Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/YW5EywcBzFTRh1wki1P3qRt2keQ.roa
File: YW5EywcBzFTRh1wki1P3qRt2keQ.roa (raw, json)
Hash identifier: KYtBg4o6ss5td3m/yJM+TF7NbIGm661KvD2mJD366iI=
Subject key identifier: 61:6E:44:CB:07:01:CC:54:D1:87:5C:24:8B:53:F7:A9:1B:76:91:E4
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1520
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/YW5EywcBzFTRh1wki1P3qRt2keQ.roa
Signing time: Tue 11 Feb 2025 23:44:21 +0000
ROA not before: Tue 11 Feb 2025 23:44:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.136.0.0/13 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5408 (0x1520)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=616E44CB0701CC54D1875C248B53F7A91B7691E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d6:af:18:7c:77:c9:7c:69:0e:1a:f5:58:02:
bb:92:63:33:9a:76:fc:7e:88:91:9d:28:18:3b:9a:
bc:64:b7:af:2b:27:8a:b9:63:23:b7:d2:2f:70:71:
ed:e7:32:65:38:b2:c8:02:4d:2d:8c:43:e1:a8:32:
89:47:ea:d5:ac:3e:b3:96:05:31:95:3d:7c:93:09:
f6:f9:7a:62:eb:ee:e6:d9:93:5b:56:fe:b9:f2:e3:
bc:90:61:42:a3:f8:78:64:31:50:99:3b:ce:d8:1f:
9d:11:0f:96:08:29:80:50:f1:71:9c:66:37:f2:e6:
25:e0:c9:00:8e:c6:79:b8:75:7f:bf:cf:05:7d:e3:
1b:e5:93:a4:f3:c3:3f:21:ba:bc:d5:14:40:62:48:
26:61:fa:93:e8:d8:08:ef:f6:df:0d:aa:89:69:08:
8e:f0:6c:9d:3b:41:e7:5e:a2:3d:46:e2:73:d9:b9:
d6:56:30:c1:00:56:cc:7c:26:e2:d0:9b:95:e8:f0:
48:7e:8d:dd:5b:79:70:7b:4e:64:03:88:66:7d:58:
a4:88:2a:f5:8f:e3:cf:a5:5b:e1:dc:c6:4c:4b:74:
b5:e9:21:07:04:94:f2:9c:a3:30:b9:6c:e9:3f:a8:
51:f1:52:8f:be:ad:05:24:a0:6c:ef:04:06:5b:7c:
7c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6E:44:CB:07:01:CC:54:D1:87:5C:24:8B:53:F7:A9:1B:76:91:E4
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/YW5EywcBzFTRh1wki1P3qRt2keQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.136.0.0/13
Signature Algorithm: sha256WithRSAEncryption
c4:2b:92:da:57:2f:8c:10:50:d9:59:17:82:ed:61:81:1c:bc:
a7:41:5a:b5:6d:f3:c2:93:41:d2:9e:3d:03:b1:f5:84:7a:74:
81:f5:21:59:00:e2:87:bb:9b:f6:c5:21:32:b7:a0:74:f2:04:
fe:0a:05:38:28:a2:a8:5c:88:bc:7b:69:2c:df:aa:ec:c1:60:
a3:74:85:56:f4:ca:02:96:c1:88:30:48:43:5a:e2:8b:a4:10:
da:92:30:bf:b2:68:d2:eb:97:8d:af:46:fd:39:d0:23:ab:35:
67:6b:07:c7:f7:6b:24:8c:8f:9b:f0:23:54:9c:f4:3b:88:6b:
da:71:4f:a7:59:c5:e3:42:4d:d8:b1:dc:2a:5e:87:6b:20:90:
0c:ca:7b:fd:dd:c8:80:b4:81:93:3a:ee:4b:cb:1d:e4:4e:21:
2b:ff:6b:40:cc:29:34:b0:c2:77:cd:e6:1b:0d:a0:32:97:be:
d0:9c:c8:e5:00:46:70:31:3f:32:f1:03:4e:bc:87:57:0b:69:
85:5c:50:c8:c1:f3:2b:c3:db:f7:94:14:e7:a8:b8:0c:cc:86:
ff:99:e8:f5:74:30:99:57:bc:17:74:4c:7b:63:de:bf:c3:3a:
2d:19:2a:b1:4a:11:db:a3:0c:9c:ad:34:e5:7a:41:66:fc:29:
f5:00:b5:54
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYxNkU0NENCMDcwMUND
NTREMTg3NUMyNDhCNTNGN0E5MUI3NjkxRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC71q8YfHfJfGkOGvVYAruSYzOadvx+iJGdKBg7mrxkt68rJ4q5
YyO30i9wce3nMmU4ssgCTS2MQ+GoMolH6tWsPrOWBTGVPXyTCfb5emLr7ubZk1tW
/rny47yQYUKj+HhkMVCZO87YH50RD5YIKYBQ8XGcZjfy5iXgyQCOxnm4dX+/zwV9
4xvlk6Tzwz8hurzVFEBiSCZh+pPo2Ajv9t8NqolpCI7wbJ07Qedeoj1G4nPZudZW
MMEAVsx8JuLQm5Xo8Eh+jd1beXB7TmQDiGZ9WKSIKvWP48+lW+HcxkxLdLXpIQcE
lPKcozC5bOk/qFHxUo++rQUkoGzvBAZbfHwHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUYW5EywcBzFTRh1wki1P3qRt2keQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9ZVzVFeXdjQnpGVFJoMXdraTFQ
M3FSdDJrZVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD3Igw
DQYJKoZIhvcNAQELBQADggEBAMQrktpXL4wQUNlZF4LtYYEcvKdBWrVt88KTQdKe
PQOx9YR6dIH1IVkA4oe7m/bFITK3oHTyBP4KBTgooqhciLx7aSzfquzBYKN0hVb0
ygKWwYgwSENa4oukENqSML+yaNLrl42vRv050COrNWdrB8f3aySMj5vwI1Sc9DuI
a9pxT6dZxeNCTdix3Cpeh2sgkAzKe/3dyIC0gZM67kvLHeROISv/a0DMKTSwwnfN
5hsNoDKXvtCcyOUARnAxPzLxA068h1cLaYVcUMjB8yvD2/eUFOeouAzMhv+Z6PV0
MJlXvBd0THtj3r/DOi0ZKrFKEdujDJytNOV6QWb8KfUAtVQ=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:23:06 2025 by rpki-client