Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/oQtsZxeXQuBROy6iHejuPu-3F60.roa
File: oQtsZxeXQuBROy6iHejuPu-3F60.roa (raw, json)
Hash identifier: joKRgRnW/es/isNFrIyKWfNIOJx+NGGVuNeEGrBlzYY=
Subject key identifier: A1:0B:6C:67:17:97:42:E0:51:3B:2E:A2:1D:E8:EE:3E:EF:B7:17:AD
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14B3
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oQtsZxeXQuBROy6iHejuPu-3F60.roa
Signing time: Mon 10 Feb 2025 14:35:11 +0000
ROA not before: Mon 10 Feb 2025 14:35:11 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9505
IP address blocks: 175.111.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5299 (0x14b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:11 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A10B6C67179742E0513B2EA21DE8EE3EEFB717AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:74:d3:17:84:5c:2d:3a:f3:6c:60:d0:94:
a3:8e:08:76:bd:3b:4b:fa:26:18:09:a5:9b:63:49:
8f:91:f6:72:bf:0f:b8:7a:36:6c:5e:ba:7a:d9:32:
cd:45:69:46:9c:eb:f5:e5:34:62:ea:c0:46:bb:bf:
36:df:33:3b:12:8b:1d:a9:51:0e:dc:a6:cc:49:ab:
c2:0f:1e:d2:9e:70:ce:0a:0a:de:cf:ce:60:8d:eb:
5a:9e:36:b9:31:70:a5:cf:3a:48:90:f2:a7:c8:32:
19:a1:37:7c:d3:dd:4e:29:5f:5f:78:e4:07:ef:ad:
0b:c9:6f:6b:52:d6:f2:dc:4a:2d:7c:2b:20:22:1e:
0f:da:53:0d:9f:a1:9e:f0:91:ff:2b:cc:01:19:f5:
c2:63:48:d0:4f:24:72:ea:ec:70:47:62:84:2f:e9:
f5:be:a5:48:c0:e1:b7:b1:fc:97:98:61:68:9e:66:
48:4c:72:9c:1c:00:7a:5c:c5:65:9f:01:aa:39:94:
97:fc:f0:23:f9:85:ee:ce:aa:2a:71:ce:68:e0:1a:
07:21:a0:88:91:25:7a:b0:73:bd:c6:43:c9:15:84:
17:5f:23:3b:d6:2d:5e:cf:ba:cf:b5:85:57:68:1f:
32:b8:b1:d3:b1:57:05:30:de:ca:36:aa:45:2f:1e:
0f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0B:6C:67:17:97:42:E0:51:3B:2E:A2:1D:E8:EE:3E:EF:B7:17:AD
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/oQtsZxeXQuBROy6iHejuPu-3F60.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.111.238.0/24
Signature Algorithm: sha256WithRSAEncryption
67:41:84:38:af:0e:b2:c8:40:e7:13:90:be:4f:ec:da:7c:2a:
11:25:23:fa:93:4d:c3:4d:d4:af:b5:dd:48:bd:f0:79:e6:51:
d5:39:1a:1b:43:5c:81:c3:fb:f2:e5:85:ee:31:20:54:f5:34:
77:f4:63:3d:83:69:a8:75:76:57:54:38:7d:d5:10:15:9f:43:
7f:3d:e5:f5:d1:e4:41:7a:0c:b8:d6:c8:40:0a:df:48:3b:c5:
fc:3a:40:3b:8d:83:35:06:73:62:b6:60:88:71:e1:e0:b5:f6:
76:e7:71:e1:fb:30:66:1f:e1:a9:e8:9d:45:ba:1d:d7:02:37:
53:14:da:be:7d:6f:ae:93:47:c2:9a:6c:af:24:f2:fd:65:48:
b4:4d:fe:f5:2f:58:4d:fc:05:31:0d:90:cf:5c:69:89:67:53:
2b:db:42:6b:00:60:a3:8f:a1:58:f7:fa:c8:5b:c7:4b:6d:c0:
62:b1:5a:1e:45:2c:8e:55:5e:6d:23:8f:b4:5e:0f:2f:67:da:
4d:94:9f:67:77:d6:95:11:09:39:b3:69:96:72:be:5b:3a:64:
f5:34:5b:fb:74:40:36:7a:4b:5b:5c:c9:c7:32:83:51:10:28:
1a:5d:6a:18:be:69:0f:96:2d:35:dc:1d:66:99:ac:12:6e:83:
93:38:ec:3a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExMEI2QzY3MTc5NzQy
RTA1MTNCMkVBMjFERThFRTNFRUZCNzE3QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuzXTTF4RcLTrzbGDQlKOOCHa9O0v6JhgJpZtjSY+R9nK/D7h6
NmxeunrZMs1FaUac6/XlNGLqwEa7vzbfMzsSix2pUQ7cpsxJq8IPHtKecM4KCt7P
zmCN61qeNrkxcKXPOkiQ8qfIMhmhN3zT3U4pX1945AfvrQvJb2tS1vLcSi18KyAi
Hg/aUw2foZ7wkf8rzAEZ9cJjSNBPJHLq7HBHYoQv6fW+pUjA4bex/JeYYWieZkhM
cpwcAHpcxWWfAao5lJf88CP5he7OqipxzmjgGgchoIiRJXqwc73GQ8kVhBdfIzvW
LV7Pus+1hVdoHzK4sdOxVwUw3so2qkUvHg/1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUoQtsZxeXQuBROy6iHejuPu+3F60wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vUXRzWnhlWFF1QlJPeTZpSGVq
dVB1LTNGNjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAr2/u
MA0GCSqGSIb3DQEBCwUAA4IBAQBnQYQ4rw6yyEDnE5C+T+zafCoRJSP6k03DTdSv
td1IvfB55lHVORobQ1yBw/vy5YXuMSBU9TR39GM9g2modXZXVDh91RAVn0N/PeX1
0eRBegy41shACt9IO8X8OkA7jYM1BnNitmCIceHgtfZ253Hh+zBmH+Gp6J1Fuh3X
AjdTFNq+fW+uk0fCmmyvJPL9ZUi0Tf71L1hN/AUxDZDPXGmJZ1Mr20JrAGCjj6FY
9/rIW8dLbcBisVoeRSyOVV5tI4+0Xg8vZ9pNlJ9nd9aVEQk5s2mWcr5bOmT1NFv7
dEA2ektbXMnHMoNRECgaXWoYvmkPli013B1mmawSboOTOOw6
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:42:31 2025 by rpki-client