Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/hxkwv8UYSEbyFhpTUM4xdZcNUvc.roa
File: hxkwv8UYSEbyFhpTUM4xdZcNUvc.roa (raw, json)
Hash identifier: aNFXau11k714BV0VbnTm18nf4/Igc8dheWIWCiMy2wk=
Subject key identifier: 87:19:30:BF:C5:18:48:46:F2:16:1A:53:50:CE:31:75:97:0D:52:F7
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14FF
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hxkwv8UYSEbyFhpTUM4xdZcNUvc.roa
Signing time: Tue 11 Feb 2025 23:44:13 +0000
ROA not before: Tue 11 Feb 2025 23:44:13 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 20940
IP address blocks: 203.69.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5375 (0x14ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:13 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=871930BFC5184846F2161A5350CE3175970D52F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:45:ef:db:ea:a4:82:25:d8:bc:14:bb:3a:01:
82:35:c4:33:a4:e1:50:a1:e0:3d:4a:ec:5d:04:54:
a2:b6:20:36:20:61:07:6b:7b:8a:4f:f6:dd:5e:d9:
c7:af:d3:f3:15:33:cd:c0:61:50:f0:13:da:74:7a:
6c:cc:ce:30:60:3e:03:24:bf:e9:1b:86:2a:a3:97:
e3:19:d0:93:1a:7b:36:6c:65:5c:4a:1e:0f:04:40:
a7:0a:27:94:c4:33:bd:ad:28:de:95:e2:8f:70:3f:
c6:e0:1e:d2:24:fe:f3:ba:c1:34:21:bb:ef:ad:1f:
36:3a:28:61:a6:e0:68:27:ba:11:36:6b:6d:3a:49:
ca:5e:b0:6f:c9:35:d8:4f:ff:e7:d7:4b:fb:7e:82:
13:43:fe:e5:3f:a8:76:7b:a3:14:36:6c:d0:78:1d:
38:15:bb:4e:be:da:c8:29:08:c9:2f:ce:7f:0f:67:
a3:08:4b:e9:ca:44:f3:c2:e4:14:f8:cf:7d:65:64:
e3:78:44:0b:af:8a:00:60:0a:0d:60:70:66:2f:71:
7d:2d:d1:36:ff:1e:2b:2f:67:ef:bb:ac:bd:58:46:
6b:94:4e:14:1b:6d:03:ef:07:18:98:d7:df:59:d4:
1d:20:92:ff:17:d9:0b:5b:41:ef:e6:1e:fc:14:d4:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:19:30:BF:C5:18:48:46:F2:16:1A:53:50:CE:31:75:97:0D:52:F7
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hxkwv8UYSEbyFhpTUM4xdZcNUvc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.69.138.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:20:19:f6:03:aa:8f:dc:b4:2d:2a:c6:ab:34:eb:ac:2e:c2:
a4:a7:2e:7a:11:7a:dd:42:4e:e8:0f:7b:54:ec:d4:6f:e2:aa:
9f:b5:81:5c:61:f0:aa:00:b7:ef:e5:6d:b6:01:74:6d:ae:b4:
c7:58:3c:5d:14:31:0f:84:77:1f:05:ba:6c:b0:f2:a9:e6:27:
81:90:59:61:54:18:00:67:a5:52:94:5b:8c:ba:cd:9e:43:96:
9e:9b:ac:e0:ea:c2:1a:c1:ca:a9:e5:28:76:9b:a7:54:8c:f6:
b9:94:f1:20:31:45:fb:81:9d:48:5a:29:6b:0c:e8:6d:35:ea:
8c:df:8e:1d:bd:41:4d:00:e4:ff:05:2a:28:5b:72:ef:f3:98:
ce:7e:ce:2d:68:0a:b2:53:bc:a7:4b:6b:d7:12:5b:9b:d2:5d:
5f:a2:f4:a3:dd:5e:3c:ee:28:21:53:58:bb:d1:b4:4e:49:52:
9f:0e:5b:da:61:b0:88:4a:43:9d:32:b9:78:4d:1c:90:a3:1b:
be:e7:01:85:00:e6:ac:5e:68:09:96:0c:be:54:a0:07:23:01:
90:13:fc:90:69:67:2e:c2:fa:45:c7:3d:28:91:ee:77:cd:db:
8b:57:1a:cd:0f:56:31:3c:e8:d5:1e:13:6d:7d:ba:1e:dc:86:
37:e0:39:ff
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3MTkzMEJGQzUxODQ4
NDZGMjE2MUE1MzUwQ0UzMTc1OTcwRDUyRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeRe/b6qSCJdi8FLs6AYI1xDOk4VCh4D1K7F0EVKK2IDYgYQdr
e4pP9t1e2cev0/MVM83AYVDwE9p0emzMzjBgPgMkv+kbhiqjl+MZ0JMaezZsZVxK
Hg8EQKcKJ5TEM72tKN6V4o9wP8bgHtIk/vO6wTQhu++tHzY6KGGm4GgnuhE2a206
ScpesG/JNdhP/+fXS/t+ghND/uU/qHZ7oxQ2bNB4HTgVu06+2sgpCMkvzn8PZ6MI
S+nKRPPC5BT4z31lZON4RAuvigBgCg1gcGYvcX0t0Tb/HisvZ++7rL1YRmuUThQb
bQPvBxiY199Z1B0gkv8X2QtbQe/mHvwU1DznAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUhxkwv8UYSEbyFhpTUM4xdZcNUvcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oeGt3djhVWVNFYnlGaHBUVU00
eGRaY05VdmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0WK
MA0GCSqGSIb3DQEBCwUAA4IBAQDRIBn2A6qP3LQtKsarNOusLsKkpy56EXrdQk7o
D3tU7NRv4qqftYFcYfCqALfv5W22AXRtrrTHWDxdFDEPhHcfBbpssPKp5ieBkFlh
VBgAZ6VSlFuMus2eQ5aem6zg6sIawcqp5Sh2m6dUjPa5lPEgMUX7gZ1IWilrDOht
NeqM344dvUFNAOT/BSooW3Lv85jOfs4taAqyU7ynS2vXElub0l1fovSj3V487igh
U1i70bROSVKfDlvaYbCISkOdMrl4TRyQoxu+5wGFAOasXmgJlgy+VKAHIwGQE/yQ
aWcuwvpFxz0oke53zduLVxrND1YxPOjVHhNtfboe3IY34Dn/
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:38:58 2025 by rpki-client