Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/oJtM9odZKWzsveyUWkrDVV2xxpw.roa
File: oJtM9odZKWzsveyUWkrDVV2xxpw.roa (raw, json)
Hash identifier: oRNPzebXTtrDjRSy+8yPm415XZUQh0AlplOP8hrncqM=
Subject key identifier: A0:9B:4C:F6:87:59:29:6C:EC:BD:EC:94:5A:4A:C3:55:5D:B1:C6:9C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1541
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oJtM9odZKWzsveyUWkrDVV2xxpw.roa
Signing time: Tue 11 Feb 2025 23:44:28 +0000
ROA not before: Tue 11 Feb 2025 23:44:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5441 (0x1541)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A09B4CF68759296CECBDEC945A4AC3555DB1C69C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:6e:c4:dc:ca:20:d3:9e:2e:46:1a:56:1a:
34:71:75:a3:4d:e8:db:0d:5d:98:2e:02:36:5f:56:
9f:09:92:02:0b:68:3a:6f:87:b5:e1:c2:4d:72:0e:
4f:2c:e6:9a:a6:15:55:d2:2d:60:c6:b0:84:9b:5c:
d4:97:24:4b:cc:40:48:49:09:38:a7:19:01:ca:7c:
23:d6:ce:91:cb:0a:de:3c:4c:fd:74:31:0f:be:88:
b0:97:e6:b1:da:8d:37:cf:45:4f:46:95:ef:80:2c:
ef:22:31:d1:f9:31:92:bf:2c:f9:ea:84:5b:e3:c6:
16:27:61:77:ce:f9:34:a5:fa:d8:2a:09:78:fa:c0:
54:bb:d1:ce:ad:ae:77:1b:11:7a:ed:ea:a8:fe:87:
8d:db:0d:7f:83:5d:96:af:92:ff:7e:31:4b:ee:77:
c5:76:ad:8f:e6:1e:7c:e3:82:c7:61:c5:e8:6a:b2:
dd:e0:0c:74:34:c5:5e:37:99:30:17:2f:1f:b2:fa:
c1:3f:e2:78:50:9c:bf:29:3e:20:53:df:40:1d:0f:
d1:e6:a4:ef:2b:f9:fe:7f:b7:a2:29:63:65:f1:93:
73:40:c5:ee:72:44:bd:cb:3b:6c:93:84:f3:b6:2f:
bf:81:1c:00:eb:2f:53:56:3e:98:7c:e3:15:a3:2c:
07:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9B:4C:F6:87:59:29:6C:EC:BD:EC:94:5A:4A:C3:55:5D:B1:C6:9C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oJtM9odZKWzsveyUWkrDVV2xxpw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.0.0/18
Signature Algorithm: sha256WithRSAEncryption
15:73:55:32:b8:d1:c6:cb:d2:9b:8d:98:9d:67:a0:c7:81:52:
5b:7e:99:00:39:a8:6b:00:83:ad:4c:b9:64:c0:c1:b4:90:bf:
7b:ac:9c:19:36:5e:42:15:07:fb:20:3b:76:be:fe:40:77:f9:
61:94:bb:b6:9f:77:5d:59:34:ee:78:76:cf:30:19:2a:43:0c:
7e:cd:7d:db:6b:12:b8:e4:01:e7:ba:5e:86:35:84:dc:a8:79:
e5:ca:a9:55:65:c8:a1:2f:be:45:b4:77:60:93:c5:c5:82:55:
1e:ac:ff:63:de:09:26:5b:89:00:a1:35:5b:e1:48:56:d4:c2:
b5:88:60:59:fd:f3:a8:23:bf:52:e0:69:b3:71:f0:d1:8f:05:
5c:76:a5:df:8f:b4:f5:55:90:88:41:15:f2:a4:7d:bf:d1:5b:
66:21:f0:e9:79:0e:1c:1b:52:5c:03:3c:b4:f0:c1:f5:8e:be:
d4:43:e5:d6:a4:4b:30:43:81:9b:43:65:a0:88:8f:ad:0b:21:
de:62:e4:a2:36:51:91:f6:1a:e1:bf:76:ba:bf:bd:60:da:a7:
1a:de:51:72:b8:02:a0:4a:3d:a4:7b:d9:af:29:7e:d8:23:9d:
19:5b:d9:c0:a4:ed:c4:0b:77:99:f6:d8:a8:11:d2:2a:34:c9:
ac:f3:16:fb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwOUI0Q0Y2ODc1OTI5
NkNFQ0JERUM5NDVBNEFDMzU1NURCMUM2OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDq1G7E3Mog054uRhpWGjRxdaNN6NsNXZguAjZfVp8JkgILaDpv
h7Xhwk1yDk8s5pqmFVXSLWDGsISbXNSXJEvMQEhJCTinGQHKfCPWzpHLCt48TP10
MQ++iLCX5rHajTfPRU9Gle+ALO8iMdH5MZK/LPnqhFvjxhYnYXfO+TSl+tgqCXj6
wFS70c6trncbEXrt6qj+h43bDX+DXZavkv9+MUvud8V2rY/mHnzjgsdhxehqst3g
DHQ0xV43mTAXLx+y+sE/4nhQnL8pPiBT30AdD9HmpO8r+f5/t6IpY2Xxk3NAxe5y
RL3LO2yThPO2L7+BHADrL1NWPph84xWjLAfnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUoJtM9odZKWzsveyUWkrDVV2xxpwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vSnRNOW9kWktXenN2ZXlVV2ty
RFZWMnh4cHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG3IAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAVc1UyuNHGy9KbjZidZ6DHgVJbfpkAOahrAIOt
TLlkwMG0kL97rJwZNl5CFQf7IDt2vv5Ad/lhlLu2n3ddWTTueHbPMBkqQwx+zX3b
axK45AHnul6GNYTcqHnlyqlVZcihL75FtHdgk8XFglUerP9j3gkmW4kAoTVb4UhW
1MK1iGBZ/fOoI79S4GmzcfDRjwVcdqXfj7T1VZCIQRXypH2/0VtmIfDpeQ4cG1Jc
Azy08MH1jr7UQ+XWpEswQ4GbQ2WgiI+tCyHeYuSiNlGR9hrhv3a6v71g2qca3lFy
uAKgSj2ke9mvKX7YI50ZW9nApO3EC3eZ9tioEdIqNMms8xb7
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:23:16 2025 by rpki-client