Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/yuHiLRJXiIiDZLgWqbrg_dJhQUg.roa
File: yuHiLRJXiIiDZLgWqbrg_dJhQUg.roa (raw, json)
Hash identifier: 3MDP2tZtkiRT7lIIs4uD2cvx9KQzpHsE4eW4KwjpWgs=
Subject key identifier: CA:E1:E2:2D:12:57:88:88:83:64:B8:16:A9:BA:E0:FD:D2:61:41:48
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1484
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/yuHiLRJXiIiDZLgWqbrg_dJhQUg.roa
Signing time: Mon 10 Feb 2025 14:35:00 +0000
ROA not before: Mon 10 Feb 2025 14:35:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5252 (0x1484)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CAE1E22D125788888364B816A9BAE0FDD2614148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:80:87:89:7f:12:95:5c:fe:e9:4e:d2:66:dc:
51:e6:1a:94:51:67:d2:ae:77:2c:4b:b2:8b:e0:e8:
ad:14:29:92:ba:97:2e:e8:e7:15:f3:bd:de:31:d4:
3a:e0:e2:9b:5e:1c:3e:7e:74:a4:0b:24:6e:14:f2:
cb:13:74:b8:67:f4:bf:ef:27:60:2c:ba:ce:b4:ae:
70:04:c9:7d:81:d6:27:dd:58:d5:dc:67:91:f9:9a:
78:5c:da:ba:2d:81:d5:68:df:b3:ac:7d:72:9c:a1:
3e:47:33:c0:5d:64:a5:d0:e4:be:e0:c0:a4:07:a7:
89:f7:de:0f:e4:7d:05:d0:2b:a8:69:a8:02:af:4b:
8d:6b:49:65:28:31:4f:f0:21:47:45:c7:7a:ff:48:
ed:ae:ee:66:0a:a2:df:88:7e:a7:d4:a0:a3:8a:7a:
7d:7c:ab:9f:58:5f:bb:83:77:e4:57:e3:e4:b7:dd:
10:02:03:d8:19:fa:58:d9:e3:f1:30:47:32:16:89:
b6:e5:c9:6b:f0:9f:c5:22:e5:bf:ee:48:63:25:b8:
4d:c1:48:68:50:2d:ae:82:65:81:49:61:09:e6:94:
1b:0c:c9:1e:ec:e5:64:5b:9b:e4:51:37:48:4a:83:
b0:3f:eb:02:91:6b:d7:a4:f8:a9:f4:eb:af:58:1a:
ad:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E1:E2:2D:12:57:88:88:83:64:B8:16:A9:BA:E0:FD:D2:61:41:48
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/yuHiLRJXiIiDZLgWqbrg_dJhQUg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.0.0/18
Signature Algorithm: sha256WithRSAEncryption
1a:36:8e:f4:e1:e2:8d:e5:51:9a:6d:7c:77:53:95:03:15:0b:
8e:2b:63:83:19:3a:5b:26:f6:da:c1:c3:e7:e4:ef:2d:30:7e:
45:47:2f:6e:6f:4a:5b:eb:6a:55:e5:35:c4:ce:c8:cc:a9:bf:
1b:c5:80:94:93:06:06:16:31:a7:fc:2e:1e:31:a7:c1:ac:08:
ba:99:80:c8:3e:2b:fb:78:8b:a9:e4:77:51:37:6b:74:80:46:
56:e7:d6:31:3f:fb:ea:cc:6b:1f:58:00:d3:ac:c7:a3:16:72:
d4:2c:56:3e:55:55:a3:b4:86:9c:8d:b1:3f:45:d9:a4:de:53:
94:2c:b2:93:11:fd:f8:21:d1:7c:fc:60:de:30:01:90:74:fd:
12:5b:98:53:eb:55:b3:4d:d9:67:01:ef:36:d3:d8:92:c3:c0:
e3:59:1e:81:18:1d:53:8d:c3:79:81:62:95:43:80:ae:b6:6e:
08:53:d0:ea:66:e1:85:24:5a:f7:32:f6:3f:97:0d:9e:67:cb:
c1:10:77:5a:a9:df:b1:0d:60:e1:3d:bb:f9:70:5b:ad:4c:65:
97:00:fb:41:ff:05:0e:41:5d:5f:28:57:0b:8b:c5:49:3f:7f:
b8:db:91:17:a0:ac:00:4c:51:ea:5f:e2:d1:b3:2b:6b:c6:44:
78:56:a8:88
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENBRTFFMjJEMTI1Nzg4
ODg4MzY0QjgxNkE5QkFFMEZERDI2MTQxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmgIeJfxKVXP7pTtJm3FHmGpRRZ9KudyxLsovg6K0UKZK6ly7o
5xXzvd4x1Drg4pteHD5+dKQLJG4U8ssTdLhn9L/vJ2Asus60rnAEyX2B1ifdWNXc
Z5H5mnhc2rotgdVo37OsfXKcoT5HM8BdZKXQ5L7gwKQHp4n33g/kfQXQK6hpqAKv
S41rSWUoMU/wIUdFx3r/SO2u7mYKot+IfqfUoKOKen18q59YX7uDd+RX4+S33RAC
A9gZ+ljZ4/EwRzIWibblyWvwn8Ui5b/uSGMluE3BSGhQLa6CZYFJYQnmlBsMyR7s
5WRbm+RRN0hKg7A/6wKRa9ek+Kn0669YGq0zAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUyuHiLRJXiIiDZLgWqbrg/dJhQUgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC95dUhpTFJKWGlJaURaTGdXcWJy
Z19kSmhRVWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG3IAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaNo704eKN5VGabXx3U5UDFQuOK2ODGTpbJvba
wcPn5O8tMH5FRy9ub0pb62pV5TXEzsjMqb8bxYCUkwYGFjGn/C4eMafBrAi6mYDI
Piv7eIup5HdRN2t0gEZW59YxP/vqzGsfWADTrMejFnLULFY+VVWjtIacjbE/Rdmk
3lOULLKTEf34IdF8/GDeMAGQdP0SW5hT61WzTdlnAe8209iSw8DjWR6BGB1TjcN5
gWKVQ4Cutm4IU9DqZuGFJFr3MvY/lw2eZ8vBEHdaqd+xDWDhPbv5cFutTGWXAPtB
/wUOQV1fKFcLi8VJP3+425EXoKwATFHqX+LRsytrxkR4VqiI
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:21:46 2025 by rpki-client