Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/vz7dcO9g_vCvISz2nEz7xImJqFY.roa
File: vz7dcO9g_vCvISz2nEz7xImJqFY.roa (raw, json)
Hash identifier: wj8xgP1PqvgUQYQXaRY7YHs7687txAYzSHyhG+BJn6A=
Subject key identifier: BF:3E:DD:70:EF:60:FE:F0:AF:21:2C:F6:9C:4C:FB:C4:89:89:A8:56
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 157B
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/vz7dcO9g_vCvISz2nEz7xImJqFY.roa
Signing time: Tue 11 Feb 2025 23:44:41 +0000
ROA not before: Tue 11 Feb 2025 23:44:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 111.240.0.0/12 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5499 (0x157b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BF3EDD70EF60FEF0AF212CF69C4CFBC48989A856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0f:ed:0b:28:73:9b:a3:a8:9c:88:67:b6:65:
46:29:5e:93:29:14:cf:da:4e:c7:ec:f1:7c:ad:ce:
70:14:62:64:90:70:bc:38:fc:6b:45:d7:09:55:de:
a0:31:3d:c9:c2:78:3e:92:c0:1f:77:f9:58:8b:43:
7b:21:31:e1:6d:a3:88:d3:9d:5f:74:e4:c5:4e:cd:
4f:7f:ca:17:65:0b:49:b6:b6:76:af:7d:4d:68:b1:
a6:a3:b8:1b:55:22:e0:a8:e3:f0:8b:5f:3c:00:4c:
28:c8:42:70:eb:fb:e3:75:be:6b:43:6b:98:7c:c4:
8b:0b:1f:20:d0:1c:7b:37:cb:ba:d6:85:cd:3c:5a:
05:53:b0:2d:6c:65:8d:57:88:86:f9:c4:12:00:6f:
d6:8a:91:66:f3:e0:b6:13:ca:20:7a:46:63:41:bd:
05:87:6e:ef:c6:55:cb:5a:c2:35:d5:5e:f9:56:0e:
65:d4:a0:3e:46:b6:74:61:cb:26:86:bf:f9:82:a1:
ac:9f:0d:ba:96:87:53:ec:25:93:fc:67:72:dc:2f:
c9:f7:20:5a:77:e3:59:74:98:80:7e:35:ae:16:9f:
f2:2f:27:e6:bf:9a:5a:12:e7:2b:6f:38:d9:b9:d7:
d5:62:93:eb:cb:5f:07:3b:8f:2e:c8:79:cf:2f:6b:
29:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3E:DD:70:EF:60:FE:F0:AF:21:2C:F6:9C:4C:FB:C4:89:89:A8:56
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/vz7dcO9g_vCvISz2nEz7xImJqFY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.240.0.0/12
Signature Algorithm: sha256WithRSAEncryption
85:4a:7b:db:56:b7:31:2e:c1:96:93:3c:d5:76:cd:98:0a:18:
ad:7d:62:d3:b7:ff:db:07:d5:b0:22:c5:e5:04:ec:bb:9c:b5:
0a:dc:e2:5f:12:9a:d7:bf:96:de:ff:44:aa:fd:84:42:4a:0b:
fd:84:e6:d6:ad:6f:36:1c:e6:a7:b7:de:2c:03:46:34:2f:d0:
c4:76:dd:c5:50:f4:12:da:c4:3e:14:6a:9b:90:1b:84:33:f4:
c5:d9:d4:a2:15:e7:a3:ec:a9:02:85:b2:b2:f4:df:ed:34:f9:
77:bd:22:db:3a:22:4a:4e:a3:3c:c5:7b:84:40:c1:49:7a:fe:
41:23:14:a8:10:8c:0b:1c:d2:12:6b:fa:73:06:15:aa:d6:55:
34:f1:b5:2a:b2:86:1f:13:8f:a6:c2:82:32:d0:e5:05:d0:f4:
bd:1e:1d:8e:e9:d6:17:99:06:da:42:17:7c:56:a6:5e:1a:39:
0a:a6:95:fe:8a:00:0b:ff:35:db:4f:1a:be:f5:7f:f9:b7:d5:
78:92:79:a7:81:06:b9:fd:b1:1d:0a:cc:26:17:2f:d2:6e:2a:
47:a8:e4:57:a6:57:ce:9d:9a:25:bb:3f:07:96:b2:9e:46:01:
6f:dc:08:d0:bf:4a:ba:64:fc:59:dc:be:e9:31:38:73:e0:96:
72:81:57:87
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJGM0VERDcwRUY2MEZF
RjBBRjIxMkNGNjlDNENGQkM0ODk4OUE4NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFD+0LKHObo6iciGe2ZUYpXpMpFM/aTsfs8XytznAUYmSQcLw4
/GtF1wlV3qAxPcnCeD6SwB93+ViLQ3shMeFto4jTnV905MVOzU9/yhdlC0m2tnav
fU1osaajuBtVIuCo4/CLXzwATCjIQnDr++N1vmtDa5h8xIsLHyDQHHs3y7rWhc08
WgVTsC1sZY1XiIb5xBIAb9aKkWbz4LYTyiB6RmNBvQWHbu/GVctawjXVXvlWDmXU
oD5GtnRhyyaGv/mCoayfDbqWh1PsJZP8Z3LcL8n3IFp341l0mIB+Na4Wn/IvJ+a/
mloS5ytvONm519Vik+vLXwc7jy7Iec8vaynhAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUvz7dcO9g/vCvISz2nEz7xImJqFYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC92ejdkY085Z192Q3ZJU3oybkV6
N3hJbUpxRlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEb/Aw
DQYJKoZIhvcNAQELBQADggEBAIVKe9tWtzEuwZaTPNV2zZgKGK19YtO3/9sH1bAi
xeUE7LuctQrc4l8Smte/lt7/RKr9hEJKC/2E5tatbzYc5qe33iwDRjQv0MR23cVQ
9BLaxD4UapuQG4Qz9MXZ1KIV56PsqQKFsrL03+00+Xe9Its6IkpOozzFe4RAwUl6
/kEjFKgQjAsc0hJr+nMGFarWVTTxtSqyhh8Tj6bCgjLQ5QXQ9L0eHY7p1heZBtpC
F3xWpl4aOQqmlf6KAAv/NdtPGr71f/m31XiSeaeBBrn9sR0KzCYXL9JuKkeo5Fem
V86dmiW7PweWsp5GAW/cCNC/Srpk/FncvukxOHPglnKBV4c=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:22:06 2025 by rpki-client