Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/VxDiOpIz-FM02gey2l8ikTSe7c8.roa
File: VxDiOpIz-FM02gey2l8ikTSe7c8.roa (raw, json)
Hash identifier: /W3ODebkx+mB1R3PbmN3/XlJy2yQkslOruxCg9GwoLg=
Subject key identifier: 57:10:E2:3A:92:33:F8:53:34:DA:07:B2:DA:5F:22:91:34:9E:ED:CF
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1530
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VxDiOpIz-FM02gey2l8ikTSe7c8.roa
Signing time: Tue 11 Feb 2025 23:44:24 +0000
ROA not before: Tue 11 Feb 2025 23:44:24 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 2001:b000::/21 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5424 (0x1530)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:24 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5710E23A9233F85334DA07B2DA5F2291349EEDCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:97:5b:c2:a1:2c:6c:4a:90:5a:61:5e:20:9f:
48:e2:24:f4:0d:cd:0b:e4:ee:36:3f:1a:c9:1b:17:
5c:04:40:80:91:8b:f8:62:c6:90:d5:05:0c:a6:3b:
c7:ed:2a:25:03:be:2f:d2:84:f7:b7:31:47:e7:42:
e7:1d:7a:cc:86:f1:de:06:54:85:b2:60:87:21:2b:
12:15:85:d8:0f:f6:fa:4d:12:2d:7b:8b:74:97:8c:
bc:5d:07:70:77:7b:91:7d:15:39:53:21:f4:79:e6:
47:75:90:bf:50:6d:9d:df:4a:0f:98:05:bf:0c:7c:
ba:01:95:d4:67:36:b2:e1:c4:7d:57:31:36:85:44:
aa:91:2b:29:76:f0:3a:fc:25:74:a8:0e:e1:8b:4d:
30:f6:e5:a7:3c:0b:fb:7e:98:f7:8d:42:d0:26:0b:
fc:e2:2a:49:eb:8f:7c:d8:cd:f0:b7:c1:4e:ce:04:
6b:78:a3:12:5c:83:c1:7d:8c:62:f0:c0:8e:11:75:
ac:9a:98:bd:91:19:f9:99:72:05:7a:cf:e4:cb:24:
62:10:c7:77:77:89:40:85:5d:b9:ed:b3:ac:fb:f5:
99:bc:8b:ea:16:c9:f7:91:33:7b:11:d9:6f:cd:b8:
6e:b8:ad:75:e7:38:cc:cb:a9:9d:33:09:f6:2c:d9:
e2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:10:E2:3A:92:33:F8:53:34:DA:07:B2:DA:5F:22:91:34:9E:ED:CF
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VxDiOpIz-FM02gey2l8ikTSe7c8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000::/21
Signature Algorithm: sha256WithRSAEncryption
7d:23:79:43:77:1d:ad:2a:5e:cf:17:22:9f:00:1d:51:f5:48:
03:ca:22:b2:43:9f:39:5b:90:3b:c1:90:3c:f2:49:e1:46:ff:
89:5a:24:a3:eb:6e:f1:32:d0:58:60:99:a9:b4:8f:0c:62:24:
fc:8d:9c:63:48:de:d6:d5:e8:07:15:00:12:26:5d:1c:f4:b3:
59:6f:be:26:d1:79:85:3e:a8:65:ef:75:ab:a0:07:2f:3d:a5:
13:fa:af:0f:7f:70:e4:c1:c9:be:b9:b2:ff:df:42:ec:4a:9b:
53:09:6c:e1:fd:dd:ca:cf:96:9e:aa:1f:a1:52:ea:8c:fb:15:
f3:8e:2c:e7:45:76:b2:11:68:8f:0e:fd:9e:49:1f:0b:03:ad:
0a:6d:80:0c:0d:18:a8:04:b6:b1:c7:7d:38:86:f2:5f:19:b5:
1b:a4:17:c5:6f:3b:f7:ed:f7:a0:f7:ac:72:d5:ac:da:51:b2:
d2:fa:d2:9d:ac:8e:04:a7:49:50:99:b6:ef:bd:c5:dd:0e:26:
77:cb:47:71:f0:2a:40:80:77:ef:c8:b6:2c:4b:af:b6:79:c4:
21:20:59:ff:f2:b5:ee:6d:8f:31:dd:0f:97:fa:60:13:02:ba:
bd:c0:29:73:39:e2:7b:4a:df:47:fb:c3:91:4b:c1:df:8a:b6:
48:8a:db:c5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU3MTBFMjNBOTIzM0Y4
NTMzNERBMDdCMkRBNUYyMjkxMzQ5RUVEQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWl1vCoSxsSpBaYV4gn0jiJPQNzQvk7jY/GskbF1wEQICRi/hi
xpDVBQymO8ftKiUDvi/ShPe3MUfnQucdesyG8d4GVIWyYIchKxIVhdgP9vpNEi17
i3SXjLxdB3B3e5F9FTlTIfR55kd1kL9QbZ3fSg+YBb8MfLoBldRnNrLhxH1XMTaF
RKqRKyl28Dr8JXSoDuGLTTD25ac8C/t+mPeNQtAmC/ziKknrj3zYzfC3wU7OBGt4
oxJcg8F9jGLwwI4RdayamL2RGfmZcgV6z+TLJGIQx3d3iUCFXbnts6z79Zm8i+oW
yfeRM3sR2W/NuG64rXXnOMzLqZ0zCfYs2eLNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUVxDiOpIz+FM02gey2l8ikTSe7c8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9WeERpT3BJei1GTTAyZ2V5Mmw4
aWtUU2U3Yzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQDIAGw
MA0GCSqGSIb3DQEBCwUAA4IBAQB9I3lDdx2tKl7PFyKfAB1R9UgDyiKyQ585W5A7
wZA88knhRv+JWiSj627xMtBYYJmptI8MYiT8jZxjSN7W1egHFQASJl0c9LNZb74m
0XmFPqhl73WroAcvPaUT+q8Pf3Dkwcm+ubL/30LsSptTCWzh/d3Kz5aeqh+hUuqM
+xXzjiznRXayEWiPDv2eSR8LA60KbYAMDRioBLaxx304hvJfGbUbpBfFbzv37feg
96xy1azaUbLS+tKdrI4Ep0lQmbbvvcXdDiZ3y0dx8CpAgHfvyLYsS6+2ecQhIFn/
8rXubY8x3Q+X+mATArq9wClzOeJ7St9H+8ORS8HfirZIitvF
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:22:52 2025 by rpki-client