Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/omnKoAye1DlTf_BVsDBAmQMcWRo.roa
File: omnKoAye1DlTf_BVsDBAmQMcWRo.roa (raw, json)
Hash identifier: l4oEW5oQh5G3mxV0sKPFGEsWCkdpiUrfcbrByv5i5Ek=
Subject key identifier: A2:69:CA:A0:0C:9E:D4:39:53:7F:F0:55:B0:30:40:99:03:1C:59:1A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14A7
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/omnKoAye1DlTf_BVsDBAmQMcWRo.roa
Signing time: Mon 10 Feb 2025 14:35:08 +0000
ROA not before: Mon 10 Feb 2025 14:35:08 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.130.0.0/15 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5287 (0x14a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:08 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A269CAA00C9ED439537FF055B0304099031C591A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4d:21:ed:fc:96:0f:e1:cc:02:16:f6:ac:b7:
31:16:9f:ca:e8:e0:4f:af:83:aa:3c:a8:4c:d1:88:
47:43:54:be:be:e2:bf:a3:9b:2e:71:1a:20:f4:14:
76:e6:b0:c2:d3:54:c7:66:9e:79:4c:2b:60:b6:b2:
d8:f2:ab:d9:9c:df:e7:46:6e:69:71:07:d4:9a:96:
6e:5b:b2:70:ec:e7:7f:ad:bc:c2:9c:22:7c:f8:7f:
aa:62:15:5f:9a:3b:a8:ac:3d:c2:17:d3:65:5c:b9:
e8:44:5a:52:30:97:74:9f:57:da:63:ec:e6:64:b8:
c0:dc:ed:d3:a9:e1:aa:c3:e6:02:49:04:ab:32:24:
c5:f4:85:2a:bb:7d:ef:fb:2a:ad:f0:c6:39:19:31:
eb:07:0c:f1:81:2e:0a:03:60:6e:21:75:ef:f2:d5:
e9:93:85:c0:60:8b:69:87:f3:96:10:67:53:a6:5c:
91:59:f0:a4:68:72:6a:3b:c1:e6:cb:c7:60:cc:bf:
9d:d4:3b:e1:97:71:80:eb:98:31:d3:45:9c:91:f8:
e3:67:be:d9:6b:88:20:ec:1a:4c:91:16:8f:01:37:
d7:1f:dc:39:0d:0a:51:4a:e4:f5:f0:67:65:49:3a:
81:4a:6f:96:11:23:11:96:59:25:07:e6:fa:74:e3:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:69:CA:A0:0C:9E:D4:39:53:7F:F0:55:B0:30:40:99:03:1C:59:1A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/omnKoAye1DlTf_BVsDBAmQMcWRo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.130.0.0/15
Signature Algorithm: sha256WithRSAEncryption
06:93:0f:21:73:b7:96:d8:e1:a8:94:00:2d:01:a3:bf:9a:9b:
73:1f:e4:75:6a:18:1f:11:ed:4a:d1:1e:ee:85:e9:ad:70:61:
e5:23:cb:aa:1c:a7:cf:a6:a3:37:6a:ac:2e:df:f2:a7:68:cb:
7a:53:bb:56:a6:39:37:d7:5d:03:34:c5:e9:8e:35:8a:19:c5:
02:b6:ed:65:9c:78:0a:d9:e6:0b:8d:6a:7e:10:9b:73:d9:d4:
b9:f8:b7:66:e8:9c:62:cc:2d:7e:6f:cd:48:e3:b7:2c:01:a5:
fc:dc:64:26:0f:d8:2d:8e:14:af:69:55:8f:eb:d6:ac:53:3e:
13:36:a8:20:b8:ca:86:8f:2e:f1:e7:15:6a:72:27:22:c2:4b:
dc:cc:6f:ea:65:16:f7:32:a6:ce:ba:2d:7d:5e:b2:27:cf:1a:
e7:ce:46:ff:d0:fa:a6:ad:e1:b2:5c:55:c4:4f:7b:f9:42:81:
9b:ba:4f:9d:3f:1e:3a:7b:1e:20:2d:68:03:5a:6e:28:8a:c0:
30:0c:dc:36:d1:2d:ff:bc:bf:72:d8:db:09:d5:ae:0c:c5:17:
b6:3c:a0:52:c0:73:dc:50:0b:f8:d0:2b:55:2a:8c:8b:78:17:
25:7c:42:db:58:35:2f:c3:fc:e9:92:30:ef:0a:2a:aa:a0:87:
6a:0a:d1:3a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyNjlDQUEwMEM5RUQ0
Mzk1MzdGRjA1NUIwMzA0MDk5MDMxQzU5MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYTSHt/JYP4cwCFvastzEWn8ro4E+vg6o8qEzRiEdDVL6+4r+j
my5xGiD0FHbmsMLTVMdmnnlMK2C2stjyq9mc3+dGbmlxB9Salm5bsnDs53+tvMKc
Inz4f6piFV+aO6isPcIX02VcuehEWlIwl3SfV9pj7OZkuMDc7dOp4arD5gJJBKsy
JMX0hSq7fe/7Kq3wxjkZMesHDPGBLgoDYG4hde/y1emThcBgi2mH85YQZ1OmXJFZ
8KRocmo7webLx2DMv53UO+GXcYDrmDHTRZyR+ONnvtlriCDsGkyRFo8BN9cf3DkN
ClFK5PXwZ2VJOoFKb5YRIxGWWSUH5vp045iHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUomnKoAye1DlTf/BVsDBAmQMcWRowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vbW5Lb0F5ZTFEbFRmX0JWc0RC
QW1RTWNXUm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMB3IIw
DQYJKoZIhvcNAQELBQADggEBAAaTDyFzt5bY4aiUAC0Bo7+am3Mf5HVqGB8R7UrR
Hu6F6a1wYeUjy6ocp8+mozdqrC7f8qdoy3pTu1amOTfXXQM0xemONYoZxQK27WWc
eArZ5guNan4Qm3PZ1Ln4t2bonGLMLX5vzUjjtywBpfzcZCYP2C2OFK9pVY/r1qxT
PhM2qCC4yoaPLvHnFWpyJyLCS9zMb+plFvcyps66LX1esifPGufORv/Q+qat4bJc
VcRPe/lCgZu6T50/Hjp7HiAtaANabiiKwDAM3DbRLf+8v3LY2wnVrgzFF7Y8oFLA
c9xQC/jQK1UqjIt4FyV8QttYNS/D/OmSMO8KKqqgh2oK0To=
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:19:54 2025 by rpki-client