Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/ZF0dmqINmc6ZAOWsk4hyVqAYAZ0.roa
File: ZF0dmqINmc6ZAOWsk4hyVqAYAZ0.roa (raw, json)
Hash identifier: 0EW8qRD/lg2XTOt/TU+tx/2NAgcInhHqTmcAnuCwn0w=
Subject key identifier: 64:5D:1D:9A:A2:0D:99:CE:99:00:E5:AC:93:88:72:56:A0:18:01:9D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11CF
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ZF0dmqINmc6ZAOWsk4hyVqAYAZ0.roa
Signing time: Mon 26 Aug 2024 05:17:58 +0000
ROA not before: Mon 26 Aug 2024 05:17:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 33717
IP address blocks: 220.128.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4559 (0x11cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:58 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=645D1D9AA20D99CE9900E5AC93887256A018019D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:67:5d:03:10:f1:ac:85:75:96:35:20:55:98:
9a:13:98:57:f1:f8:6b:b7:d7:8f:c0:63:45:9b:73:
55:c8:12:e7:3a:99:6d:b9:ba:bf:e3:66:53:e0:48:
99:0f:2b:12:d5:ef:bc:5d:ee:c2:43:f7:bc:17:a5:
65:89:d9:98:94:7a:f5:44:73:77:be:63:9a:3c:28:
db:18:ab:7d:01:2e:97:b2:04:00:99:e2:16:02:42:
dc:57:be:fa:ed:1d:60:70:05:8d:96:e4:37:8b:bb:
dc:07:8a:37:e6:cc:7e:e7:41:07:a2:7d:17:a1:e1:
e2:fb:f4:4c:c2:de:97:68:1b:36:cd:16:7f:f9:83:
34:8f:c4:01:21:4e:fa:10:bf:92:f4:93:6f:c5:0f:
1c:44:9f:08:40:89:a5:6b:b3:f3:92:48:68:af:77:
17:59:b2:28:ff:55:db:72:04:97:d4:1a:27:03:92:
1a:1b:22:18:2a:b6:5d:65:29:88:35:36:50:45:ea:
f3:b0:02:92:d4:58:aa:6e:d3:ad:b9:73:c1:d8:b2:
89:f7:7b:04:b6:0c:ed:c2:44:38:1e:e7:ae:ac:0a:
59:eb:1b:2d:d2:88:04:1c:0a:a8:f2:9a:8e:b3:15:
60:fb:ea:b1:cd:78:9d:e3:18:09:7e:b0:f3:16:e8:
10:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5D:1D:9A:A2:0D:99:CE:99:00:E5:AC:93:88:72:56:A0:18:01:9D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ZF0dmqINmc6ZAOWsk4hyVqAYAZ0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.51.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:ed:3f:c4:23:64:40:42:25:91:31:32:86:30:d1:6d:ae:78:
40:0a:d5:64:ec:4d:68:08:d6:84:d0:61:e9:07:ba:2b:b5:07:
88:7d:96:85:91:07:09:b7:b2:50:49:43:31:cf:e9:08:60:b8:
7b:81:e5:c5:a5:c1:af:3c:5a:74:6f:02:d9:55:5a:ed:81:e9:
56:05:4a:2b:95:e5:1a:ef:23:d3:78:fa:75:6c:53:3b:cf:b1:
af:78:86:bc:06:0e:64:be:5c:15:e8:cd:d5:f0:d0:37:39:27:
f6:4f:aa:75:e3:a8:db:26:9a:65:44:ce:aa:1d:8c:21:0c:87:
7e:6b:d3:dc:8f:6d:3a:6b:8f:c8:28:1b:71:c8:49:64:e7:1a:
3b:05:a1:bf:ce:40:8b:3f:e9:68:bd:1b:09:2f:9f:60:f8:3c:
4d:e6:d0:f7:1e:7a:bf:ba:e0:cd:b5:9f:3c:f3:77:29:c6:4d:
e7:2e:81:5e:c3:de:45:51:f9:d8:ba:fd:18:8f:41:3c:3c:cd:
10:32:ee:e6:71:d9:ec:8a:35:04:40:99:fc:6b:b7:69:eb:f4:
f5:db:ea:16:f3:d0:d0:6f:41:8d:eb:16:86:d9:a4:3f:25:53:
ad:86:ac:36:93:b6:d3:8f:39:5f:1d:d9:9b:0e:d2:66:20:ad:
38:37:7c:43
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY0NUQxRDlBQTIwRDk5
Q0U5OTAwRTVBQzkzODg3MjU2QTAxODAxOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2Z10DEPGshXWWNSBVmJoTmFfx+Gu314/AY0Wbc1XIEuc6mW25
ur/jZlPgSJkPKxLV77xd7sJD97wXpWWJ2ZiUevVEc3e+Y5o8KNsYq30BLpeyBACZ
4hYCQtxXvvrtHWBwBY2W5DeLu9wHijfmzH7nQQeifReh4eL79EzC3pdoGzbNFn/5
gzSPxAEhTvoQv5L0k2/FDxxEnwhAiaVrs/OSSGivdxdZsij/VdtyBJfUGicDkhob
Ihgqtl1lKYg1NlBF6vOwApLUWKpu0625c8HYson3ewS2DO3CRDge566sClnrGy3S
iAQcCqjymo6zFWD76rHNeJ3jGAl+sPMW6BD3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZF0dmqINmc6ZAOWsk4hyVqAYAZ0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9aRjBkbXFJTm1jNlpBT1dzazRo
eVZxQVlBWjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IAz
MA0GCSqGSIb3DQEBCwUAA4IBAQDM7T/EI2RAQiWRMTKGMNFtrnhACtVk7E1oCNaE
0GHpB7ortQeIfZaFkQcJt7JQSUMxz+kIYLh7geXFpcGvPFp0bwLZVVrtgelWBUor
leUa7yPTePp1bFM7z7GveIa8Bg5kvlwV6M3V8NA3OSf2T6p146jbJpplRM6qHYwh
DId+a9Pcj206a4/IKBtxyElk5xo7BaG/zkCLP+lovRsJL59g+DxN5tD3Hnq/uuDN
tZ8883cpxk3nLoFew95FUfnYuv0Yj0E8PM0QMu7mcdnsijUEQJn8a7dp6/T12+oW
89DQb0GN6xaG2aQ/JVOthqw2k7bTjzlfHdmbDtJmIK04N3xD
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:03 2025 by rpki-client