Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/xeIyg3n9SlFabiHBDuvMAYWaF5k.roa
File: xeIyg3n9SlFabiHBDuvMAYWaF5k.roa (raw, json)
Hash identifier: 5Q22hfihd36PAYy++fZaIlVLKi5LM2y8WyxepTqhM3w=
Subject key identifier: C5:E2:32:83:79:FD:4A:51:5A:6E:21:C1:0E:EB:CC:01:85:9A:17:99
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 149E
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xeIyg3n9SlFabiHBDuvMAYWaF5k.roa
Signing time: Mon 10 Feb 2025 14:35:06 +0000
ROA not before: Mon 10 Feb 2025 14:35:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 54994
IP address blocks: 202.39.156.0/26 maxlen: 26
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5278 (0x149e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C5E2328379FD4A515A6E21C10EEBCC01859A1799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9c:15:31:cd:c1:70:e3:dd:a8:6d:21:38:dd:
24:5d:a1:97:e6:9b:14:b4:8a:07:a6:a3:25:96:13:
73:ce:de:4e:d5:bc:43:de:b5:d7:43:bd:27:dd:22:
59:d8:0d:6d:9a:5d:d3:bf:b3:aa:ba:4e:46:e8:9d:
94:2f:a0:24:65:79:78:ea:4d:21:37:67:92:25:9b:
d6:77:7a:83:30:70:78:0b:9f:11:56:25:eb:bc:92:
27:f5:74:72:e9:ed:cf:a2:bd:33:83:b4:f7:ba:cc:
1c:7f:bd:ae:a6:1f:d0:a5:6f:3e:cf:1d:61:08:2b:
44:86:f7:63:c6:33:25:67:82:b8:e7:0d:6a:e7:42:
02:c6:7e:69:41:dc:f4:43:76:1c:fe:ee:9e:aa:c6:
2f:0e:60:fb:33:76:f1:4b:38:1f:74:fe:84:f4:e2:
d2:4c:76:01:9e:67:73:57:20:d8:57:20:9b:fd:a4:
ae:2b:ce:5e:46:7d:7a:4a:83:27:02:13:be:48:5e:
d2:ff:58:aa:97:8c:0f:88:5b:d8:f0:cf:a5:d9:15:
ec:46:ce:fe:e0:1e:0f:f4:17:4d:51:a1:5a:84:66:
7f:df:3a:c2:c2:01:13:ca:64:93:5c:df:95:87:23:
f4:dd:f1:b1:d3:fa:de:60:1e:82:37:f0:d6:d9:bd:
13:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E2:32:83:79:FD:4A:51:5A:6E:21:C1:0E:EB:CC:01:85:9A:17:99
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xeIyg3n9SlFabiHBDuvMAYWaF5k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.39.156.0/26
Signature Algorithm: sha256WithRSAEncryption
6c:f4:d3:83:05:ff:6a:17:42:36:69:c3:6a:39:06:74:c2:b5:
fd:c0:44:dc:52:69:85:05:2f:96:df:d7:eb:16:4a:8a:fe:1d:
c5:6f:ed:d0:ad:a5:7a:56:1a:4f:a0:c6:24:d2:69:47:ea:cd:
34:cd:69:95:ad:e0:78:71:a8:5a:2c:99:ae:5e:15:cb:03:f9:
f6:63:3a:41:c5:5c:81:8d:cc:02:b1:df:a3:75:46:56:6e:57:
c1:a9:27:14:d6:77:c1:71:47:8a:c9:8c:34:30:9b:d6:02:93:
c2:11:68:9d:12:73:03:a5:54:e2:72:b8:de:a1:77:b4:06:ff:
56:ad:ce:9b:1f:cf:23:ad:7d:7c:f0:7b:ae:1b:db:00:fc:d5:
a2:94:c4:89:42:45:3d:4c:9b:b9:fd:5f:17:f0:9a:c8:a7:83:
fc:01:e2:dd:ad:c9:4b:6b:b8:4d:a9:cd:31:6e:67:4d:0f:34:
46:1d:55:6a:a9:88:bd:4c:36:43:1f:be:35:0f:e0:51:70:ae:
0a:42:ff:b9:ee:8b:ce:6b:0c:87:fd:dd:cf:c3:48:bf:ef:63:
89:35:ee:fe:92:c0:35:1f:3d:72:c2:04:48:de:24:19:11:b0:
22:8a:b7:98:45:5a:fd:74:0b:d3:9f:4d:85:e8:01:bd:b4:00:
ee:ed:79:c3
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICFJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM1RTIzMjgzNzlGRDRB
NTE1QTZFMjFDMTBFRUJDQzAxODU5QTE3OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbnBUxzcFw492obSE43SRdoZfmmxS0igemoyWWE3PO3k7VvEPe
tddDvSfdIlnYDW2aXdO/s6q6TkbonZQvoCRleXjqTSE3Z5Ilm9Z3eoMwcHgLnxFW
Jeu8kif1dHLp7c+ivTODtPe6zBx/va6mH9Clbz7PHWEIK0SG92PGMyVngrjnDWrn
QgLGfmlB3PRDdhz+7p6qxi8OYPszdvFLOB90/oT04tJMdgGeZ3NXINhXIJv9pK4r
zl5GfXpKgycCE75IXtL/WKqXjA+IW9jwz6XZFexGzv7gHg/0F01RoVqEZn/fOsLC
ARPKZJNc35WHI/Td8bHT+t5gHoI38NbZvRNlAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUxeIyg3n9SlFabiHBDuvMAYWaF5kwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC94ZUl5ZzNuOVNsRmFiaUhCRHV2
TUFZV2FGNWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUGyiec
ADANBgkqhkiG9w0BAQsFAAOCAQEAbPTTgwX/ahdCNmnDajkGdMK1/cBE3FJphQUv
lt/X6xZKiv4dxW/t0K2lelYaT6DGJNJpR+rNNM1pla3geHGoWiyZrl4VywP59mM6
QcVcgY3MArHfo3VGVm5XwaknFNZ3wXFHismMNDCb1gKTwhFonRJzA6VU4nK43qF3
tAb/Vq3Omx/PI619fPB7rhvbAPzVopTEiUJFPUybuf1fF/CayKeD/AHi3a3JS2u4
TanNMW5nTQ80Rh1VaqmIvUw2Qx++NQ/gUXCuCkL/ue6LzmsMh/3dz8NIv+9jiTXu
/pLANR89csIESN4kGRGwIoq3mEVa/XQL059NhegBvbQA7u15ww==
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:42:49 2025 by rpki-client