Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/zDu8lZNCtGcJgcbhMpibwQVdCvc.roa
File: zDu8lZNCtGcJgcbhMpibwQVdCvc.roa (raw, json)
Hash identifier: CpW3oxiqEWzNcw7GTBvT4NOsA8AbsyRzxfY0jmXaET4=
Subject key identifier: CC:3B:BC:95:93:42:B4:67:09:81:C6:E1:32:98:9B:C1:05:5D:0A:F7
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 11D2
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zDu8lZNCtGcJgcbhMpibwQVdCvc.roa
Signing time: Mon 26 Aug 2024 05:17:59 +0000
ROA not before: Mon 26 Aug 2024 05:17:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 211.79.32.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4562 (0x11d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Aug 26 05:17:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CC3BBC959342B4670981C6E132989BC1055D0AF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:4d:0b:4f:48:a9:c6:89:99:fa:e8:ad:67:
23:c7:8e:9d:b5:d0:1d:ce:f6:35:ae:af:48:6d:4e:
2b:f9:46:ac:f8:52:92:1e:b6:29:1e:57:c9:3d:55:
9a:aa:71:7a:13:61:2d:9f:cd:a5:a5:06:55:3e:d6:
b7:29:36:12:cf:8b:e7:9c:44:cc:d9:f7:9a:e4:72:
2c:db:e7:0b:ed:30:e0:56:c2:82:84:7c:8c:fb:b7:
a8:8c:ea:8a:99:14:d9:ef:9f:6f:8a:53:0e:e0:d3:
eb:ec:36:a8:82:4e:17:5d:77:20:69:50:f3:bb:3b:
83:ab:99:fc:15:dc:44:39:ca:50:8f:ef:57:d4:b8:
61:3d:e4:3e:4e:9b:b2:dd:72:f0:75:79:e8:47:c4:
d4:9f:b7:e4:22:78:ab:22:34:cb:09:92:66:98:7d:
92:af:2e:74:99:10:e7:ad:31:63:38:40:0c:93:89:
3f:57:01:bc:85:f7:94:6e:44:cb:60:63:81:64:09:
4a:70:de:27:7c:42:be:f7:81:09:e8:c4:39:21:44:
ab:26:54:3e:7d:ef:7c:1c:b2:cb:fd:a8:99:9b:49:
ca:0e:da:c3:5c:15:23:65:11:c8:95:7e:25:89:97:
c7:2f:06:bd:df:0c:ba:dc:e5:fc:01:dc:9a:cb:c0:
b0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3B:BC:95:93:42:B4:67:09:81:C6:E1:32:98:9B:C1:05:5D:0A:F7
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zDu8lZNCtGcJgcbhMpibwQVdCvc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.32.0/20
Signature Algorithm: sha256WithRSAEncryption
30:f4:b0:d6:52:b9:d7:0c:21:2f:b1:dc:7c:6f:38:14:45:6c:
67:45:6e:33:de:6c:bb:d4:d2:46:e6:fa:1b:d5:33:62:69:ac:
ce:9a:f0:c4:d3:3b:9b:cf:03:88:6d:7d:3c:21:39:cd:88:d2:
fb:02:90:d1:6e:eb:1c:58:ba:67:26:0b:cd:ac:99:cc:60:25:
2b:40:c7:d7:8c:e9:7c:a4:ff:b9:60:b3:77:59:8f:b4:ee:67:
bb:19:52:1d:ed:8f:30:7e:be:16:3b:db:e7:bb:ff:dd:9a:51:
66:02:e5:91:da:e9:c6:fd:f3:42:90:0d:c3:84:4a:59:a8:b0:
bd:4c:5a:df:5b:3b:bc:4e:02:29:26:b2:25:8b:29:ec:c2:15:
2d:09:90:ec:f6:cc:88:a4:6d:f4:db:4b:cd:eb:61:ad:74:f9:
63:b3:71:f4:9d:7e:09:df:ad:fa:47:35:0e:cf:bb:18:ab:8d:
f5:b6:33:69:62:4c:87:bf:22:93:40:3b:d6:f1:ba:4c:a1:6f:
38:f4:ff:2d:0c:ea:f8:b0:2c:96:fb:84:7a:38:84:11:86:44:
1e:a9:dc:3d:47:0a:c2:df:85:31:90:ae:27:c2:1c:27:ff:a6:
d0:48:98:a2:e6:36:65:2c:17:17:a5:7c:6c:4b:5f:5b:b7:e7:
72:2b:16:f2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNDA4MjYw
NTE3NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDM0JCQzk1OTM0MkI0
NjcwOTgxQzZFMTMyOTg5QkMxMDU1RDBBRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE1U0LT0ipxomZ+uitZyPHjp210B3O9jWur0htTiv5Rqz4UpIe
tikeV8k9VZqqcXoTYS2fzaWlBlU+1rcpNhLPi+ecRMzZ95rkcizb5wvtMOBWwoKE
fIz7t6iM6oqZFNnvn2+KUw7g0+vsNqiCThdddyBpUPO7O4OrmfwV3EQ5ylCP71fU
uGE95D5Om7LdcvB1eehHxNSft+QieKsiNMsJkmaYfZKvLnSZEOetMWM4QAyTiT9X
AbyF95RuRMtgY4FkCUpw3id8Qr73gQnoxDkhRKsmVD5973wcssv9qJmbScoO2sNc
FSNlEciVfiWJl8cvBr3fDLrc5fwB3JrLwLD5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUzDu8lZNCtGcJgcbhMpibwQVdCvcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC96RHU4bFpOQ3RHY0pnY2JoTXBp
YndRVmRDdmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE008g
MA0GCSqGSIb3DQEBCwUAA4IBAQAw9LDWUrnXDCEvsdx8bzgURWxnRW4z3my71NJG
5vob1TNiaazOmvDE0zubzwOIbX08ITnNiNL7ApDRbuscWLpnJgvNrJnMYCUrQMfX
jOl8pP+5YLN3WY+07me7GVId7Y8wfr4WO9vnu//dmlFmAuWR2unG/fNCkA3DhEpZ
qLC9TFrfWzu8TgIpJrIliynswhUtCZDs9syIpG3020vN62GtdPljs3H0nX4J3636
RzUOz7sYq431tjNpYkyHvyKTQDvW8bpMoW849P8tDOr4sCyW+4R6OIQRhkQeqdw9
RwrC34UxkK4nwhwn/6bQSJii5jZlLBcXpXxsS19bt+dyKxby
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:38:28 2025 by rpki-client