Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/hQXFAYztXLEa879vSzf-u2kWB4A.roa
File: hQXFAYztXLEa879vSzf-u2kWB4A.roa (raw, json)
Hash identifier: 5v8CjjRskRwSZFzeV1Q+LVLGL00//RsJFP5485bUK6Y=
Subject key identifier: 85:05:C5:01:8C:ED:5C:B1:1A:F3:BF:6F:4B:37:FE:BB:69:16:07:80
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 150B
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hQXFAYztXLEa879vSzf-u2kWB4A.roa
Signing time: Tue 11 Feb 2025 23:44:16 +0000
ROA not before: Tue 11 Feb 2025 23:44:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 20940
IP address blocks: 203.69.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5387 (0x150b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8505C5018CED5CB11AF3BF6F4B37FEBB69160780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:47:e5:d9:af:99:44:9a:f1:11:6b:98:77:
88:31:e7:e5:e0:54:bf:69:04:a3:29:a4:33:55:c5:
38:f4:a0:a6:7f:1a:8a:b3:c3:2c:7a:3e:54:f3:cd:
90:4a:78:56:bf:fa:ce:53:09:1e:5e:d1:45:72:6c:
bb:54:7b:95:94:d5:d8:50:6c:1e:8e:0b:4d:82:7d:
33:f7:94:fa:d5:d4:91:a7:15:89:74:55:05:ce:86:
74:c9:6a:f6:de:01:4e:7c:75:96:30:55:c9:69:ea:
c5:be:7a:4a:98:f8:b2:27:71:1f:3c:e6:95:52:a0:
5b:32:75:15:ef:63:9d:bd:f0:d5:8a:58:17:d6:5a:
0d:4c:0c:6b:4a:8c:eb:b6:e8:f4:21:9e:a2:a2:cd:
78:b7:09:80:f2:4a:21:d0:11:79:8e:d3:da:e8:f1:
5d:7a:2c:f3:05:66:ac:f5:95:2e:47:71:fd:6f:a4:
0e:e4:d7:78:18:ec:62:6c:b5:df:87:74:f1:9d:93:
f5:11:60:ff:54:10:c3:7b:78:e5:1e:32:91:d0:23:
99:48:fa:00:1a:70:38:cc:3b:c3:52:c7:a8:2a:a3:
89:c0:93:7c:aa:17:38:25:0b:b1:cd:1c:05:d2:eb:
fc:f3:3a:97:73:e6:d6:d0:11:fa:66:7f:b9:6f:ab:
f1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:05:C5:01:8C:ED:5C:B1:1A:F3:BF:6F:4B:37:FE:BB:69:16:07:80
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hQXFAYztXLEa879vSzf-u2kWB4A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.69.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:dc:d9:b6:6d:a3:6e:a8:5c:cf:64:3e:58:cd:46:96:27:46:
98:4b:06:3d:2c:7d:9e:0f:c5:06:39:3f:26:90:52:66:26:a9:
27:6a:2e:73:8f:d3:04:cf:86:41:de:d6:75:08:b4:ef:35:0e:
44:4a:4c:67:d7:04:5d:af:67:b8:24:e1:27:f8:6b:4f:90:96:
d7:2e:8b:80:b0:7b:7b:48:b4:04:62:64:4a:b1:90:8d:48:3c:
1b:95:bd:76:33:50:43:4f:2c:86:c4:a5:cc:1b:2b:6b:f0:b6:
13:62:d1:a3:47:91:77:34:fd:59:54:42:88:48:ae:44:61:8b:
84:93:d1:d2:fe:2c:50:88:c5:9e:e1:d3:c0:ae:9a:6f:3c:ce:
af:4a:bb:f7:40:29:16:60:5e:fb:df:c5:55:2f:33:8b:11:15:
71:d8:10:84:c1:79:70:5d:74:8d:a5:0f:b1:87:75:2b:d0:62:
22:53:b0:a0:ea:d3:93:e8:9b:0a:26:40:fe:6d:98:d5:05:2c:
89:e5:34:ed:a7:0e:f7:d8:79:f7:22:c7:b7:80:d6:ac:ba:4e:
a2:3b:89:a2:01:f0:d5:af:d4:e0:35:6d:ca:a8:6d:c4:3e:91:
f5:4f:74:72:50:f2:cd:bb:5a:c9:e5:52:34:f6:9c:be:cf:75:
33:c5:c8:23
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg1MDVDNTAxOENFRDVD
QjExQUYzQkY2RjRCMzdGRUJCNjkxNjA3ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPiUfl2a+ZRJrxEWuYd4gx5+XgVL9pBKMppDNVxTj0oKZ/Goqz
wyx6PlTzzZBKeFa/+s5TCR5e0UVybLtUe5WU1dhQbB6OC02CfTP3lPrV1JGnFYl0
VQXOhnTJavbeAU58dZYwVclp6sW+ekqY+LIncR885pVSoFsydRXvY5298NWKWBfW
Wg1MDGtKjOu26PQhnqKizXi3CYDySiHQEXmO09ro8V16LPMFZqz1lS5Hcf1vpA7k
13gY7GJstd+HdPGdk/URYP9UEMN7eOUeMpHQI5lI+gAacDjMO8NSx6gqo4nAk3yq
FzglC7HNHAXS6/zzOpdz5tbQEfpmf7lvq/E3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhQXFAYztXLEa879vSzf+u2kWB4AwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oUVhGQVl6dFhMRWE4Nzl2U3pm
LXUya1dCNEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0WN
MA0GCSqGSIb3DQEBCwUAA4IBAQCn3Nm2baNuqFzPZD5YzUaWJ0aYSwY9LH2eD8UG
OT8mkFJmJqknai5zj9MEz4ZB3tZ1CLTvNQ5ESkxn1wRdr2e4JOEn+GtPkJbXLouA
sHt7SLQEYmRKsZCNSDwblb12M1BDTyyGxKXMGytr8LYTYtGjR5F3NP1ZVEKISK5E
YYuEk9HS/ixQiMWe4dPArppvPM6vSrv3QCkWYF7738VVLzOLERVx2BCEwXlwXXSN
pQ+xh3Ur0GIiU7Cg6tOT6JsKJkD+bZjVBSyJ5TTtpw732Hn3Ise3gNasuk6iO4mi
AfDVr9TgNW3KqG3EPpH1T3RyUPLNu1rJ5VI09py+z3Uzxcgj
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:32:12 2025 by rpki-client