Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/kG_ZwY-D14eY4ql5TDgHor1FAkg.roa
File: kG_ZwY-D14eY4ql5TDgHor1FAkg.roa (raw, json)
Hash identifier: 4pBp+Z7EC4t5TTAP5UJYYBxQ3DZjBjXn0WMc4L8LEok=
Subject key identifier: 90:6F:D9:C1:8F:83:D7:87:98:E2:A9:79:4C:38:07:A2:BD:45:02:48
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14DB
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kG_ZwY-D14eY4ql5TDgHor1FAkg.roa
Signing time: Mon 10 Feb 2025 14:35:20 +0000
ROA not before: Mon 10 Feb 2025 14:35:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 210.59.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5339 (0x14db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=906FD9C18F83D78798E2A9794C3807A2BD450248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:36:8d:68:6f:45:65:8b:ce:65:69:23:06:
1e:69:49:a0:4a:98:a1:1f:5e:f2:17:84:01:e6:b5:
87:8a:7d:0f:ff:28:10:6b:90:7a:94:1f:66:f4:43:
86:a8:fa:e1:09:9e:4d:0d:02:3d:2c:0a:b4:4f:58:
01:58:da:0d:fd:0a:82:1c:d4:48:be:10:e5:27:fc:
7f:9b:54:f2:f9:ce:cd:04:1b:89:ce:51:30:2a:14:
cc:a3:c1:f3:42:26:c6:e2:ab:10:f1:b1:b8:48:8d:
1a:74:ac:5a:9d:90:5c:ab:56:dc:31:70:54:bc:04:
a3:25:80:cf:c4:6c:f0:f4:b0:ab:bc:e9:e1:20:40:
7d:45:a4:84:a9:9b:a3:7e:ee:92:a6:7d:1f:3e:69:
6a:f5:de:fb:25:e9:10:64:a7:49:79:91:e9:95:04:
88:20:6a:d0:f3:80:4d:18:eb:44:07:3d:46:88:0f:
f4:bf:79:13:0d:cd:1e:48:8c:f9:05:0a:8d:4e:89:
0e:37:93:49:57:37:66:76:47:b9:9a:33:20:54:12:
6a:9f:83:df:a6:07:8c:be:7a:b5:e9:90:5e:86:47:
e1:f7:cb:5f:ce:b3:3d:77:91:94:f7:c0:91:97:f2:
0e:df:1b:5a:15:7b:fe:0e:ad:9b:f0:3f:17:4d:17:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6F:D9:C1:8F:83:D7:87:98:E2:A9:79:4C:38:07:A2:BD:45:02:48
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/kG_ZwY-D14eY4ql5TDgHor1FAkg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.59.128.0/17
Signature Algorithm: sha256WithRSAEncryption
18:eb:47:52:71:c9:e2:52:51:8b:1c:df:32:e3:63:76:05:f8:
4a:12:08:89:7a:21:5a:bc:c0:1a:1d:97:95:08:00:da:b9:62:
1f:81:03:5c:a6:07:ce:bb:48:be:94:5c:f8:58:1b:fc:df:e8:
28:0f:1a:09:f7:ad:88:d8:34:9e:6b:c9:5c:6e:5c:e1:30:ab:
48:7d:fa:04:1e:96:48:c3:18:61:e5:f4:17:c1:96:48:3a:50:
5d:90:11:66:20:9f:15:88:88:4f:5e:c3:c8:16:db:f2:6f:03:
72:7c:9b:55:68:35:c6:30:2d:48:3b:3d:66:ee:69:f0:56:31:
92:92:39:18:68:0e:75:14:8a:f7:a7:ed:fb:96:2b:f5:07:7a:
53:df:ad:ae:6e:91:09:ec:c1:b1:02:76:2c:4c:5b:71:8a:c9:
4a:f9:90:4d:00:6d:65:01:95:e9:ff:97:74:06:3e:93:96:f8:
b9:5f:21:52:a4:e1:77:0c:41:5a:be:ee:c4:9c:87:2e:5f:08:
98:6e:33:7c:5b:e1:80:d3:ce:a7:59:45:d0:52:0a:3f:18:1d:
ea:98:2a:ca:e1:5f:16:c6:03:57:ca:4a:58:ae:5a:68:d1:94:
9d:80:cd:fd:11:55:3f:64:ef:28:98:80:22:c8:20:bb:66:b7:
42:fc:0b:9a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkwNkZEOUMxOEY4M0Q3
ODc5OEUyQTk3OTRDMzgwN0EyQkQ0NTAyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiEDaNaG9FZYvOZWkjBh5pSaBKmKEfXvIXhAHmtYeKfQ//KBBr
kHqUH2b0Q4ao+uEJnk0NAj0sCrRPWAFY2g39CoIc1Ei+EOUn/H+bVPL5zs0EG4nO
UTAqFMyjwfNCJsbiqxDxsbhIjRp0rFqdkFyrVtwxcFS8BKMlgM/EbPD0sKu86eEg
QH1FpISpm6N+7pKmfR8+aWr13vsl6RBkp0l5kemVBIggatDzgE0Y60QHPUaID/S/
eRMNzR5IjPkFCo1OiQ43k0lXN2Z2R7maMyBUEmqfg9+mB4y+erXpkF6GR+H3y1/O
sz13kZT3wJGX8g7fG1oVe/4OrZvwPxdNF4EHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkG/ZwY+D14eY4ql5TDgHor1FAkgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9rR19ad1ktRDE0ZVk0cWw1VERn
SG9yMUZBa2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0juA
MA0GCSqGSIb3DQEBCwUAA4IBAQAY60dSccniUlGLHN8y42N2BfhKEgiJeiFavMAa
HZeVCADauWIfgQNcpgfOu0i+lFz4WBv83+goDxoJ962I2DSea8lcblzhMKtIffoE
HpZIwxhh5fQXwZZIOlBdkBFmIJ8ViIhPXsPIFtvybwNyfJtVaDXGMC1IOz1m7mnw
VjGSkjkYaA51FIr3p+37liv1B3pT362ubpEJ7MGxAnYsTFtxislK+ZBNAG1lAZXp
/5d0Bj6Tlvi5XyFSpOF3DEFavu7EnIcuXwiYbjN8W+GA086nWUXQUgo/GB3qmCrK
4V8WxgNXykpYrlpo0ZSdgM39EVU/ZO8omIAiyCC7ZrdC/Aua
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:24:51 2025 by rpki-client