Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/qLtMI46DzYtMlEqU0VlxOw76mIU.roa
File: qLtMI46DzYtMlEqU0VlxOw76mIU.roa (raw, json)
Hash identifier: c3nnp6xOzGu8PtOcwRXve3pe7a5QIKYXQpvWjAxoZvM=
Subject key identifier: A8:BB:4C:23:8E:83:CD:8B:4C:94:4A:94:D1:59:71:3B:0E:FA:98:85
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11EC
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/qLtMI46DzYtMlEqU0VlxOw76mIU.roa
Signing time: Mon 26 Aug 2024 05:18:04 +0000
ROA not before: Mon 26 Aug 2024 05:18:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4588 (0x11ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:18:04 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A8BB4C238E83CD8B4C944A94D159713B0EFA9885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:68:92:9c:22:37:cd:76:8d:f7:d7:9b:96:99:
09:f5:3e:01:c2:88:96:3e:db:62:aa:f6:56:17:ef:
af:20:b9:7f:d4:f6:43:63:3c:c7:ef:18:c9:31:8d:
ec:b9:35:9d:85:ab:01:01:6a:d4:10:d7:fa:23:00:
73:b6:f4:79:88:09:f1:c9:3f:62:6b:4c:9a:32:91:
ce:67:a8:8d:2a:18:fc:ff:d7:ae:ef:01:67:92:51:
1b:54:2a:1c:fe:38:a9:78:9f:5a:9b:bd:44:db:93:
61:d1:63:12:46:6c:fb:72:5d:58:8d:d1:aa:12:05:
6b:23:62:1b:9f:1a:a2:37:67:1d:a3:c7:79:f1:fa:
19:e9:e5:94:a4:52:7a:63:d3:07:c7:f9:79:e2:d8:
72:ba:b4:4a:e2:58:0f:21:5a:b1:68:73:8a:d2:bc:
f2:43:b2:2d:bc:39:d2:ab:10:8e:a2:22:a4:84:ed:
14:fb:aa:c1:40:ab:95:30:2d:1a:44:45:da:ef:97:
bb:da:9d:80:7c:c5:b6:73:14:9a:33:fe:fa:07:79:
64:40:81:d6:15:1e:a0:70:a3:19:99:d3:46:76:a5:
e7:19:0c:ab:20:d1:6e:4b:ca:3c:bc:b8:38:6d:6f:
dc:47:c3:20:30:6f:72:a1:59:0b:5a:2a:0d:02:f4:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BB:4C:23:8E:83:CD:8B:4C:94:4A:94:D1:59:71:3B:0E:FA:98:85
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/qLtMI46DzYtMlEqU0VlxOw76mIU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.0.0/18
Signature Algorithm: sha256WithRSAEncryption
88:b9:e6:d2:87:89:93:06:c0:04:f4:73:84:a0:9d:01:56:b9:
c0:48:d5:a4:3a:55:8e:52:3e:61:a6:8d:b9:5d:36:f8:f8:06:
16:34:bc:f8:49:11:9d:61:a3:7e:30:a3:ce:66:73:0a:7c:aa:
e3:d3:3b:18:44:f6:10:5c:02:90:10:52:2c:a5:aa:1b:0b:0f:
af:f9:ed:02:84:83:b6:72:eb:45:a1:51:6c:c1:fc:5a:c3:dd:
71:ec:72:ac:f1:57:d5:1f:8e:de:fb:59:b9:52:a0:fc:71:3d:
0a:96:09:06:f2:1d:ea:7d:11:98:57:bd:66:cc:3c:0b:b3:8c:
1d:3a:39:54:0b:97:db:d6:49:e6:a0:0d:30:63:32:04:b1:d1:
32:be:80:2d:79:6e:a3:cd:a5:4e:8c:68:99:38:af:a0:dd:af:
8d:92:1d:7b:82:3e:d1:5b:52:40:65:9e:96:fe:7f:40:a9:f4:
d5:4d:73:6a:f6:0a:e3:70:d6:84:c7:2c:dc:87:1d:7d:5c:d1:
4b:1e:8f:36:4b:b5:f0:d1:31:7d:94:68:9f:01:e6:2c:1a:b8:
45:42:33:90:ab:f8:b0:a5:9c:d1:65:f3:d1:9e:77:f7:06:9e:
4e:cf:4f:8d:3e:74:43:68:9b:d0:26:d4:42:30:4b:46:bf:96:
73:bc:01:c7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE4MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4QkI0QzIzOEU4M0NE
OEI0Qzk0NEE5NEQxNTk3MTNCMEVGQTk4ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcaJKcIjfNdo3315uWmQn1PgHCiJY+22Kq9lYX768guX/U9kNj
PMfvGMkxjey5NZ2FqwEBatQQ1/ojAHO29HmICfHJP2JrTJoykc5nqI0qGPz/167v
AWeSURtUKhz+OKl4n1qbvUTbk2HRYxJGbPtyXViN0aoSBWsjYhufGqI3Zx2jx3nx
+hnp5ZSkUnpj0wfH+Xni2HK6tEriWA8hWrFoc4rSvPJDsi28OdKrEI6iIqSE7RT7
qsFAq5UwLRpERdrvl7vanYB8xbZzFJoz/voHeWRAgdYVHqBwoxmZ00Z2pecZDKsg
0W5Lyjy8uDhtb9xHwyAwb3KhWQtaKg0C9J23AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUqLtMI46DzYtMlEqU0VlxOw76mIUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9xTHRNSTQ2RHpZdE1sRXFVMFZs
eE93NzZtSVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG3IAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCIuebSh4mTBsAE9HOEoJ0BVrnASNWkOlWOUj5h
po25XTb4+AYWNLz4SRGdYaN+MKPOZnMKfKrj0zsYRPYQXAKQEFIspaobCw+v+e0C
hIO2cutFoVFswfxaw91x7HKs8VfVH47e+1m5UqD8cT0KlgkG8h3qfRGYV71mzDwL
s4wdOjlUC5fb1knmoA0wYzIEsdEyvoAteW6jzaVOjGiZOK+g3a+Nkh17gj7RW1JA
ZZ6W/n9AqfTVTXNq9grjcNaExyzchx19XNFLHo82S7Xw0TF9lGifAeYsGrhFQjOQ
q/iwpZzRZfPRnnf3Bp5Oz0+NPnRDaJvQJtRCMEtGv5ZzvAHH
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:08 2025 by rpki-client