Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Sh8loe-dTARo9KfDlXWXDi_qBMA.roa
File: Sh8loe-dTARo9KfDlXWXDi_qBMA.roa (raw, json)
Hash identifier: sxcld3xjQtv1L/O6w7qFSbNsJMQVUS0KpqdnnYObmEI=
Subject key identifier: 4A:1F:25:A1:EF:9D:4C:04:68:F4:A7:C3:95:75:97:0E:2F:EA:04:C0
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14CC
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Sh8loe-dTARo9KfDlXWXDi_qBMA.roa
Signing time: Mon 10 Feb 2025 14:35:17 +0000
ROA not before: Mon 10 Feb 2025 14:35:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 211.23.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5324 (0x14cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4A1F25A1EF9D4C0468F4A7C39575970E2FEA04C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:79:a4:89:04:28:17:97:c5:c0:08:ac:9e:42:
59:10:68:a2:f9:39:3d:ee:0f:c7:68:45:93:cc:19:
d2:f9:24:4e:43:09:5c:98:9a:0e:4d:7f:2e:c6:bf:
f8:4e:ff:3f:69:65:e6:e0:f6:ab:08:34:d2:7c:ff:
f7:46:58:e2:22:2b:b5:48:36:c6:ba:1e:24:6a:57:
c6:cd:91:ba:21:f7:9b:8b:50:bf:8b:6c:7c:f4:70:
2b:16:7c:51:96:a6:af:8b:ec:d2:4e:f9:9c:13:c7:
5d:ec:94:70:ab:c4:b5:99:3e:56:41:64:32:9c:60:
48:12:2c:46:b3:24:71:e5:42:f8:f4:86:93:20:88:
77:06:ab:7b:f6:03:eb:5a:42:03:82:b0:27:76:8e:
d0:b6:ff:f2:59:9b:ed:73:64:2c:a0:ba:ab:1f:f7:
dd:a4:2a:bb:1d:49:95:95:15:3f:65:91:df:31:dd:
83:61:26:95:08:c7:7f:79:03:b7:91:0a:e3:58:ef:
35:2e:fc:71:d7:34:d0:f3:d6:03:e6:d5:0f:cf:02:
28:29:ce:4f:9c:c3:d3:0e:f0:67:f0:48:02:0b:83:
da:20:a4:bb:1f:5e:30:10:4d:7e:5b:a1:44:91:64:
41:87:a2:66:a8:84:58:39:a6:29:d0:1f:04:70:ef:
2a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1F:25:A1:EF:9D:4C:04:68:F4:A7:C3:95:75:97:0E:2F:EA:04:C0
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Sh8loe-dTARo9KfDlXWXDi_qBMA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.23.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:ae:43:7b:02:b6:2e:8f:b9:49:8f:6d:5f:99:e0:1a:f4:29:
71:1e:70:56:fc:20:51:df:ae:21:f3:41:3d:4f:25:d6:0d:0f:
da:ad:a2:8d:c9:bd:53:64:5d:c8:e2:b4:34:c4:5d:98:09:07:
5f:99:62:13:5a:93:c9:bb:0a:ad:04:c5:5e:23:26:96:8d:96:
a3:55:0c:b9:dc:5d:12:34:79:3c:d7:f6:f2:c5:ad:69:57:e6:
52:59:2d:a6:bf:cd:c4:c0:de:db:75:ad:43:52:60:60:68:36:
69:ae:fb:22:2e:32:31:2e:09:16:f6:bb:4c:e4:2e:ee:7b:bd:
71:b7:7e:a4:7e:ba:1f:fe:41:94:90:a0:4f:dc:1d:ca:b4:d6:
b1:ab:8a:f5:12:87:c9:12:24:12:b8:78:5e:c7:cc:04:d7:fa:
d0:85:52:aa:f6:14:1f:ee:04:77:0d:8c:47:5d:a3:e7:ac:f6:
7a:56:23:c4:a9:f9:b1:24:38:b8:6f:21:c1:95:2c:df:f5:26:
14:34:55:e5:8d:14:4e:23:8a:b7:13:68:2b:02:fe:34:11:88:
d1:2a:60:e0:52:97:7c:66:67:95:d9:a1:f5:57:2f:28:97:dd:
4b:26:9f:70:45:30:ab:e8:a8:c3:4d:08:78:85:5e:fa:87:32:
60:15:b5:47
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRBMUYyNUExRUY5RDRD
MDQ2OEY0QTdDMzk1NzU5NzBFMkZFQTA0QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJeaSJBCgXl8XACKyeQlkQaKL5OT3uD8doRZPMGdL5JE5DCVyY
mg5Nfy7Gv/hO/z9pZebg9qsINNJ8//dGWOIiK7VINsa6HiRqV8bNkboh95uLUL+L
bHz0cCsWfFGWpq+L7NJO+ZwTx13slHCrxLWZPlZBZDKcYEgSLEazJHHlQvj0hpMg
iHcGq3v2A+taQgOCsCd2jtC2//JZm+1zZCyguqsf992kKrsdSZWVFT9lkd8x3YNh
JpUIx395A7eRCuNY7zUu/HHXNNDz1gPm1Q/PAigpzk+cw9MO8GfwSAILg9ogpLsf
XjAQTX5boUSRZEGHomaohFg5pinQHwRw7yq7AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUSh8loe+dTARo9KfDlXWXDi/qBMAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TaDhsb2UtZFRBUm85S2ZEbFhX
WERpX3FCTUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xcw
DQYJKoZIhvcNAQELBQADggEBANKuQ3sCti6PuUmPbV+Z4Br0KXEecFb8IFHfriHz
QT1PJdYND9qtoo3JvVNkXcjitDTEXZgJB1+ZYhNak8m7Cq0ExV4jJpaNlqNVDLnc
XRI0eTzX9vLFrWlX5lJZLaa/zcTA3tt1rUNSYGBoNmmu+yIuMjEuCRb2u0zkLu57
vXG3fqR+uh/+QZSQoE/cHcq01rGrivUSh8kSJBK4eF7HzATX+tCFUqr2FB/uBHcN
jEddo+es9npWI8Sp+bEkOLhvIcGVLN/1JhQ0VeWNFE4jircTaCsC/jQRiNEqYOBS
l3xmZ5XZofVXLyiX3Usmn3BFMKvoqMNNCHiFXvqHMmAVtUc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:35:53 2025 by rpki-client