Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/PWrtIg-nC6yHuP6fFteJNORMdqk.roa
File: PWrtIg-nC6yHuP6fFteJNORMdqk.roa (raw, json)
Hash identifier: YDabwqVUPb7rhtDEbgR/MZY1XYHTVHcY0gZhBKua6qY=
Subject key identifier: 3D:6A:ED:22:0F:A7:0B:AC:87:B8:FE:9F:16:D7:89:34:E4:4C:76:A9
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14D1
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PWrtIg-nC6yHuP6fFteJNORMdqk.roa
Signing time: Mon 10 Feb 2025 14:35:18 +0000
ROA not before: Mon 10 Feb 2025 14:35:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 211.72.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5329 (0x14d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3D6AED220FA70BAC87B8FE9F16D78934E44C76A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1c:59:8b:3f:bf:d3:5b:dd:62:ed:8c:55:b6:
fe:04:b6:7c:2b:74:08:ed:d8:96:57:66:2f:f3:ab:
ee:91:51:5e:0f:2a:14:63:76:11:87:a4:5d:9c:51:
a6:e2:51:cd:ae:e6:4b:07:19:6d:85:9b:00:0e:46:
a5:13:1f:e1:fe:24:8c:a2:fe:55:0c:86:f6:dd:62:
a0:4b:d4:07:b1:1c:e5:87:6c:14:cd:92:09:b2:c2:
70:0e:ec:0b:1c:9f:04:88:ab:0c:a1:75:a7:fc:a0:
16:a6:b8:42:89:40:5f:02:91:a3:c1:a0:05:f7:bb:
d1:96:9b:f0:9f:ad:32:e3:10:45:d0:99:5e:42:f8:
e6:d2:c4:98:12:2d:a9:1e:65:11:8a:1d:0c:75:32:
90:f8:43:27:e3:64:0e:53:25:a1:7c:28:25:b0:6b:
cf:b9:7b:ae:a6:12:2f:35:73:be:c7:4b:a6:1e:41:
b3:4d:b7:eb:d7:06:f4:64:db:d4:c0:19:93:e3:08:
f5:e2:16:1e:da:e9:ce:0c:55:5b:cc:4a:f7:2f:9b:
3f:62:74:b1:02:b6:8d:39:97:3d:5c:19:20:f5:99:
90:f6:27:bd:42:86:d7:ac:46:37:9a:99:59:73:99:
ad:e0:c4:77:a9:83:75:0b:58:3d:72:f7:28:75:4b:
f8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6A:ED:22:0F:A7:0B:AC:87:B8:FE:9F:16:D7:89:34:E4:4C:76:A9
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PWrtIg-nC6yHuP6fFteJNORMdqk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.72.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ce:c4:20:27:14:c9:02:e1:93:f2:ef:32:c3:14:da:39:2a:bc:
d1:f0:ac:b6:56:8d:eb:c7:ea:a4:3d:91:b7:3f:3b:e5:f0:9c:
d6:61:76:2a:e5:22:83:2d:d2:6b:da:14:98:35:be:1f:88:42:
46:67:eb:d4:cc:2d:40:75:e2:ba:89:b2:ba:f7:25:57:dc:ce:
11:0b:1a:11:37:32:99:0c:1e:6a:3d:0d:f3:8c:aa:7a:d4:51:
2f:79:d0:82:d1:b8:72:ae:26:02:05:64:72:55:66:22:69:a4:
a7:5e:0d:f6:dd:32:52:77:b8:8c:4e:50:85:ff:fd:6a:3d:e3:
ec:29:0c:76:86:91:eb:67:cc:28:9a:cd:4c:ee:3e:c6:93:68:
0a:f1:db:f9:d1:5a:38:af:c4:fc:e3:04:26:2e:f7:bf:02:29:
c1:b3:70:5d:04:e5:9b:e1:bc:8d:34:5e:35:22:68:51:f2:62:
1c:e0:b1:7b:48:05:82:a2:6f:aa:d3:27:e9:97:63:61:18:63:
80:d0:b3:cc:26:d2:f3:61:2a:53:41:66:93:b0:01:a4:d4:40:
61:3c:5b:9d:8b:bb:19:90:9a:06:1c:4a:44:b4:7e:10:a1:dd:
58:bd:97:16:81:cf:40:35:6d:68:36:e3:b0:8e:66:15:ee:48:
21:c1:f5:40
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNENkFFRDIyMEZBNzBC
QUM4N0I4RkU5RjE2RDc4OTM0RTQ0Qzc2QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFHFmLP7/TW91i7YxVtv4EtnwrdAjt2JZXZi/zq+6RUV4PKhRj
dhGHpF2cUabiUc2u5ksHGW2FmwAORqUTH+H+JIyi/lUMhvbdYqBL1AexHOWHbBTN
kgmywnAO7AscnwSIqwyhdaf8oBamuEKJQF8CkaPBoAX3u9GWm/CfrTLjEEXQmV5C
+ObSxJgSLakeZRGKHQx1MpD4QyfjZA5TJaF8KCWwa8+5e66mEi81c77HS6YeQbNN
t+vXBvRk29TAGZPjCPXiFh7a6c4MVVvMSvcvmz9idLECto05lz1cGSD1mZD2J71C
htesRjeamVlzma3gxHepg3ULWD1y9yh1S/jfAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUPWrtIg+nC6yHuP6fFteJNORMdqkwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9QV3J0SWctbkM2eUh1UDZmRnRl
Sk5PUk1kcWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA00gw
DQYJKoZIhvcNAQELBQADggEBAM7EICcUyQLhk/LvMsMU2jkqvNHwrLZWjevH6qQ9
kbc/O+XwnNZhdirlIoMt0mvaFJg1vh+IQkZn69TMLUB14rqJsrr3JVfczhELGhE3
MpkMHmo9DfOMqnrUUS950ILRuHKuJgIFZHJVZiJppKdeDfbdMlJ3uIxOUIX//Wo9
4+wpDHaGketnzCiazUzuPsaTaArx2/nRWjivxPzjBCYu978CKcGzcF0E5ZvhvI00
XjUiaFHyYhzgsXtIBYKib6rTJ+mXY2EYY4DQs8wm0vNhKlNBZpOwAaTUQGE8W52L
uxmQmgYcSkS0fhCh3Vi9lxaBz0A1bWg247COZhXuSCHB9UA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:22:18 2025 by rpki-client