Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/zp_PKKlnYJmLns0xx6w-JGwJYas.roa
File: zp_PKKlnYJmLns0xx6w-JGwJYas.roa (raw, json)
Hash identifier: L3x9hv63ygTDkZLhwZ8l/PKcP3xjz9FA7iicZi7k0PU=
Subject key identifier: CE:9F:CF:28:A9:67:60:99:8B:9E:CD:31:C7:AC:3E:24:6C:09:61:AB
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1433
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zp_PKKlnYJmLns0xx6w-JGwJYas.roa
Signing time: Mon 10 Feb 2025 14:34:42 +0000
ROA not before: Mon 10 Feb 2025 14:34:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 20940
IP address blocks: 2001:b034:700:600::/56 maxlen: 56
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5171 (0x1433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:42 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CE9FCF28A96760998B9ECD31C7AC3E246C0961AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:09:83:a3:70:28:ad:ef:45:22:2a:8c:cf:
5c:4c:0c:d2:47:a5:05:4a:e9:1d:fc:0d:a4:85:11:
49:de:1e:57:09:2a:14:54:49:dd:13:a5:e6:ab:1f:
da:3c:d3:88:42:7e:16:1e:f2:88:23:bb:32:54:e5:
47:9c:dd:cf:7c:d2:4a:cc:b8:d4:b2:98:b2:91:00:
23:8b:21:8b:a6:8d:4a:fc:05:d6:d5:09:56:ba:1f:
f7:bc:6e:d8:94:53:32:c8:d2:18:55:e2:d6:01:96:
4b:60:6b:96:7a:0b:fe:ea:e8:57:06:f5:6b:7b:a1:
a7:74:5e:6d:a1:90:3b:27:1f:9f:e1:92:41:b7:bf:
40:cb:51:61:a6:02:5b:ca:c1:bc:3a:e0:d7:2e:64:
cb:a8:11:3c:1a:7d:d6:10:0e:ae:85:59:c3:d3:b6:
54:63:cd:e5:93:5c:17:2b:bd:27:12:f2:0e:ed:4c:
68:95:ae:54:3b:67:d7:73:40:a0:5b:79:e1:92:75:
24:99:c0:89:a8:18:85:7e:b9:9c:49:5c:06:2e:4b:
6d:ab:6e:c7:4b:cb:69:ec:39:50:eb:cd:68:82:2f:
e8:10:ec:44:8c:1a:33:60:42:93:46:81:be:bf:c0:
f0:5f:03:96:63:01:bb:51:92:cf:79:5d:fa:3d:77:
b9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9F:CF:28:A9:67:60:99:8B:9E:CD:31:C7:AC:3E:24:6C:09:61:AB
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/zp_PKKlnYJmLns0xx6w-JGwJYas.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b034:700:600::/56
Signature Algorithm: sha256WithRSAEncryption
25:45:62:75:ec:69:53:5b:25:4f:1c:b2:9c:14:b2:4f:42:0b:
4b:1f:44:5a:83:eb:71:f9:85:2a:5a:c0:5d:ff:dd:d5:cf:81:
26:4b:4d:0c:ee:ff:c7:76:94:12:e1:9b:fc:99:df:61:eb:e4:
44:2f:6a:83:2c:ec:e6:f2:1e:30:33:28:ba:bf:98:c3:f4:cb:
ed:f2:8c:a3:49:52:ac:f7:38:5a:81:d3:b3:ac:b1:a8:2a:11:
5a:0f:2f:00:d0:52:97:3a:df:a9:68:09:3e:c3:4c:0b:7b:f4:
ac:8e:aa:85:de:09:1b:88:04:dc:5e:2d:76:dc:4c:4c:25:33:
a3:e5:f8:0b:84:17:7f:5e:65:c8:3e:7c:9f:7a:45:0c:69:2d:
10:91:79:19:96:3c:fe:06:12:ee:a7:dd:c4:05:4d:84:e9:cb:
aa:07:d1:13:4a:b7:7f:4a:6d:4c:90:f4:85:d0:ef:03:96:85:
56:d6:14:65:d4:41:f7:98:4f:a9:ba:16:ab:3f:1e:06:1c:24:
69:79:aa:b2:cc:ea:77:ac:7b:eb:a2:51:36:a9:81:f7:1d:97:
b1:3e:dd:37:d1:90:ac:d3:c2:18:69:4c:70:b3:6b:f6:c3:da:
cb:fb:40:10:bd:d3:03:9f:af:a7:ce:32:79:98:62:77:31:14:
0e:43:51:1d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENFOUZDRjI4QTk2NzYw
OTk4QjlFQ0QzMUM3QUMzRTI0NkMwOTYxQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvWwmDo3Aore9FIiqMz1xMDNJHpQVK6R38DaSFEUneHlcJKhRU
Sd0TpearH9o804hCfhYe8ogjuzJU5Uec3c980krMuNSymLKRACOLIYumjUr8BdbV
CVa6H/e8btiUUzLI0hhV4tYBlktga5Z6C/7q6FcG9Wt7oad0Xm2hkDsnH5/hkkG3
v0DLUWGmAlvKwbw64NcuZMuoETwafdYQDq6FWcPTtlRjzeWTXBcrvScS8g7tTGiV
rlQ7Z9dzQKBbeeGSdSSZwImoGIV+uZxJXAYuS22rbsdLy2nsOVDrzWiCL+gQ7ESM
GjNgQpNGgb6/wPBfA5ZjAbtRks95Xfo9d7llAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUzp/PKKlnYJmLns0xx6w+JGwJYaswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC96cF9QS0tsbllKbUxuczB4eDZ3
LUpHd0pZYXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgAIAGw
NAcABjANBgkqhkiG9w0BAQsFAAOCAQEAJUVidexpU1slTxyynBSyT0ILSx9EWoPr
cfmFKlrAXf/d1c+BJktNDO7/x3aUEuGb/JnfYevkRC9qgyzs5vIeMDMour+Yw/TL
7fKMo0lSrPc4WoHTs6yxqCoRWg8vANBSlzrfqWgJPsNMC3v0rI6qhd4JG4gE3F4t
dtxMTCUzo+X4C4QXf15lyD58n3pFDGktEJF5GZY8/gYS7qfdxAVNhOnLqgfRE0q3
f0ptTJD0hdDvA5aFVtYUZdRB95hPqboWqz8eBhwkaXmqsszqd6x766JRNqmB9x2X
sT7dN9GQrNPCGGlMcLNr9sPay/tAEL3TA5+vp84yeZhidzEUDkNRHQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:30:32 2025 by rpki-client