Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/fXbEafR1F3FVXVaDE5-mIM-ROzQ.roa
File: fXbEafR1F3FVXVaDE5-mIM-ROzQ.roa (raw, json)
Hash identifier: UDXwsunfhJSEBtIfSeUCbqsGB6CKIJ5TU7JSi8wwzhg=
Subject key identifier: 7D:76:C4:69:F4:75:17:71:55:5D:56:83:13:9F:A6:20:CF:91:3B:34
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11C9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fXbEafR1F3FVXVaDE5-mIM-ROzQ.roa
Signing time: Mon 26 Aug 2024 05:17:56 +0000
ROA not before: Mon 26 Aug 2024 05:17:56 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7500
IP address blocks: 202.39.32.0/28 maxlen: 28
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4553 (0x11c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:56 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7D76C469F4751771555D5683139FA620CF913B34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:1a:be:a2:9c:8f:db:06:ec:ec:1e:8e:ba:
33:28:af:e0:2c:61:a2:68:77:97:1e:71:39:e7:b7:
97:9d:86:1b:e6:c3:3e:78:06:ca:5d:48:25:ef:ca:
47:bf:3f:2b:9e:21:28:f8:37:15:6e:e9:b2:52:1a:
75:b4:1f:11:9c:71:d2:01:20:84:be:7c:20:70:78:
81:58:0e:77:59:e5:6b:47:4b:81:6e:e4:dd:75:68:
f4:8e:d6:9a:89:f2:56:01:cb:fc:53:80:68:e6:3a:
6e:50:6a:a7:a6:9a:cb:27:3f:47:02:89:01:69:b9:
41:d8:3d:40:53:32:b5:4b:d8:26:f7:1a:e4:70:52:
93:1d:da:3d:c5:bd:e9:f1:f1:6a:5f:de:30:85:d6:
b6:ed:2a:f2:a7:69:ca:fb:02:0d:c3:dd:be:d8:43:
26:9e:43:76:bb:80:15:74:d1:44:34:e1:b7:88:92:
8c:be:2c:7e:fd:bc:00:c3:1d:d8:8e:9f:7f:fb:10:
b0:2d:7f:25:59:b3:33:97:7c:0f:e1:f1:c6:47:46:
5f:f6:d9:8b:5a:ec:a5:22:90:75:6e:e9:1d:17:c2:
4b:05:ab:dd:a9:56:d8:a1:99:91:42:3d:37:a1:df:
0c:f5:34:b3:75:74:e4:94:5d:d1:8e:bf:da:54:42:
9a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:76:C4:69:F4:75:17:71:55:5D:56:83:13:9F:A6:20:CF:91:3B:34
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fXbEafR1F3FVXVaDE5-mIM-ROzQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.39.32.0/28
Signature Algorithm: sha256WithRSAEncryption
21:d5:3e:07:71:1e:da:4e:42:7a:da:dc:25:2b:75:a0:20:c1:
63:63:95:54:cb:21:01:ef:b8:51:62:5c:89:5d:a7:b4:c8:a3:
21:3f:59:85:df:15:f1:0a:8e:79:15:78:86:53:fc:6f:33:00:
77:21:cf:39:b5:7f:c2:ab:93:84:cf:aa:69:f1:0e:ad:59:97:
b2:61:39:bc:1e:90:7a:38:c0:1f:8d:77:61:c5:91:57:db:cf:
38:95:e8:07:c5:75:bc:3f:d1:a0:a9:b9:40:47:da:35:bc:87:
1e:55:60:2b:99:c6:2d:b3:1b:7e:82:8f:ee:5a:93:18:c2:93:
86:b3:97:93:2f:25:46:55:21:80:90:03:b9:c9:50:56:bf:0f:
e7:0c:f6:28:5e:82:4b:f0:da:1a:55:d1:91:99:0b:03:33:00:
73:39:0a:43:96:e4:36:1e:59:ff:19:a1:f0:99:b5:b5:df:a3:
e3:ad:44:b5:c8:43:e7:62:bf:c8:2a:41:a1:46:4f:75:f8:1e:
b8:0e:d5:da:c4:55:74:e7:81:36:28:a6:ac:62:23:43:e8:6c:
9b:6d:db:16:0d:d0:63:21:e5:77:f5:c1:7a:c9:f6:28:cc:aa:
86:2c:ca:2d:41:27:54:3e:7d:e7:c8:f0:66:cb:b1:49:0b:41:
cb:eb:f1:63
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICEckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdENzZDNDY5RjQ3NTE3
NzE1NTVENTY4MzEzOUZBNjIwQ0Y5MTNCMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzwBq+opyP2wbs7B6OujMor+AsYaJod5cecTnnt5edhhvmwz54
BspdSCXvyke/PyueISj4NxVu6bJSGnW0HxGccdIBIIS+fCBweIFYDndZ5WtHS4Fu
5N11aPSO1pqJ8lYBy/xTgGjmOm5QaqemmssnP0cCiQFpuUHYPUBTMrVL2Cb3GuRw
UpMd2j3Fvenx8Wpf3jCF1rbtKvKnacr7Ag3D3b7YQyaeQ3a7gBV00UQ04beIkoy+
LH79vADDHdiOn3/7ELAtfyVZszOXfA/h8cZHRl/22Yta7KUikHVu6R0XwksFq92p
VtihmZFCPTeh3wz1NLN1dOSUXdGOv9pUQpodAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUfXbEafR1F3FVXVaDE5+mIM+ROzQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9mWGJFYWZSMUYzRlZYVmFERTUt
bUlNLVJPelEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEyicg
ADANBgkqhkiG9w0BAQsFAAOCAQEAIdU+B3Ee2k5CetrcJSt1oCDBY2OVVMshAe+4
UWJciV2ntMijIT9Zhd8V8QqOeRV4hlP8bzMAdyHPObV/wquThM+qafEOrVmXsmE5
vB6QejjAH413YcWRV9vPOJXoB8V1vD/RoKm5QEfaNbyHHlVgK5nGLbMbfoKP7lqT
GMKThrOXky8lRlUhgJADuclQVr8P5wz2KF6CS/DaGlXRkZkLAzMAczkKQ5bkNh5Z
/xmh8Jm1td+j461EtchD52K/yCpBoUZPdfgeuA7V2sRVdOeBNiimrGIjQ+hsm23b
Fg3QYyHld/XBesn2KMyqhizKLUEnVD5958jwZsuxSQtBy+vxYw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:49 2025 by rpki-client