Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2mTwZedMOW8PuNyYzUGc8YhS1Hg.roa
File: 2mTwZedMOW8PuNyYzUGc8YhS1Hg.roa (raw, json)
Hash identifier: 8rRgD+DLsU61ikBFz1jjcedZxBXmnSUv6Ad6iPwn5Uo=
Subject key identifier: DA:64:F0:65:E7:4C:39:6F:0F:B8:DC:98:CD:41:9C:F1:88:52:D4:78
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14F5
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2mTwZedMOW8PuNyYzUGc8YhS1Hg.roa
Signing time: Tue 11 Feb 2025 23:44:12 +0000
ROA not before: Tue 11 Feb 2025 23:44:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.132.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5365 (0x14f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DA64F065E74C396F0FB8DC98CD419CF18852D478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:88:7c:d0:df:cd:b1:94:d8:be:8f:ff:76:1b:
fe:8f:d4:0a:42:68:e1:40:47:9c:0c:71:95:dc:6d:
46:4b:c1:d2:fc:a5:69:c1:b6:30:51:5d:8d:c3:45:
35:59:62:d8:b2:64:b4:d1:9f:a1:be:c3:30:ca:84:
a6:d7:b6:52:ba:b5:b6:81:e0:38:fa:77:9c:05:db:
93:03:27:be:be:40:aa:1b:a0:85:94:82:bc:4f:0c:
d1:94:79:01:28:fd:7e:79:0c:63:ea:5a:01:2b:c3:
37:3e:6f:24:41:8a:dc:fc:90:e2:d5:fc:2e:db:45:
4c:a9:96:fe:1d:ed:88:b1:a8:3f:1f:f8:3c:99:15:
45:8d:2b:17:ae:cb:2d:0d:f1:9d:8d:78:c5:b4:66:
31:8d:0f:fd:fc:54:4c:fd:4c:10:cc:72:87:1e:2e:
20:74:d3:e0:bf:b2:31:6c:66:dd:6e:9a:41:d9:4f:
6e:e9:56:99:fc:7f:0c:de:bb:db:b0:c7:c2:ce:8c:
5f:0b:6e:cf:3e:2e:74:b7:cc:93:2c:52:a6:17:72:
2b:2e:33:43:50:f5:d3:60:e0:62:3d:97:3b:d3:e9:
49:81:9e:f1:2c:b9:b9:27:e6:98:90:87:dc:f3:09:
87:18:ee:69:93:ec:a8:fc:74:a7:48:34:fe:de:11:
fc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:64:F0:65:E7:4C:39:6F:0F:B8:DC:98:CD:41:9C:F1:88:52:D4:78
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2mTwZedMOW8PuNyYzUGc8YhS1Hg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.132.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5d:87:eb:10:ea:f8:29:6e:41:b7:5c:bf:c0:36:59:d8:91:ab:
4c:34:dd:a9:6d:00:f8:b8:21:b9:5b:64:20:a0:da:58:d2:2d:
ab:d8:03:27:d8:e4:0c:f2:98:6e:d7:fb:11:f4:4f:f6:6e:26:
a4:94:68:52:e9:1d:f1:4f:3b:1e:aa:6a:7a:f9:59:0b:ab:96:
d3:6a:ed:53:84:d8:cc:16:49:74:10:59:c7:fe:22:5b:53:9c:
28:8d:86:84:29:fb:99:ce:9f:62:89:00:9b:fc:07:14:32:7e:
cc:d1:ce:ba:f0:b1:08:b9:2b:12:db:61:67:78:41:ab:e4:3a:
07:ac:00:0c:98:88:ea:d9:a6:4d:ec:ab:de:df:56:53:60:3d:
32:2b:29:88:0b:e4:c7:ca:99:e3:47:02:ce:dc:ed:b9:98:41:
e9:2c:5c:3b:d2:9d:ae:f4:36:ce:ca:97:2f:72:cb:aa:da:6f:
84:be:a8:51:3b:0d:a8:a9:43:c7:3d:b9:c2:43:61:d2:6a:7e:
53:a5:37:91:06:15:38:ad:21:99:a0:58:fa:96:bb:43:93:5e:
30:fd:dd:c5:ee:44:25:6e:bb:e0:75:47:b6:ed:ae:16:71:86:
b6:45:6c:40:50:5e:62:d3:93:3a:f8:9e:54:bd:40:fe:1f:a8:
9d:2b:be:de
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBNjRGMDY1RTc0QzM5
NkYwRkI4REM5OENENDE5Q0YxODg1MkQ0NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxiHzQ382xlNi+j/92G/6P1ApCaOFAR5wMcZXcbUZLwdL8pWnB
tjBRXY3DRTVZYtiyZLTRn6G+wzDKhKbXtlK6tbaB4Dj6d5wF25MDJ76+QKoboIWU
grxPDNGUeQEo/X55DGPqWgErwzc+byRBitz8kOLV/C7bRUyplv4d7YixqD8f+DyZ
FUWNKxeuyy0N8Z2NeMW0ZjGND/38VEz9TBDMcoceLiB00+C/sjFsZt1umkHZT27p
Vpn8fwzeu9uwx8LOjF8Lbs8+LnS3zJMsUqYXcisuM0NQ9dNg4GI9lzvT6UmBnvEs
ubkn5piQh9zzCYcY7mmT7Kj8dKdINP7eEfwPAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU2mTwZedMOW8PuNyYzUGc8YhS1HgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8ybVR3WmVkTU9XOFB1TnlZelVH
YzhZaFMxSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC3IQw
DQYJKoZIhvcNAQELBQADggEBAF2H6xDq+CluQbdcv8A2WdiRq0w03altAPi4Iblb
ZCCg2ljSLavYAyfY5AzymG7X+xH0T/ZuJqSUaFLpHfFPOx6qanr5WQurltNq7VOE
2MwWSXQQWcf+IltTnCiNhoQp+5nOn2KJAJv8BxQyfszRzrrwsQi5KxLbYWd4Qavk
OgesAAyYiOrZpk3sq97fVlNgPTIrKYgL5MfKmeNHAs7c7bmYQeksXDvSna70Ns7K
ly9yy6rab4S+qFE7DaipQ8c9ucJDYdJqflOlN5EGFTitIZmgWPqWu0OTXjD93cXu
RCVuu+B1R7btrhZxhrZFbEBQXmLTkzr4nlS9QP4fqJ0rvt4=
-----END CERTIFICATE-----
Generated at Sat May 10 12:17:39 2025 by rpki-client