Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/QRq1CcnAASs_LXeacfcGrHCMtDs.roa
File: QRq1CcnAASs_LXeacfcGrHCMtDs.roa (raw, json)
Hash identifier: TKLpSrnYFFbMDyCIYakFQEc7VEoj6MhzU/jHqNecP8s=
Subject key identifier: 41:1A:B5:09:C9:C0:01:2B:3F:2D:77:9A:71:F7:06:AC:70:8C:B4:3B
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14AC
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QRq1CcnAASs_LXeacfcGrHCMtDs.roa
Signing time: Mon 10 Feb 2025 14:35:09 +0000
ROA not before: Mon 10 Feb 2025 14:35:09 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9680
IP address blocks: 2001:b000:90::/48 maxlen: 64
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5292 (0x14ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:09 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=411AB509C9C0012B3F2D779A71F706AC708CB43B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:78:0d:8e:5c:b8:e9:89:c7:a6:2a:d4:eb:40:
31:6f:65:ce:29:30:3b:29:4c:71:b1:dd:60:4e:22:
41:01:a8:78:95:c3:74:b7:25:e9:31:8b:f3:6b:7d:
57:b6:88:39:45:7e:a8:aa:cb:05:d2:a1:2b:91:9f:
a0:05:b6:28:ca:dc:ce:9b:ce:73:ea:fe:92:5d:17:
3f:7a:11:a0:60:a7:da:d2:23:54:37:a1:a8:7f:3b:
a2:a1:f2:d6:62:44:05:b7:98:4f:50:2d:45:1e:88:
c9:e9:71:de:14:4b:27:cc:35:45:75:ee:0a:3f:b7:
dd:42:e3:42:f9:17:79:e4:ac:b2:9d:10:31:25:23:
8d:d9:a2:10:7f:4a:47:c7:db:42:e2:82:95:88:9c:
49:f6:02:cd:61:13:de:27:d4:38:06:64:2c:b8:45:
7b:56:28:d7:ca:3d:94:83:3d:f2:8a:f0:e2:23:d0:
04:b0:87:0e:43:f8:f9:42:90:fa:10:d5:86:56:57:
e4:18:d5:7b:f1:40:82:85:ff:f5:a1:fc:e1:25:1d:
4a:b6:3f:11:ce:23:d8:40:53:7d:e5:1e:23:1d:82:
0c:0d:93:87:4b:05:1c:64:4e:d1:f5:45:f5:cd:29:
8e:fe:d9:be:5c:4f:e6:cf:df:af:06:b8:5e:89:9d:
12:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1A:B5:09:C9:C0:01:2B:3F:2D:77:9A:71:F7:06:AC:70:8C:B4:3B
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/QRq1CcnAASs_LXeacfcGrHCMtDs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000:90::/48
Signature Algorithm: sha256WithRSAEncryption
02:4b:b8:e5:36:d6:66:8e:ea:07:81:7e:92:e5:21:e1:0a:7c:
b7:a2:06:99:da:dc:28:9e:fb:fe:29:e3:20:26:10:6c:ab:22:
34:02:8d:c4:6e:2a:69:1d:6c:29:3b:6f:90:82:da:aa:90:1d:
9c:12:34:10:cd:dd:c1:f5:52:8e:ef:4d:b9:0f:10:6c:16:b0:
9f:e1:23:df:9c:be:66:f2:c1:8a:02:28:18:59:3e:0a:11:ff:
41:0e:63:bb:03:82:ef:7e:45:a3:c0:29:f3:cd:83:ca:8b:6f:
72:18:92:af:41:e4:8e:4f:e1:a0:86:ef:5f:0a:a3:b7:22:ca:
da:e5:36:de:8f:e2:e0:fd:2e:45:62:f7:69:87:e0:c5:ea:f2:
1a:7a:58:82:b3:80:5a:aa:90:34:74:9f:a7:08:c4:94:f9:7d:
d3:09:a5:ae:8b:16:8d:2f:6d:8e:fa:b9:58:bd:c3:b4:27:8a:
cf:98:2a:83:cb:2d:17:7c:70:76:c2:90:1e:67:29:63:4a:35:
f8:ba:83:bc:df:c0:a2:ef:75:96:ff:ef:58:73:14:c0:84:de:
11:ef:5a:82:4e:ab:80:14:b6:7f:2a:d0:b7:df:4e:34:bc:39:
45:1e:7d:39:01:4e:12:7e:c9:65:fc:5b:41:58:8d:8f:4b:9e:
1f:08:e9:b6
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICFKwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxMUFCNTA5QzlDMDAx
MkIzRjJENzc5QTcxRjcwNkFDNzA4Q0I0M0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGeA2OXLjpicemKtTrQDFvZc4pMDspTHGx3WBOIkEBqHiVw3S3
Jekxi/NrfVe2iDlFfqiqywXSoSuRn6AFtijK3M6bznPq/pJdFz96EaBgp9rSI1Q3
oah/O6Kh8tZiRAW3mE9QLUUeiMnpcd4USyfMNUV17go/t91C40L5F3nkrLKdEDEl
I43ZohB/SkfH20LigpWInEn2As1hE94n1DgGZCy4RXtWKNfKPZSDPfKK8OIj0ASw
hw5D+PlCkPoQ1YZWV+QY1XvxQIKF//Wh/OElHUq2PxHOI9hAU33lHiMdggwNk4dL
BRxkTtH1RfXNKY7+2b5cT+bP368GuF6JnRLtAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUQRq1CcnAASs/LXeacfcGrHCMtDswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RUnExQ2NuQUFTc19MWGVhY2Zj
R3JIQ010RHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw
AACQMA0GCSqGSIb3DQEBCwUAA4IBAQACS7jlNtZmjuoHgX6S5SHhCny3ogaZ2two
nvv+KeMgJhBsqyI0Ao3EbippHWwpO2+QgtqqkB2cEjQQzd3B9VKO7025DxBsFrCf
4SPfnL5m8sGKAigYWT4KEf9BDmO7A4LvfkWjwCnzzYPKi29yGJKvQeSOT+Gghu9f
CqO3Isra5Tbej+Lg/S5FYvdph+DF6vIaeliCs4BaqpA0dJ+nCMSU+X3TCaWuixaN
L22O+rlYvcO0J4rPmCqDyy0XfHB2wpAeZyljSjX4uoO838Ci73WW/+9YcxTAhN4R
71qCTquAFLZ/KtC33040vDlFHn05AU4Sfsll/FtBWI2PS54fCOm2
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:28:08 2025 by rpki-client