Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/U2WfwJLGPYkDIJRGLTMuE5QRe4Y.roa
File: U2WfwJLGPYkDIJRGLTMuE5QRe4Y.roa (raw, json)
Hash identifier: n6pqC2zP/FeEuzkrg/mAAKGTP6cOiOd2NMjcJalZi6g=
Subject key identifier: 53:65:9F:C0:92:C6:3D:89:03:20:94:46:2D:33:2E:13:94:11:7B:86
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1453
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/U2WfwJLGPYkDIJRGLTMuE5QRe4Y.roa
Signing time: Mon 10 Feb 2025 14:34:48 +0000
ROA not before: Mon 10 Feb 2025 14:34:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 221.120.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5203 (0x1453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=53659FC092C63D89032094462D332E1394117B86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:06:66:70:83:1b:17:d6:29:36:36:ec:52:5a:
2b:2c:69:ad:7c:b6:fd:a3:ab:b8:95:fc:c8:20:0d:
81:c4:2b:4b:8a:e8:00:1e:94:29:9c:a2:c1:6d:1c:
54:0c:b1:8f:c0:32:6d:f9:15:b3:0c:7d:d8:5e:24:
b4:f2:5e:6a:24:e1:65:ba:fc:ab:34:ee:74:c4:31:
0a:cc:37:b3:3f:c2:0e:30:39:7d:07:5d:70:4d:46:
65:15:42:35:3c:91:df:2c:5f:31:9a:cf:c9:d8:98:
38:8d:f0:1d:73:29:9c:83:a5:28:d2:19:4c:31:c7:
b7:b6:52:16:20:ee:9a:b0:4a:5f:58:c4:fe:ad:d5:
4d:14:fa:32:c3:0b:dc:11:4f:4b:70:e8:b6:d1:27:
f1:89:b5:e1:6b:99:b6:4a:bf:9e:f8:3d:12:3f:59:
98:b4:ad:4b:64:11:12:fa:66:3f:66:b2:cf:da:e7:
1e:ac:f9:0a:59:8f:de:1a:95:42:5d:23:3c:df:86:
31:30:64:50:3c:70:49:2b:b5:4f:7c:86:68:ec:4c:
e5:75:75:cf:63:c3:58:49:d4:92:87:38:90:46:51:
10:34:91:98:f6:ef:1c:ef:94:cf:8b:41:7d:9b:e0:
3d:c1:d4:82:6a:7a:86:58:ba:49:4c:b6:21:90:9c:
d8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:65:9F:C0:92:C6:3D:89:03:20:94:46:2D:33:2E:13:94:11:7B:86
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/U2WfwJLGPYkDIJRGLTMuE5QRe4Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.25.0/24
Signature Algorithm: sha256WithRSAEncryption
87:29:0f:48:16:c7:bb:f1:18:8b:aa:8d:a0:06:10:7f:15:ab:
76:c5:04:06:fe:a7:26:d2:0c:73:6f:8d:e0:a2:6a:1b:4e:c6:
c5:63:59:1b:49:b8:87:8b:af:47:2f:da:e0:15:b1:8e:7c:64:
78:a5:47:87:f1:fc:93:8a:97:34:6d:fb:4c:02:ab:54:3e:23:
58:4f:5d:46:40:8a:63:3a:69:94:d4:57:a6:5e:0a:05:5d:92:
58:fd:b1:fb:61:df:83:67:72:f8:99:8a:b3:89:bb:4a:ad:57:
10:f8:2f:9a:c3:7f:67:71:be:71:af:8a:dc:cd:5a:79:16:54:
53:c6:81:f3:1a:e8:cd:24:d8:bf:46:23:5f:4c:57:74:00:e0:
8e:03:b4:0d:38:bc:e9:5a:49:a9:ad:82:67:27:75:16:ef:4f:
41:fb:7d:da:a5:49:56:58:0d:54:ae:08:63:f5:99:5c:3d:fc:
e0:27:6d:6f:c1:87:69:5b:7e:a3:68:97:1b:61:2d:ad:26:ea:
03:e4:b7:1c:99:45:2b:27:76:a8:03:39:62:59:43:83:66:bd:
03:f1:1c:49:c7:87:cf:61:57:e1:7c:c7:36:3c:aa:da:88:fe:
2e:b4:ba:44:01:0c:9e:8d:51:0f:22:f2:0a:83:62:18:c3:e7:
52:fe:ab:5a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUzNjU5RkMwOTJDNjNE
ODkwMzIwOTQ0NjJEMzMyRTEzOTQxMTdCODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrBmZwgxsX1ik2NuxSWissaa18tv2jq7iV/MggDYHEK0uK6AAe
lCmcosFtHFQMsY/AMm35FbMMfdheJLTyXmok4WW6/Ks07nTEMQrMN7M/wg4wOX0H
XXBNRmUVQjU8kd8sXzGaz8nYmDiN8B1zKZyDpSjSGUwxx7e2UhYg7pqwSl9YxP6t
1U0U+jLDC9wRT0tw6LbRJ/GJteFrmbZKv574PRI/WZi0rUtkERL6Zj9mss/a5x6s
+QpZj94alUJdIzzfhjEwZFA8cEkrtU98hmjsTOV1dc9jw1hJ1JKHOJBGURA0kZj2
7xzvlM+LQX2b4D3B1IJqeoZYuklMtiGQnNgPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUU2WfwJLGPYkDIJRGLTMuE5QRe4YwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9VMldmd0pMR1BZa0RJSlJHTFRN
dUU1UVJlNFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgZ
MA0GCSqGSIb3DQEBCwUAA4IBAQCHKQ9IFse78RiLqo2gBhB/Fat2xQQG/qcm0gxz
b43gomobTsbFY1kbSbiHi69HL9rgFbGOfGR4pUeH8fyTipc0bftMAqtUPiNYT11G
QIpjOmmU1FemXgoFXZJY/bH7Yd+DZ3L4mYqzibtKrVcQ+C+aw39ncb5xr4rczVp5
FlRTxoHzGujNJNi/RiNfTFd0AOCOA7QNOLzpWkmprYJnJ3UW709B+33apUlWWA1U
rghj9ZlcPfzgJ21vwYdpW36jaJcbYS2tJuoD5LccmUUrJ3aoAzliWUODZr0D8RxJ
x4fPYVfhfMc2PKraiP4utLpEAQyejVEPIvIKg2IYw+dS/qta
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:25:50 2025 by rpki-client