Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/TGq_HYEIiQ4JjTAHjZ3e0dkJ8dY.roa
File: TGq_HYEIiQ4JjTAHjZ3e0dkJ8dY.roa (raw, json)
Hash identifier: 5qeeTfDD/dNuEiszxkrBUZg1VdI+ekYXO8v5SzVszys=
Subject key identifier: 4C:6A:BF:1D:81:08:89:0E:09:8D:30:07:8D:9D:DE:D1:D9:09:F1:D6
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1578
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/TGq_HYEIiQ4JjTAHjZ3e0dkJ8dY.roa
Signing time: Tue 11 Feb 2025 23:44:40 +0000
ROA not before: Tue 11 Feb 2025 23:44:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 23675
IP address blocks: 220.128.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:23:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5496 (0x1578)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4C6ABF1D8108890E098D30078D9DDED1D909F1D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:13:09:b3:8d:f3:e9:8d:43:4a:6c:04:ae:17:
e1:8b:1f:bc:09:fc:a8:a7:fd:38:45:8d:39:51:ec:
03:55:f5:50:6b:d4:04:a6:4d:a2:6c:96:91:78:80:
5a:76:b4:74:98:c7:c6:ad:17:29:60:d9:89:02:0e:
09:8c:b7:7d:d7:f7:e5:e6:56:a4:93:94:d5:5b:57:
9d:fc:92:10:af:59:ee:a7:bd:61:1c:04:a1:03:25:
47:d8:32:07:05:a6:21:b2:aa:ef:1c:2a:11:ea:14:
d2:6e:4d:dc:7d:de:21:18:55:fb:5c:fb:1c:e9:4e:
51:d3:5f:dd:2b:a2:77:4b:e9:47:c2:0e:60:2c:64:
a1:eb:f5:1d:62:cc:f2:df:01:c8:f2:ef:6f:8c:8f:
4d:2a:ca:a6:fa:01:83:e7:04:70:30:0e:5f:d8:33:
83:c0:76:6f:37:ce:53:9e:79:bf:59:92:97:0d:0b:
77:2d:ac:bb:f2:de:aa:a0:63:fd:e8:3f:c4:ed:02:
73:21:70:94:32:45:e1:d8:2f:aa:05:98:30:e0:10:
39:44:77:aa:46:f4:74:e8:00:5c:a5:90:f2:ae:ae:
20:f0:5c:92:c3:6a:ad:e1:c3:04:5e:8d:41:3a:9b:
9d:24:ea:9d:8b:01:cf:52:78:21:a6:48:1c:e0:ad:
a1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:6A:BF:1D:81:08:89:0E:09:8D:30:07:8D:9D:DE:D1:D9:09:F1:D6
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/TGq_HYEIiQ4JjTAHjZ3e0dkJ8dY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.55.0/24
Signature Algorithm: sha256WithRSAEncryption
73:9c:14:c4:a4:97:3d:5c:60:dd:81:85:c8:79:ee:63:d3:6e:
82:1e:32:bf:d0:9a:d5:ff:04:99:97:5a:20:65:35:54:05:6d:
48:1f:f8:ee:1e:5c:94:40:75:6a:68:a8:2d:bb:69:81:f7:5d:
86:c8:26:eb:75:14:ff:51:f9:e2:e3:dc:22:fe:4f:12:55:22:
da:a9:0a:b0:43:63:ef:66:46:ad:f5:d4:e1:93:49:86:df:ba:
d0:ce:ba:ba:d0:00:ae:8a:50:ce:87:4e:38:3c:8d:54:b6:7b:
f7:3c:1f:49:ca:71:04:61:08:20:c9:e8:46:9e:67:0d:53:17:
00:d2:e4:00:56:2f:9e:95:25:bc:9e:74:ba:52:87:67:e3:b6:
e5:d4:8c:06:ef:76:53:a6:64:cf:70:33:4d:15:3c:80:8a:ae:
45:35:f6:fc:d0:36:92:46:99:52:e1:81:d7:2e:52:00:a0:e2:
b3:35:48:48:7d:d6:cb:9f:ad:e2:56:ce:aa:b1:a4:a7:3a:2a:
05:4c:42:e7:25:99:09:50:8b:91:01:78:ee:6c:1e:62:c5:64:
7b:49:5e:84:52:02:71:e3:41:4c:b4:74:13:1a:ea:ef:2c:73:
81:45:15:74:c0:4a:41:d4:7c:63:9f:05:5f:4e:75:5c:e6:18:
71:75:1e:aa
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRDNkFCRjFEODEwODg5
MEUwOThEMzAwNzhEOURERUQxRDkwOUYxRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDEwmzjfPpjUNKbASuF+GLH7wJ/Kin/ThFjTlR7ANV9VBr1ASm
TaJslpF4gFp2tHSYx8atFylg2YkCDgmMt33X9+XmVqSTlNVbV538khCvWe6nvWEc
BKEDJUfYMgcFpiGyqu8cKhHqFNJuTdx93iEYVftc+xzpTlHTX90rondL6UfCDmAs
ZKHr9R1izPLfAcjy72+Mj00qyqb6AYPnBHAwDl/YM4PAdm83zlOeeb9ZkpcNC3ct
rLvy3qqgY/3oP8TtAnMhcJQyReHYL6oFmDDgEDlEd6pG9HToAFylkPKuriDwXJLD
aq3hwwRejUE6m50k6p2LAc9SeCGmSBzgraH7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUTGq/HYEIiQ4JjTAHjZ3e0dkJ8dYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9UR3FfSFlFSWlRNEpqVEFIaloz
ZTBka0o4ZFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IA3
MA0GCSqGSIb3DQEBCwUAA4IBAQBznBTEpJc9XGDdgYXIee5j026CHjK/0JrV/wSZ
l1ogZTVUBW1IH/juHlyUQHVqaKgtu2mB912GyCbrdRT/Ufni49wi/k8SVSLaqQqw
Q2PvZkat9dThk0mG37rQzrq60ACuilDOh044PI1Utnv3PB9JynEEYQggyehGnmcN
UxcA0uQAVi+elSW8nnS6Uodn47bl1IwG73ZTpmTPcDNNFTyAiq5FNfb80DaSRplS
4YHXLlIAoOKzNUhIfdbLn63iVs6qsaSnOioFTELnJZkJUIuRAXjubB5ixWR7SV6E
UgJx40FMtHQTGurvLHOBRRV0wEpB1HxjnwVfTnVc5hhxdR6q
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:35:59 2025 by rpki-client