Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/SlaXOknmRh1a6OFxMxZb7nJUddQ.roa
File: SlaXOknmRh1a6OFxMxZb7nJUddQ.roa (raw, json)
Hash identifier: UZo8mdMSXFNDbwugQdIPxYYUGXy2gONVB10UNc7T/8w=
Subject key identifier: 4A:56:97:3A:49:E6:46:1D:5A:E8:E1:71:33:16:5B:EE:72:54:75:D4
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 143A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/SlaXOknmRh1a6OFxMxZb7nJUddQ.roa
Signing time: Mon 10 Feb 2025 14:34:43 +0000
ROA not before: Mon 10 Feb 2025 14:34:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 210.59.138.128/27 maxlen: 27
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5178 (0x143a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4A56973A49E6461D5AE8E17133165BEE725475D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:50:3a:b7:5d:13:50:84:6a:ab:25:71:59:b7:
8e:a3:40:9e:fb:48:d2:a1:63:a2:df:75:48:c7:f1:
ee:fd:27:e6:e9:f2:c2:e6:25:61:57:63:22:20:d9:
ae:2f:e9:06:7e:78:fa:21:64:bd:67:c1:5d:3c:0a:
cb:48:c7:aa:02:9a:3e:15:6d:a2:7c:79:70:05:71:
26:ba:5a:8e:89:75:29:cb:70:39:60:2b:3d:49:73:
ed:e9:ca:94:32:97:bb:d5:c3:b7:61:a9:ad:e3:88:
49:90:0d:58:72:24:f9:8e:19:68:fc:92:5b:f8:b8:
63:88:89:d5:44:b6:8b:0f:2e:60:da:ac:fb:85:93:
93:0d:6d:eb:fd:2a:eb:ab:1e:cd:53:28:2d:a9:3f:
e5:73:9b:50:2f:d8:e3:e6:98:ac:3e:4a:d6:e5:ee:
39:3b:35:a1:c1:88:1a:e8:26:fa:05:1c:bf:55:bc:
a0:aa:04:4d:9a:11:c7:c0:6d:77:51:c0:1d:eb:78:
7c:64:54:df:00:36:41:df:6f:82:1e:45:75:05:aa:
6e:62:7a:c0:aa:a2:a9:6b:72:70:14:f3:85:7e:c3:
ea:d0:e5:ab:a4:82:3a:04:69:fd:49:7b:bb:21:6f:
31:70:33:f6:d0:ec:4c:0c:67:8c:82:57:f1:49:71:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:56:97:3A:49:E6:46:1D:5A:E8:E1:71:33:16:5B:EE:72:54:75:D4
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/SlaXOknmRh1a6OFxMxZb7nJUddQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.59.138.128/27
Signature Algorithm: sha256WithRSAEncryption
02:1a:da:38:30:3a:45:2e:1a:5b:43:61:3a:bf:dd:41:56:30:
f9:b7:63:31:33:06:5c:db:09:72:f6:5a:e0:c6:79:ae:88:05:
22:c2:98:63:cb:a0:19:61:e1:a5:a0:46:07:b6:73:1a:fb:fd:
ad:d2:f4:89:76:e4:db:63:bc:2b:87:17:9e:68:f5:d0:7b:da:
c4:25:c9:d5:03:bb:64:65:34:30:d9:ff:67:55:7d:66:d5:c2:
70:c3:f6:a1:d1:53:5a:3f:83:45:a4:eb:b8:06:5e:db:1b:aa:
fe:ca:92:73:42:09:01:a1:f3:e4:3e:20:f8:88:95:bb:5b:db:
b4:c9:ff:da:cf:31:f4:4c:16:a0:ff:bb:2f:a4:88:63:a3:2d:
9a:e8:a6:ba:ea:78:b1:02:db:c7:f9:c7:e5:39:b6:32:1e:f5:
38:aa:1a:85:55:3b:a9:cc:19:f9:53:8d:fa:6f:4b:24:21:b8:
62:93:82:50:be:29:b9:92:76:ed:76:fd:70:0e:3c:81:43:18:
d6:87:e5:e7:6f:2d:27:81:67:86:d9:ea:23:3a:9a:91:51:46:
46:89:13:0d:74:05:34:a7:f1:8b:26:0f:f8:48:db:39:15:41:
4f:3f:29:89:97:6b:2b:78:a9:73:9e:fb:ee:bf:16:78:54:6e:
0d:b1:61:85
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICFDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRBNTY5NzNBNDlFNjQ2
MUQ1QUU4RTE3MTMzMTY1QkVFNzI1NDc1RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeUDq3XRNQhGqrJXFZt46jQJ77SNKhY6LfdUjH8e79J+bp8sLm
JWFXYyIg2a4v6QZ+ePohZL1nwV08CstIx6oCmj4VbaJ8eXAFcSa6Wo6JdSnLcDlg
Kz1Jc+3pypQyl7vVw7dhqa3jiEmQDVhyJPmOGWj8klv4uGOIidVEtosPLmDarPuF
k5MNbev9KuurHs1TKC2pP+Vzm1Av2OPmmKw+Stbl7jk7NaHBiBroJvoFHL9VvKCq
BE2aEcfAbXdRwB3reHxkVN8ANkHfb4IeRXUFqm5iesCqoqlrcnAU84V+w+rQ5auk
gjoEaf1Je7shbzFwM/bQ7EwMZ4yCV/FJcXULAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUSlaXOknmRh1a6OFxMxZb7nJUddQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TbGFYT2tubVJoMWE2T0Z4TXha
YjduSlVkZFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUF0juK
gDANBgkqhkiG9w0BAQsFAAOCAQEAAhraODA6RS4aW0NhOr/dQVYw+bdjMTMGXNsJ
cvZa4MZ5rogFIsKYY8ugGWHhpaBGB7ZzGvv9rdL0iXbk22O8K4cXnmj10HvaxCXJ
1QO7ZGU0MNn/Z1V9ZtXCcMP2odFTWj+DRaTruAZe2xuq/sqSc0IJAaHz5D4g+IiV
u1vbtMn/2s8x9EwWoP+7L6SIY6Mtmuimuup4sQLbx/nH5Tm2Mh71OKoahVU7qcwZ
+VON+m9LJCG4YpOCUL4puZJ27Xb9cA48gUMY1ofl528tJ4FnhtnqIzqakVFGRokT
DXQFNKfxiyYP+EjbORVBTz8piZdrK3ipc5777r8WeFRuDbFhhQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:17:58 2025 by rpki-client