Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/sRU-DkyMhkHJqYis6SVsv9In_G8.roa
File: sRU-DkyMhkHJqYis6SVsv9In_G8.roa (raw, json)
Hash identifier: kCgNlYVQj/68RCwJgK7bVe8PrHCZZBSIZgq9pfULZJE=
Subject key identifier: B1:15:3E:0E:4C:8C:86:41:C9:A9:88:AC:E9:25:6C:BF:D2:27:FC:6F
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14A4
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/sRU-DkyMhkHJqYis6SVsv9In_G8.roa
Signing time: Mon 10 Feb 2025 14:35:07 +0000
ROA not before: Mon 10 Feb 2025 14:35:07 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 10126
IP address blocks: 220.128.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5284 (0x14a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:07 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B1153E0E4C8C8641C9A988ACE9256CBFD227FC6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:8b:6f:5c:06:cd:4d:f6:5b:cd:60:80:38:
ba:f8:e8:76:9f:6f:4e:d2:20:af:bf:19:ff:da:97:
74:3e:5b:c2:6f:bb:09:01:fd:15:f2:5b:fa:7e:74:
ac:35:e8:5d:bf:71:03:df:a7:2a:ae:d4:ce:f3:31:
4f:89:8d:3e:8a:38:ca:a6:52:66:98:4c:09:91:71:
30:af:c4:b5:13:98:46:e9:d3:85:7f:8a:5c:d2:ac:
7e:1d:35:bf:e0:a6:db:93:15:00:3c:14:48:53:80:
76:c5:84:69:9c:76:69:81:94:c1:c2:92:33:09:eb:
47:3a:12:21:70:5d:03:ab:2b:2f:06:51:8b:fa:ab:
98:48:be:6b:b1:6d:87:db:8a:eb:b2:8a:e2:36:bc:
5c:92:fc:86:77:99:7d:8b:82:41:cf:2e:59:ed:76:
8b:c5:63:8c:70:64:0f:a4:5c:7a:6d:b5:73:61:c2:
8b:3f:df:6a:a1:9e:db:f7:af:15:c8:4a:ca:63:17:
28:b5:ee:05:78:a5:d5:21:1d:97:b5:55:de:36:3b:
76:a0:65:63:a9:b0:bf:1c:7c:b7:bc:05:0f:0a:73:
c6:9e:af:ea:df:b7:60:bf:6d:4d:47:73:c5:80:aa:
93:bd:39:4c:ef:3e:77:7c:00:13:5b:47:6b:f0:c6:
3a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:15:3E:0E:4C:8C:86:41:C9:A9:88:AC:E9:25:6C:BF:D2:27:FC:6F
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/sRU-DkyMhkHJqYis6SVsv9In_G8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.64.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:57:02:54:a0:41:b6:3e:b8:98:36:89:83:88:66:f7:3a:9f:
cf:58:4a:a3:3e:82:15:70:71:e7:0c:9b:de:82:ee:d8:73:a7:
5d:b2:95:c6:b2:b2:3b:97:9f:0c:7f:b8:ba:6b:86:0e:2d:01:
81:5c:69:02:cb:2d:a7:60:e2:ea:17:5d:e6:71:81:aa:98:cf:
04:7f:4c:95:72:f8:9c:80:e0:cc:d6:8d:44:96:4b:03:30:9e:
d7:1d:39:25:91:cf:97:ea:1b:e2:66:70:5f:36:5b:e6:d1:8e:
8c:ee:2d:01:c4:32:a9:0b:67:fe:c8:ab:37:63:ef:4f:51:10:
bd:cd:f6:2a:01:74:51:63:2e:ce:cf:35:4b:23:bd:04:5c:3c:
2b:48:99:a2:ce:92:9f:74:25:2e:24:ee:59:ae:83:71:e8:5c:
22:06:b4:3a:10:d0:3b:5d:ce:59:31:df:8f:ab:6c:8a:20:f2:
74:3e:1f:b4:dc:39:14:55:a4:c6:47:12:f3:aa:3d:a8:27:a9:
5f:79:a8:31:56:d9:67:2f:2a:ed:fe:73:da:c3:d2:ec:45:73:
33:8e:61:7a:77:cf:53:82:ba:fd:1a:a7:9d:d3:8f:a3:27:0a:
99:ff:78:5a:6d:17:24:6e:68:b8:91:e7:e7:ee:79:1d:cc:54:
56:91:a4:29
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIxMTUzRTBFNEM4Qzg2
NDFDOUE5ODhBQ0U5MjU2Q0JGRDIyN0ZDNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3/otvXAbNTfZbzWCAOLr46Hafb07SIK+/Gf/al3Q+W8JvuwkB
/RXyW/p+dKw16F2/cQPfpyqu1M7zMU+JjT6KOMqmUmaYTAmRcTCvxLUTmEbp04V/
ilzSrH4dNb/gptuTFQA8FEhTgHbFhGmcdmmBlMHCkjMJ60c6EiFwXQOrKy8GUYv6
q5hIvmuxbYfbiuuyiuI2vFyS/IZ3mX2LgkHPLlntdovFY4xwZA+kXHpttXNhwos/
32qhntv3rxXISspjFyi17gV4pdUhHZe1Vd42O3agZWOpsL8cfLe8BQ8Kc8aer+rf
t2C/bU1Hc8WAqpO9OUzvPnd8ABNbR2vwxjoLAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUsRU+DkyMhkHJqYis6SVsv9In/G8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9zUlUtRGt5TWhrSEpxWWlzNlNW
c3Y5SW5fRzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE3IBA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcVwJUoEG2PriYNomDiGb3Op/PWEqjPoIVcHHn
DJvegu7Yc6ddspXGsrI7l58Mf7i6a4YOLQGBXGkCyy2nYOLqF13mcYGqmM8Ef0yV
cvicgODM1o1ElksDMJ7XHTklkc+X6hviZnBfNlvm0Y6M7i0BxDKpC2f+yKs3Y+9P
URC9zfYqAXRRYy7OzzVLI70EXDwrSJmizpKfdCUuJO5ZroNx6FwiBrQ6ENA7Xc5Z
Md+Pq2yKIPJ0Ph+03DkUVaTGRxLzqj2oJ6lfeagxVtlnLyrt/nPaw9LsRXMzjmF6
d89Tgrr9Gqed04+jJwqZ/3habRckbmi4kefn7nkdzFRWkaQp
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:37:48 2025 by rpki-client