Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/hfRfHwttBFiUa1_Vnc6oXwsMmrA.roa
File: hfRfHwttBFiUa1_Vnc6oXwsMmrA.roa (raw, json)
Hash identifier: 12Ge0aR49bgAYI/CJ6kpVa9o0BRC97ql/SDsf04rQfM=
Subject key identifier: 85:F4:5F:1F:0B:6D:04:58:94:6B:5F:D5:9D:CE:A8:5F:0B:0C:9A:B0
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 147E
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hfRfHwttBFiUa1_Vnc6oXwsMmrA.roa
Signing time: Mon 10 Feb 2025 14:34:58 +0000
ROA not before: Mon 10 Feb 2025 14:34:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 10126
IP address blocks: 220.128.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5246 (0x147e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:58 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=85F45F1F0B6D0458946B5FD59DCEA85F0B0C9AB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:c3:64:56:be:88:b9:57:19:6d:c7:51:13:
86:74:82:69:a2:09:12:c6:dd:82:15:be:ec:0a:01:
4b:02:37:66:7c:4d:61:89:21:c6:e5:57:b6:b7:f0:
33:28:2e:ad:c8:9f:32:46:7e:00:9c:84:0d:ac:f9:
77:37:d4:4a:73:38:90:b4:37:6a:e7:74:cb:18:23:
9d:fc:f0:48:82:2e:f7:79:1d:69:b8:45:77:93:f5:
aa:6c:e4:ec:92:d1:e6:df:e4:c0:9b:78:f4:7d:97:
2e:0f:54:97:dd:da:9f:96:2d:c2:6e:68:54:ae:c2:
54:41:0a:71:10:4d:ef:e1:92:e4:ec:ea:9a:e5:ec:
98:8c:5b:75:c9:82:21:02:c4:88:94:a2:5f:69:b1:
de:96:f6:9e:e8:61:e8:17:ca:b9:56:25:1a:7f:ac:
39:62:61:23:01:cc:44:65:2d:82:b0:e0:cc:c0:64:
a1:d6:4d:a1:55:30:83:92:99:d5:d0:97:0c:e5:5e:
8d:03:49:a1:9d:5c:f4:fc:9f:a1:24:f4:4c:b7:9e:
0f:96:30:d1:4a:0f:46:5d:71:93:d3:31:0e:81:06:
fd:9a:68:36:61:fb:7b:83:1c:b2:86:cb:51:f5:55:
db:15:7f:fc:7a:32:c5:b8:d3:74:9b:11:6c:55:59:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F4:5F:1F:0B:6D:04:58:94:6B:5F:D5:9D:CE:A8:5F:0B:0C:9A:B0
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hfRfHwttBFiUa1_Vnc6oXwsMmrA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
51:73:9e:42:6b:e0:26:6c:2f:49:ee:87:8a:61:c5:d8:a9:ad:
49:25:de:67:56:82:3a:db:90:dd:70:e2:cf:22:c8:8c:46:c2:
ea:4a:ef:b8:d3:e3:ca:cc:6e:c3:1b:79:60:c8:67:0f:82:56:
42:3f:07:dc:5d:eb:ef:80:77:e7:0b:d5:93:9e:2d:e5:36:35:
ac:a4:b8:14:f9:c9:b3:ae:a5:de:7c:51:1f:fd:03:3c:59:c7:
59:47:ef:db:11:ee:05:c7:a5:7e:29:60:51:8e:dd:8b:4b:72:
f5:36:54:78:b7:36:43:ed:81:13:4a:cd:f2:ef:a3:5f:89:38:
36:23:75:08:b6:0f:11:a0:b5:16:00:51:37:a7:11:54:2e:7e:
1d:ee:32:c7:0a:ea:1d:82:6f:7d:0d:c4:c7:81:66:bb:17:dd:
c8:99:bc:00:ef:78:6a:cf:23:5d:d4:1e:86:f1:ee:82:20:ae:
a0:5f:4e:b0:9d:ee:33:22:4d:fa:69:30:8d:55:6b:c0:cd:06:
4b:5c:24:0e:30:07:e1:91:a1:1a:eb:e8:17:1e:69:5e:4b:f9:
ed:ea:42:8d:98:77:34:9f:24:66:3d:b2:ed:04:1d:86:34:c3:
e4:d9:08:1a:9b:5a:33:a2:53:25:27:6d:06:85:ac:ca:5f:fc:
60:cf:cd:06
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg1RjQ1RjFGMEI2RDA0
NTg5NDZCNUZENTlEQ0VBODVGMEIwQzlBQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+fMNkVr6IuVcZbcdRE4Z0gmmiCRLG3YIVvuwKAUsCN2Z8TWGJ
IcblV7a38DMoLq3InzJGfgCchA2s+Xc31EpzOJC0N2rndMsYI5388EiCLvd5HWm4
RXeT9aps5OyS0ebf5MCbePR9ly4PVJfd2p+WLcJuaFSuwlRBCnEQTe/hkuTs6prl
7JiMW3XJgiECxIiUol9psd6W9p7oYegXyrlWJRp/rDliYSMBzERlLYKw4MzAZKHW
TaFVMIOSmdXQlwzlXo0DSaGdXPT8n6Ek9Ey3ng+WMNFKD0ZdcZPTMQ6BBv2aaDZh
+3uDHLKGy1H1VdsVf/x6MsW403SbEWxVWectAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhfRfHwttBFiUa1/Vnc6oXwsMmrAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oZlJmSHd0dEJGaVVhMV9WbmM2
b1h3c01tckEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD3IA4
MA0GCSqGSIb3DQEBCwUAA4IBAQBRc55Ca+AmbC9J7oeKYcXYqa1JJd5nVoI625Dd
cOLPIsiMRsLqSu+40+PKzG7DG3lgyGcPglZCPwfcXevvgHfnC9WTni3lNjWspLgU
+cmzrqXefFEf/QM8WcdZR+/bEe4Fx6V+KWBRjt2LS3L1NlR4tzZD7YETSs3y76Nf
iTg2I3UItg8RoLUWAFE3pxFULn4d7jLHCuodgm99DcTHgWa7F93ImbwA73hqzyNd
1B6G8e6CIK6gX06wne4zIk36aTCNVWvAzQZLXCQOMAfhkaEa6+gXHmleS/nt6kKN
mHc0nyRmPbLtBB2GNMPk2Qgam1ozolMlJ20GhazKX/xgz80G
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:32:40 2025 by rpki-client