Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/dD89ZWnodh6XBcTMgfOvpIXi6HE.roa
File: dD89ZWnodh6XBcTMgfOvpIXi6HE.roa (raw, json)
Hash identifier: KrjrF3TwRJ2nODCIkm0eBcH2M1XMABO4N8EQDn6RNqg=
Subject key identifier: 74:3F:3D:65:69:E8:76:1E:97:05:C4:CC:81:F3:AF:A4:85:E2:E8:71
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1510
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/dD89ZWnodh6XBcTMgfOvpIXi6HE.roa
Signing time: Tue 11 Feb 2025 23:44:17 +0000
ROA not before: Tue 11 Feb 2025 23:44:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 198949
IP address blocks: 203.66.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5392 (0x1510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=743F3D6569E8761E9705C4CC81F3AFA485E2E871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:78:92:a1:f8:de:0c:49:1d:1a:f9:56:41:7c:
60:6f:90:82:e1:28:b6:fd:68:05:86:21:5f:60:99:
d2:94:3b:55:68:b1:45:a6:c4:96:b7:27:67:9d:60:
50:c5:d0:19:72:8f:4f:d3:07:e4:6b:ac:6a:a1:ca:
c7:a5:b4:a2:31:b3:f0:34:66:51:5c:e9:eb:19:ab:
06:61:52:b4:db:08:50:0b:38:f9:4a:fe:0d:05:2c:
68:f8:a4:fc:ff:55:0b:5c:8d:7b:41:9d:7a:91:ca:
8c:18:08:b9:97:72:5a:f0:eb:64:2c:3f:96:79:63:
01:fe:b4:97:df:76:88:40:36:0d:79:ec:7f:39:6c:
a6:1f:83:e7:5d:4e:4f:ba:c0:05:28:b5:45:b4:99:
f6:f2:a0:2c:f8:21:ad:14:6c:a7:fc:76:28:c1:c3:
f7:a2:d3:0c:19:dd:35:2f:61:d5:88:af:1d:33:70:
59:23:67:fa:39:47:a8:04:1d:a1:ee:b3:e4:7e:a0:
13:e1:31:cb:03:6d:86:32:a8:75:91:64:a7:a8:cc:
f6:64:f7:a3:a9:de:95:0b:36:2c:30:eb:9d:91:98:
ba:17:fa:bb:4e:44:ec:d8:8b:11:dd:4a:18:d9:71:
f7:84:c0:7b:cf:6a:59:ca:e4:1e:7b:e5:4c:8a:f8:
8f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3F:3D:65:69:E8:76:1E:97:05:C4:CC:81:F3:AF:A4:85:E2:E8:71
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/dD89ZWnodh6XBcTMgfOvpIXi6HE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.66.126.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b7:a0:46:56:b5:d4:d4:87:6f:30:60:6b:1e:ea:66:0d:05:
cb:73:42:49:db:d4:01:74:78:4c:bf:0b:2b:c4:a2:f6:b4:17:
d4:21:84:fd:4e:e5:21:a8:12:53:d0:0e:9a:ad:d8:34:06:af:
2c:00:46:5e:80:c0:42:8b:41:10:17:e4:f9:32:a6:f2:f6:ce:
ef:b4:ce:0c:91:60:44:19:f7:5a:50:89:e0:eb:46:5a:38:c4:
f5:61:87:58:81:1b:e1:51:d8:04:7b:23:1f:a1:46:a1:56:8a:
b8:f6:e5:95:55:4d:bc:4f:01:0d:fe:44:f8:41:06:c3:d2:a5:
7a:fd:58:3c:e2:5f:cb:70:4a:46:79:c9:ba:79:a8:2d:41:82:
74:71:9d:43:8b:dd:52:ae:cd:34:a4:43:30:e4:46:c2:a8:ae:
bf:61:a7:91:6b:23:e3:49:95:21:c7:94:ef:12:40:fe:f2:20:
19:18:2c:9e:d9:13:c0:d2:15:22:21:6d:6c:6c:cd:0d:f7:a6:
5a:ef:98:95:70:cd:91:e9:c9:69:9e:58:e6:00:b5:a2:24:62:
70:73:60:de:c4:77:25:c1:6f:45:80:44:b1:09:44:6b:5c:ac:
2d:68:c5:32:96:e5:ce:77:46:1e:66:02:25:38:cd:0e:4b:af:
63:92:ad:64
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFRAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc0M0YzRDY1NjlFODc2
MUU5NzA1QzRDQzgxRjNBRkE0ODVFMkU4NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8eJKh+N4MSR0a+VZBfGBvkILhKLb9aAWGIV9gmdKUO1VosUWm
xJa3J2edYFDF0Blyj0/TB+RrrGqhyseltKIxs/A0ZlFc6esZqwZhUrTbCFALOPlK
/g0FLGj4pPz/VQtcjXtBnXqRyowYCLmXclrw62QsP5Z5YwH+tJffdohANg157H85
bKYfg+ddTk+6wAUotUW0mfbyoCz4Ia0UbKf8dijBw/ei0wwZ3TUvYdWIrx0zcFkj
Z/o5R6gEHaHus+R+oBPhMcsDbYYyqHWRZKeozPZk96Op3pULNiww652RmLoX+rtO
ROzYixHdShjZcfeEwHvPalnK5B575UyK+I+vAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUdD89ZWnodh6XBcTMgfOvpIXi6HEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9kRDg5Wldub2RoNlhCY1RNZ2ZP
dnBJWGk2SEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0J+
MA0GCSqGSIb3DQEBCwUAA4IBAQCmt6BGVrXU1IdvMGBrHupmDQXLc0JJ29QBdHhM
vwsrxKL2tBfUIYT9TuUhqBJT0A6ardg0Bq8sAEZegMBCi0EQF+T5Mqby9s7vtM4M
kWBEGfdaUIng60ZaOMT1YYdYgRvhUdgEeyMfoUahVoq49uWVVU28TwEN/kT4QQbD
0qV6/Vg84l/LcEpGecm6eagtQYJ0cZ1Di91Srs00pEMw5EbCqK6/YaeRayPjSZUh
x5TvEkD+8iAZGCye2RPA0hUiIW1sbM0N96Za75iVcM2R6clpnljmALWiJGJwc2De
xHclwW9FgESxCURrXKwtaMUyluXOd0YeZgIlOM0OS69jkq1k
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:24:15 2025 by rpki-client