Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/wTLebqdgHd4FwE23PWDQVoYg58o.roa
File: wTLebqdgHd4FwE23PWDQVoYg58o.roa (raw, json)
Hash identifier: DinGf2pC5MHHk03dFAcueEsogYzD7/nhB81PkB02RVA=
Subject key identifier: C1:32:DE:6E:A7:60:1D:DE:05:C0:4D:B7:3D:60:D0:56:86:20:E7:CA
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 146D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/wTLebqdgHd4FwE23PWDQVoYg58o.roa
Signing time: Mon 10 Feb 2025 14:34:54 +0000
ROA not before: Mon 10 Feb 2025 14:34:54 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 33717
IP address blocks: 220.128.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5229 (0x146d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:54 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C132DE6EA7601DDE05C04DB73D60D0568620E7CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:9f:d2:2d:26:ff:99:61:cc:d2:6e:9a:46:
c7:d3:bd:d0:85:dc:bb:77:85:e6:a6:40:7c:83:dc:
6e:c0:d2:3c:b6:f5:40:97:3f:df:d6:9c:2b:57:4d:
71:4f:bd:18:80:1b:c0:9e:40:fc:48:44:d1:bf:15:
3a:58:3b:77:7d:3b:f6:03:62:3e:3e:f6:b9:5b:cf:
0d:dc:a1:49:f2:19:8e:c3:a8:f0:a8:1d:ae:1b:d4:
b2:84:fa:d1:ca:41:68:e2:8a:5c:35:34:2a:76:d4:
d2:10:61:9b:2b:ae:01:d8:04:c6:2b:dd:4a:ee:ad:
02:e3:bb:87:73:23:33:5c:d0:cd:6e:42:39:fe:64:
46:37:24:e4:4d:21:e6:24:08:5a:b5:25:04:fb:c1:
bc:02:a7:bb:58:22:a3:c7:91:8b:c5:da:85:2b:6a:
15:69:ef:1a:74:9c:f2:f3:61:91:70:fd:67:fb:0d:
f9:33:e9:9f:9b:02:1a:c6:33:c1:84:00:3a:ce:3a:
0a:4a:fe:21:01:8d:b6:21:67:82:df:b7:05:75:78:
99:f4:01:d3:f9:96:71:6b:3b:70:48:2c:13:39:d1:
fe:f3:b2:9a:c3:09:8a:8e:a0:5c:60:b5:13:f2:92:
52:86:a3:4e:f9:3b:b8:f0:bd:0e:cc:cd:11:22:ee:
c1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:32:DE:6E:A7:60:1D:DE:05:C0:4D:B7:3D:60:D0:56:86:20:E7:CA
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/wTLebqdgHd4FwE23PWDQVoYg58o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.51.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:98:6a:4e:90:17:a7:03:48:7b:b3:23:fa:81:72:aa:f4:54:
4a:55:af:f3:6f:7e:56:94:b5:60:a3:9b:b4:33:bc:17:6a:9d:
61:12:73:b4:b4:87:4f:5a:78:4f:57:ce:9d:cf:05:6b:f1:69:
c2:c3:ac:df:75:0f:26:53:7d:5b:8f:3a:99:bf:63:2a:e0:6f:
ea:c5:55:0d:e6:57:db:08:23:03:a2:89:1f:00:29:72:89:b8:
7e:1a:09:85:6f:b6:76:73:e7:cb:75:f0:86:bd:40:5a:c3:d5:
01:d3:fe:7f:37:48:f7:07:04:04:6f:69:c1:5a:4f:cf:37:0c:
da:53:cf:1b:75:69:0e:80:dc:9d:e9:95:54:af:0e:c1:2e:8c:
4b:28:74:db:ba:91:b6:c4:04:84:2b:da:85:7a:a9:18:fe:6c:
19:75:0d:9c:66:19:26:04:e7:10:ce:d8:56:b7:f7:ad:d4:90:
d4:c4:0f:ac:4b:7e:a5:95:20:a7:5d:97:ef:04:41:d6:fa:56:
fd:1d:c5:ff:5e:80:22:02:6d:a9:d3:fb:e7:80:da:5a:b8:39:
3d:8d:4f:48:98:67:d1:cf:b3:a8:62:e6:ff:55:c2:36:06:e7:
5b:35:3c:73:49:d3:bb:38:2e:4e:ea:4f:10:9e:53:0e:d3:3b:
6d:95:76:87
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMxMzJERTZFQTc2MDFE
REUwNUMwNERCNzNENjBEMDU2ODYyMEU3Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI2p/SLSb/mWHM0m6aRsfTvdCF3Lt3heamQHyD3G7A0jy29UCX
P9/WnCtXTXFPvRiAG8CeQPxIRNG/FTpYO3d9O/YDYj4+9rlbzw3coUnyGY7DqPCo
Ha4b1LKE+tHKQWjiilw1NCp21NIQYZsrrgHYBMYr3UrurQLju4dzIzNc0M1uQjn+
ZEY3JORNIeYkCFq1JQT7wbwCp7tYIqPHkYvF2oUrahVp7xp0nPLzYZFw/Wf7Dfkz
6Z+bAhrGM8GEADrOOgpK/iEBjbYhZ4LftwV1eJn0AdP5lnFrO3BILBM50f7zsprD
CYqOoFxgtRPyklKGo075O7jwvQ7MzREi7sF3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUwTLebqdgHd4FwE23PWDQVoYg58owHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC93VExlYnFkZ0hkNEZ3RTIzUFdE
UVZvWWc1OG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IAz
MA0GCSqGSIb3DQEBCwUAA4IBAQDNmGpOkBenA0h7syP6gXKq9FRKVa/zb35WlLVg
o5u0M7wXap1hEnO0tIdPWnhPV86dzwVr8WnCw6zfdQ8mU31bjzqZv2Mq4G/qxVUN
5lfbCCMDookfAClyibh+GgmFb7Z2c+fLdfCGvUBaw9UB0/5/N0j3BwQEb2nBWk/P
NwzaU88bdWkOgNyd6ZVUrw7BLoxLKHTbupG2xASEK9qFeqkY/mwZdQ2cZhkmBOcQ
zthWt/et1JDUxA+sS36llSCnXZfvBEHW+lb9HcX/XoAiAm2p0/vngNpauDk9jU9I
mGfRz7OoYub/VcI2BudbNTxzSdO7OC5O6k8QnlMO0zttlXaH
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:41:03 2025 by rpki-client