b:c5:a7:cf:eb:82:b1:ae:
e4:6e:60:42:de:3e:dd:94:e9:d6:f0:96:d4:11:26:
2b:31:01:fc:7b:58:77:17:ef:cd:84:41:dc:3b:b3:
fb:15:2d:01:82:1b:62:d2:4e:19:73:6d:a4:44:80:
02:72:af:5b:2f:19:0d:ba:ed:4a:76:c2:7f:60:a7:
f3:1c:32:83:9c:0e:8d:a2:b8:cf:da:fd:1b:68:c7:
67:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:10:9C:FB:33:76:4F:0F:BC:B0:D9:F1:E7:E5:DE:C7:1A:31:D3
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OKsQnPszdk8PvLDZ8efl3scaMdM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.39.80.0/20
Signature Algorithm: sha256WithRSAEncryption
30:e5:14:4c:87:57:13:f4:fd:13:e8:ec:48:da:8a:ce:2a:9d:
af:43:43:6f:b1:f9:45:ba:47:13:2f:ba:84:0c:b8:8f:0f:91:
79:31:8e:47:f8:dd:f4:1a:91:bc:aa:91:37:a9:bc:d3:2c:68:
93:b0:66:6e:e4:b4:7a:dd:31:9e:c8:37:e9:e6:05:db:a4:30:
96:a6:0d:95:cf:2f:88:96:e5:5a:ed:54:62:5b:b0:6f:80:27:
8f:9e:a2:a9:34:41:08:06:91:08:59:e5:c7:3f:ad:69:4e:73:
68:a2:3c:5e:77:6e:c5:fb:4b:d5:a1:2e:d5:32:c7:40:71:49:
b3:1f:f7:cc:e4:c3:56:ea:ed:46:f0:6e:8a:31:b1:3d:ba:2f:
a4:4d:60:ba:1a:a9:c3:15:a3:cb:83:e1:0f:eb:d9:21:e0:e3:
dc:0a:3b:da:2a:1a:4c:d2:7f:cf:9f:a9:fb:a9:35:ea:10:c6:
2b:f8:c5:5d:28:00:29:ef:83:57:b7:73:f9:e9:f0:63:16:00:
14:5b:1f:82:7e:66:29:47:c3:ff:c4:2e:e6:36:d4:77:53:f1:
12:67:38:e0:7a:17:15:ca:75:99:e7:6d:da:d1:0e:2d:f9:7f:
d1:2f:66:ed:c5:51:c9:f9:d6:21:ee:c1:83:53:25:1f:d8:25:
53:5a:fb:67
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM4QUIxMDlDRkIzMzc2
NEYwRkJDQjBEOUYxRTdFNURFQzcxQTMxRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrfgQzaxsBZAVuxaTyvpNGViFDmjDOCHezCt6vQDTaijpGJP5f
EeqXRxKKJN92WKjbPCWJxzcP9up+9MznKvznmDKXA4YONb9Irq3ru2j6/7cjrInW
p48JHfRfDSMigWiEEn8z+6US0JgLWcae44cSmdm5XCRuqTRwn6cWUc5OvzfQg43J
jus75PNfi0lQ21LLAucEAsiidER0h+aKgciouOa4phYz4n03/SSLxafP64KxruRu
YELePt2U6dbwltQRJisxAfx7WHcX782EQdw7s/sVLQGCG2LSThlzbaREgAJyr1sv
GQ267Up2wn9gp/McMoOcDo2iuM/a/Rtox2djAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOKsQnPszdk8PvLDZ8efl3scaMdMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9PS3NRblBzemRrOFB2TERaOGVm
bDNzY2FNZE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEyidQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAw5RRMh1cT9P0T6OxI2orOKp2vQ0NvsflFukcT
L7qEDLiPD5F5MY5H+N30GpG8qpE3qbzTLGiTsGZu5LR63TGeyDfp5gXbpDCWpg2V
zy+IluVa7VRiW7BvgCePnqKpNEEIBpEIWeXHP61pTnNoojxed27F+0vVoS7VMsdA
cUmzH/fM5MNW6u1G8G6KMbE9ui+kTWC6GqnDFaPLg+EP69kh4OPcCjvaKhpM0n/P
n6n7qTXqEMYr+MVdKAAp74NXt3P56fBjFgAUWx+CfmYpR8P/xC7mNtR3U/ESZzjg
ehcVynWZ523a0Q4t+X/RL2btxVHJ+dYh7sGDUyUf2CVTWvtn
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:35:34 2025 by rpki-client