Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/PwXnnZJrqpnnLI_Cdu5R1__uGT4.roa
File: PwXnnZJrqpnnLI_Cdu5R1__uGT4.roa (raw, json)
Hash identifier: bUuOoZ5HbPXbNcrOlGvbtzK4ZdzL6qMZSBQ0sEj0SE8=
Subject key identifier: 3F:05:E7:9D:92:6B:AA:99:E7:2C:8F:C2:76:EE:51:D7:FF:EE:19:3E
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14D9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PwXnnZJrqpnnLI_Cdu5R1__uGT4.roa
Signing time: Mon 10 Feb 2025 14:35:20 +0000
ROA not before: Mon 10 Feb 2025 14:35:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 20940
IP address blocks: 203.66.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5337 (0x14d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3F05E79D926BAA99E72C8FC276EE51D7FFEE193E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:60:48:d1:be:cb:14:ba:e2:8b:c5:4a:fe:
a4:1c:f4:74:3b:03:84:da:10:82:ac:7b:90:19:7d:
d7:e6:0a:69:4d:be:f2:58:4d:cf:bd:a1:5f:95:7e:
5a:4b:3b:ea:13:dc:47:19:a6:66:4e:2e:27:f9:17:
46:61:87:cb:0d:9a:99:6d:b7:87:94:e2:70:ab:2f:
b7:25:5f:a8:97:a0:4b:58:03:ff:81:a4:3d:b9:60:
4b:21:e6:6a:97:d2:7c:e3:7b:9f:8d:b6:e0:31:b0:
a1:d4:3f:4d:81:36:c4:6b:6c:6d:42:82:fe:1f:1e:
d4:97:45:4b:6b:af:5e:7f:5d:62:53:38:99:dd:f4:
33:8d:85:d2:71:90:57:d0:7b:7a:30:76:71:87:11:
14:ad:39:92:19:a4:5a:b6:f8:0f:2b:59:e0:d0:4d:
bf:dd:75:9e:5a:83:d8:f0:31:0a:bd:c1:97:22:18:
31:e3:ca:9d:67:f6:c3:4d:27:2f:4b:41:ab:06:ba:
cb:c4:25:20:10:2d:de:e0:47:85:e6:93:85:6e:f7:
6f:64:94:ca:72:91:c0:27:6f:65:34:5d:f5:00:99:
4a:ff:e8:84:03:dc:95:d4:a3:48:10:a3:19:6f:83:
50:91:40:0c:b9:ca:20:91:77:55:a6:8e:87:ff:f2:
0d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:05:E7:9D:92:6B:AA:99:E7:2C:8F:C2:76:EE:51:D7:FF:EE:19:3E
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/PwXnnZJrqpnnLI_Cdu5R1__uGT4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.66.226.0/24
Signature Algorithm: sha256WithRSAEncryption
37:16:b7:f4:1c:93:60:b3:78:5e:28:72:f6:df:bb:1c:8a:1d:
0b:e2:8f:0b:41:55:c6:96:46:56:5f:a1:1b:01:82:f1:2a:33:
1a:2a:38:fc:f7:79:7a:aa:e7:d0:b9:35:ee:ed:0c:25:16:1d:
4a:9f:7b:6d:b1:7c:fa:04:28:8f:80:5d:16:cb:40:0b:a1:e7:
9b:0f:c8:70:86:1d:73:84:b9:57:51:3e:be:65:e7:fe:54:fb:
97:e9:49:fc:16:23:35:39:bf:f8:6c:02:71:bd:ce:b0:12:64:
3d:c1:24:4c:b3:97:fd:82:90:31:0b:95:d4:b6:0e:2e:0a:9d:
56:3b:1b:b3:d5:ea:2e:33:c9:0c:e9:30:24:fb:1c:27:5f:9b:
e3:77:f7:8b:73:8f:69:8a:cd:1f:b9:78:f0:16:f4:87:ff:91:
e3:df:5b:9b:5e:9f:fe:81:db:a8:6d:2e:c0:d2:25:a7:00:40:
8b:69:63:34:ec:e7:d2:51:1e:98:8d:4b:14:58:7f:54:e3:fc:
01:1e:c7:c8:5f:99:06:81:2e:c9:0d:90:d5:17:5f:54:80:11:
07:f4:b6:14:a8:e2:34:60:ae:1f:51:cb:ac:92:76:c6:b3:eb:
6f:bb:c5:55:db:ba:af:5b:d2:04:1e:b8:c5:a7:64:e0:0f:ed:
6a:7d:fe:53
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFNkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGMDVFNzlEOTI2QkFB
OTlFNzJDOEZDMjc2RUU1MUQ3RkZFRTE5M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqKmBI0b7LFLrii8VK/qQc9HQ7A4TaEIKse5AZfdfmCmlNvvJY
Tc+9oV+VflpLO+oT3EcZpmZOLif5F0Zhh8sNmpltt4eU4nCrL7clX6iXoEtYA/+B
pD25YEsh5mqX0nzje5+NtuAxsKHUP02BNsRrbG1Cgv4fHtSXRUtrr15/XWJTOJnd
9DONhdJxkFfQe3owdnGHERStOZIZpFq2+A8rWeDQTb/ddZ5ag9jwMQq9wZciGDHj
yp1n9sNNJy9LQasGusvEJSAQLd7gR4Xmk4Vu929klMpykcAnb2U0XfUAmUr/6IQD
3JXUo0gQoxlvg1CRQAy5yiCRd1Wmjof/8g3zAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUPwXnnZJrqpnnLI/Cdu5R1//uGT4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Qd1hublpKcnFwbm5MSV9DZHU1
UjFfX3VHVDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Li
MA0GCSqGSIb3DQEBCwUAA4IBAQA3Frf0HJNgs3heKHL237scih0L4o8LQVXGlkZW
X6EbAYLxKjMaKjj893l6qufQuTXu7QwlFh1Kn3ttsXz6BCiPgF0Wy0ALoeebD8hw
hh1zhLlXUT6+Zef+VPuX6Un8FiM1Ob/4bAJxvc6wEmQ9wSRMs5f9gpAxC5XUtg4u
Cp1WOxuz1eouM8kM6TAk+xwnX5vjd/eLc49pis0fuXjwFvSH/5Hj31ubXp/+gduo
bS7A0iWnAECLaWM07OfSUR6YjUsUWH9U4/wBHsfIX5kGgS7JDZDVF19UgBEH9LYU
qOI0YK4fUcusknbGs+tvu8VV27qvW9IEHrjFp2TgD+1qff5T
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:50 2025 by rpki-client