Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/y5b28rubpyatzcJza1YLbNfHQFo.roa
File: y5b28rubpyatzcJza1YLbNfHQFo.roa (raw, json)
Hash identifier: 98ZyuBDBrXbRW5sdmJ7EYWaXK2NCz+DyFnKDyJOem6Y=
Subject key identifier: CB:96:F6:F2:BB:9B:A7:26:AD:CD:C2:73:6B:56:0B:6C:D7:C7:40:5A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11DA
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/y5b28rubpyatzcJza1YLbNfHQFo.roa
Signing time: Mon 26 Aug 2024 05:18:00 +0000
ROA not before: Mon 26 Aug 2024 05:18:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 221.120.64.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4570 (0x11da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:18:00 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CB96F6F2BB9BA726ADCDC2736B560B6CD7C7405A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:50:1b:6b:78:be:5f:af:94:0c:a3:b7:73:70:
3d:c8:46:d9:2a:8f:cc:0f:27:93:c1:6c:c6:43:88:
f3:91:69:97:f6:16:99:b9:8f:68:79:42:93:90:24:
d5:0d:11:ef:01:6c:69:fb:9e:cd:fd:02:5d:b9:a5:
b0:16:d8:e7:e9:13:d9:d2:fb:b6:1a:f8:3f:31:d2:
c0:86:fb:61:71:86:6b:16:da:06:d0:71:a2:9f:79:
e9:64:d0:df:f7:04:ed:58:a5:f1:38:63:91:b1:38:
9a:c0:f3:40:41:7c:73:7b:42:a5:c2:1c:8e:54:10:
b8:3a:3c:55:3e:19:9b:86:17:03:b7:25:7f:f5:2f:
60:9e:97:29:ed:4e:68:76:90:ec:d8:75:39:24:b7:
2c:d3:2a:01:11:34:13:6f:ef:bf:0e:a7:71:03:c5:
5d:d2:32:77:00:d3:b5:2a:77:e8:e1:0f:54:e6:87:
bf:b1:3b:c2:0f:59:f9:fd:3c:e3:25:25:c3:09:45:
1c:82:dc:31:ec:73:7a:4a:cc:e2:99:32:3c:e5:b0:
09:9f:e8:2e:16:ab:9d:6d:fd:60:fa:9c:ff:6f:d4:
0f:9d:ee:e1:b2:92:ce:72:50:a5:c2:4c:9a:1d:01:
b2:92:ca:11:91:bc:73:30:60:77:89:4e:31:a0:b0:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:96:F6:F2:BB:9B:A7:26:AD:CD:C2:73:6B:56:0B:6C:D7:C7:40:5A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/y5b28rubpyatzcJza1YLbNfHQFo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.64.0/19
Signature Algorithm: sha256WithRSAEncryption
09:3d:8a:f0:60:9b:97:b9:80:84:bb:d2:cd:a3:fe:f2:b5:66:
f0:c1:b6:49:08:5f:2d:ec:3b:48:05:7a:e0:11:fb:4a:52:42:
89:18:22:a7:7c:21:d3:be:38:9f:5f:c8:67:b7:c5:d6:67:db:
b2:e9:c0:89:e9:6b:57:d9:81:69:77:fd:4f:e9:bf:e3:d2:0a:
a2:80:ec:6f:29:2d:30:8f:f0:64:d2:83:3e:96:bb:1e:97:bd:
ef:57:aa:0f:e5:99:38:45:9a:46:98:bc:ba:28:4d:10:83:d8:
6e:53:23:3f:1d:4d:88:74:e1:33:46:4a:bb:10:78:43:cd:81:
ae:08:16:c0:bc:7a:dc:70:10:28:c5:f4:f7:10:0f:f2:99:ec:
08:25:4b:34:da:c9:b6:ea:d8:cc:be:67:75:56:82:f5:d6:15:
23:97:76:95:c1:2f:a9:d4:8d:e1:6b:a5:8d:cd:96:e1:cd:04:
fa:cf:df:77:cf:aa:69:35:43:94:21:f2:5d:80:18:96:9b:21:
50:c4:4e:5b:a4:32:e0:09:3d:d9:ff:11:90:da:62:b5:76:d6:
c9:3c:26:46:4e:7d:80:bb:de:d1:3b:92:13:b2:ff:86:09:6f:
af:69:1a:f2:f1:e8:5e:4e:2b:7c:0a:76:41:1d:f3:82:08:97:
fa:44:1f:6b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENCOTZGNkYyQkI5QkE3
MjZBRENEQzI3MzZCNTYwQjZDRDdDNzQwNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeUBtreL5fr5QMo7dzcD3IRtkqj8wPJ5PBbMZDiPORaZf2Fpm5
j2h5QpOQJNUNEe8BbGn7ns39Al25pbAW2OfpE9nS+7Ya+D8x0sCG+2FxhmsW2gbQ
caKfeelk0N/3BO1YpfE4Y5GxOJrA80BBfHN7QqXCHI5UELg6PFU+GZuGFwO3JX/1
L2CelyntTmh2kOzYdTkktyzTKgERNBNv778Op3EDxV3SMncA07Uqd+jhD1Tmh7+x
O8IPWfn9POMlJcMJRRyC3DHsc3pKzOKZMjzlsAmf6C4Wq51t/WD6nP9v1A+d7uGy
ks5yUKXCTJodAbKSyhGRvHMwYHeJTjGgsGclAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUy5b28rubpyatzcJza1YLbNfHQFowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC95NWIyOHJ1YnB5YXR6Y0p6YTFZ
TGJOZkhRRm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF3XhA
MA0GCSqGSIb3DQEBCwUAA4IBAQAJPYrwYJuXuYCEu9LNo/7ytWbwwbZJCF8t7DtI
BXrgEftKUkKJGCKnfCHTvjifX8hnt8XWZ9uy6cCJ6WtX2YFpd/1P6b/j0gqigOxv
KS0wj/Bk0oM+lrsel73vV6oP5Zk4RZpGmLy6KE0Qg9huUyM/HU2IdOEzRkq7EHhD
zYGuCBbAvHrccBAoxfT3EA/ymewIJUs02sm26tjMvmd1VoL11hUjl3aVwS+p1I3h
a6WNzZbhzQT6z993z6ppNUOUIfJdgBiWmyFQxE5bpDLgCT3Z/xGQ2mK1dtbJPCZG
Tn2Au97RO5ITsv+GCW+vaRry8eheTit8CnZBHfOCCJf6RB9r
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:04 2025 by rpki-client