Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/XtlWZAvhY6xiTx60hT2BgFcbaWg.roa
File: XtlWZAvhY6xiTx60hT2BgFcbaWg.roa (raw, json)
Hash identifier: D10yvZCa6Pr/o/3uSNiuwndAnrLXDvn13At36OSjfnc=
Subject key identifier: 5E:D9:56:64:0B:E1:63:AC:62:4F:1E:B4:85:3D:81:80:57:1B:69:68
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14DE
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XtlWZAvhY6xiTx60hT2BgFcbaWg.roa
Signing time: Mon 10 Feb 2025 14:35:21 +0000
ROA not before: Mon 10 Feb 2025 14:35:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9505
IP address blocks: 175.41.48.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5342 (0x14de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5ED956640BE163AC624F1EB4853D8180571B6968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bf:1e:7e:20:3a:03:15:c3:31:15:c8:7d:42:
9a:1e:07:61:33:d8:cf:cc:ed:14:fe:16:38:af:7b:
13:b6:f3:f2:b5:75:b4:1c:1f:e4:28:3d:7e:67:30:
ed:3c:bf:b9:78:aa:38:5f:37:4f:0a:79:05:1b:1e:
36:07:d4:86:f5:e5:45:39:7b:29:10:02:77:96:81:
6a:6a:ad:d2:71:cd:0f:ad:3d:18:5c:bd:52:e4:38:
4b:ce:fc:9a:86:bd:87:0e:33:e3:47:95:26:a7:d3:
3d:33:81:99:87:9c:78:78:f3:c0:34:ec:ae:32:e5:
eb:27:ab:01:70:bf:67:9d:61:5c:b4:b1:ad:e2:0d:
30:d8:bf:c5:9b:fc:21:ec:95:d2:10:29:d8:98:d2:
71:6f:55:25:3b:f5:db:8c:ca:51:e7:16:ce:37:a2:
e9:95:8a:6c:eb:b1:d1:40:17:e8:df:6f:9c:4f:2b:
f7:a7:a4:7e:34:2a:65:2c:4e:b8:5f:17:01:f3:8e:
d3:95:e4:fe:b0:96:06:fc:56:c5:e4:2d:8f:09:95:
f9:77:ca:8c:3e:a5:26:fb:b3:98:24:9c:e7:08:b6:
dd:7f:99:c4:5c:7e:14:3e:b8:9f:c6:9c:d2:37:29:
5b:1d:48:16:03:a4:6f:63:3f:c4:40:e9:73:32:e8:
c5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D9:56:64:0B:E1:63:AC:62:4F:1E:B4:85:3D:81:80:57:1B:69:68
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XtlWZAvhY6xiTx60hT2BgFcbaWg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.41.48.0/20
Signature Algorithm: sha256WithRSAEncryption
93:bb:ea:7a:ea:fa:c0:1e:22:64:fe:24:c0:81:4e:ee:4b:45:
a7:0d:bb:b1:03:78:50:45:f0:9a:91:f3:b3:81:ab:0f:cb:4d:
31:02:93:07:c4:c8:c7:67:1f:e3:21:96:77:09:2b:7b:59:05:
45:47:4a:0d:08:d8:62:7a:96:a2:8b:cd:11:92:0b:7c:58:ff:
6d:b1:ae:d7:05:ec:48:98:0a:30:78:e5:71:cf:bb:3c:c5:ca:
a7:0b:4d:eb:04:60:60:c0:bc:08:80:9e:ea:a3:53:fc:a5:3c:
55:22:9d:37:35:07:14:68:22:3f:32:0b:6d:ef:50:6b:b4:9a:
ec:d5:a3:09:f2:b5:3c:0f:37:0d:85:eb:ea:2b:20:bf:b4:13:
74:ce:57:7a:c2:8a:46:db:bf:45:55:d5:5c:08:f1:e3:10:1a:
98:cb:bd:8f:54:f7:33:e6:69:24:dd:66:01:57:bf:7f:f5:3e:
d2:39:0a:fd:90:06:f6:55:6d:a6:d5:e2:ce:42:90:33:88:d8:
65:76:15:f2:fb:47:b9:66:04:ac:6d:06:ba:53:87:dd:16:cb:
1a:62:18:4a:f7:6a:52:b4:33:a7:77:23:44:12:19:02:2a:25:
02:b5:6b:fc:9e:da:6f:60:56:ed:2d:fa:29:e5:1f:84:1a:c2:
cb:15:7f:a4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVFRDk1NjY0MEJFMTYz
QUM2MjRGMUVCNDg1M0Q4MTgwNTcxQjY5NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqvx5+IDoDFcMxFch9QpoeB2Ez2M/M7RT+FjivexO28/K1dbQc
H+QoPX5nMO08v7l4qjhfN08KeQUbHjYH1Ib15UU5eykQAneWgWpqrdJxzQ+tPRhc
vVLkOEvO/JqGvYcOM+NHlSan0z0zgZmHnHh488A07K4y5esnqwFwv2edYVy0sa3i
DTDYv8Wb/CHsldIQKdiY0nFvVSU79duMylHnFs43oumVimzrsdFAF+jfb5xPK/en
pH40KmUsTrhfFwHzjtOV5P6wlgb8VsXkLY8Jlfl3yow+pSb7s5gknOcItt1/mcRc
fhQ+uJ/GnNI3KVsdSBYDpG9jP8RA6XMy6MX5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXtlWZAvhY6xiTx60hT2BgFcbaWgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9YdGxXWkF2aFk2eGlUeDYwaFQy
QmdGY2JhV2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQErykw
MA0GCSqGSIb3DQEBCwUAA4IBAQCTu+p66vrAHiJk/iTAgU7uS0WnDbuxA3hQRfCa
kfOzgasPy00xApMHxMjHZx/jIZZ3CSt7WQVFR0oNCNhiepaii80Rkgt8WP9tsa7X
BexImAoweOVxz7s8xcqnC03rBGBgwLwIgJ7qo1P8pTxVIp03NQcUaCI/Mgtt71Br
tJrs1aMJ8rU8DzcNhevqKyC/tBN0zld6wopG279FVdVcCPHjEBqYy72PVPcz5mkk
3WYBV79/9T7SOQr9kAb2VW2m1eLOQpAziNhldhXy+0e5ZgSsbQa6U4fdFssaYhhK
92pStDOndyNEEhkCKiUCtWv8ntpvYFbtLfop5R+EGsLLFX+k
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:19:56 2025 by rpki-client