Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/NU3mP4lIB5qdU-MPUOyEWgWFgwA.roa
File: NU3mP4lIB5qdU-MPUOyEWgWFgwA.roa (raw, json)
Hash identifier: fBgHtsF2tzGRg8RZLlVwO62bZLElr7YVdjloQA2UEDc=
Subject key identifier: 35:4D:E6:3F:89:48:07:9A:9D:53:E3:0F:50:EC:84:5A:05:85:83:00
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14FC
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NU3mP4lIB5qdU-MPUOyEWgWFgwA.roa
Signing time: Tue 11 Feb 2025 23:44:13 +0000
ROA not before: Tue 11 Feb 2025 23:44:13 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 203.69.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5372 (0x14fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:13 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=354DE63F8948079A9D53E30F50EC845A05858300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:54:51:67:11:f4:f4:be:12:eb:50:10:f5:
1f:9d:8c:5e:81:39:ce:61:48:ec:bb:eb:22:88:00:
8d:70:70:e3:3c:26:5e:fb:0b:95:50:95:70:f3:18:
aa:84:c6:71:4e:f0:b3:6f:b1:19:47:fc:fb:ee:1d:
15:ac:76:64:ba:16:bc:cd:ff:86:0a:c1:d1:ba:ed:
08:16:1d:87:ce:18:e1:04:08:3b:05:13:8a:44:17:
20:b0:e0:bd:89:86:df:78:27:58:23:f4:23:1f:71:
cb:e0:d2:a0:00:c1:30:50:b0:92:12:de:b2:da:e3:
b6:57:c7:7b:c5:cd:7b:5a:e9:f8:7f:14:d5:d4:7e:
64:75:e6:9e:fa:dc:18:a2:d6:0a:c6:c1:bd:73:d6:
a3:08:e9:db:74:d9:dc:00:1e:39:02:a7:ab:15:0e:
bb:f4:6d:34:d1:da:ba:b3:d9:7d:d1:8b:d0:cb:5d:
04:ad:66:7f:e7:7c:75:2b:c0:ca:8f:03:11:69:da:
7b:40:17:c1:cc:8d:bd:d1:c3:63:0d:78:fa:7e:2d:
9f:ce:5f:25:30:ed:e7:ba:1e:d1:30:2a:14:0e:3d:
ad:aa:2f:fd:d8:9b:13:8c:e5:e5:03:19:a5:1e:6f:
cd:af:36:a7:d3:05:8f:d0:33:93:ca:a3:44:59:54:
0b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:4D:E6:3F:89:48:07:9A:9D:53:E3:0F:50:EC:84:5A:05:85:83:00
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NU3mP4lIB5qdU-MPUOyEWgWFgwA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:91:ba:29:4c:c4:96:56:24:6b:8f:f2:e5:25:75:8c:b7:c9:
2b:cd:d8:16:a7:23:96:66:d6:1e:81:ba:4c:d2:64:e9:db:90:
ac:7e:c5:1c:62:30:07:1a:9b:2a:46:5a:03:e7:0d:a3:79:83:
27:51:25:67:43:5b:7e:82:1a:8f:d2:2e:69:f1:b2:64:72:70:
15:39:33:e3:8b:d6:f6:ce:c6:b7:8d:c6:0d:a6:74:c7:ab:f8:
38:8d:a4:67:5a:8d:df:a2:aa:b4:49:a6:50:af:91:c3:cc:1a:
55:a2:00:8d:e4:8e:5f:03:2a:8b:e3:4f:8d:cf:61:5b:4f:4b:
70:4d:a5:32:5b:74:ac:d9:e2:b1:4e:95:d9:ad:74:06:1d:7b:
d4:57:ad:34:4c:55:2e:b0:2c:b3:a4:16:82:96:e2:86:ec:13:
04:09:28:a0:49:69:6f:fc:dc:65:ef:01:2f:21:4a:80:a9:86:
4e:70:3f:89:0c:85:22:29:e3:fc:07:d3:48:ef:0f:89:f5:a3:
8e:3f:d1:d2:55:94:8b:1f:5a:6e:9e:1c:f5:68:a6:44:c6:e1:
93:79:de:6c:3e:a8:25:02:4f:3a:a8:73:a2:31:7b:5c:5a:91:
b8:42:da:bb:f1:d4:4a:17:02:16:a0:e1:c4:bd:99:5b:5e:81:
5e:fa:32:16
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1NERFNjNGODk0ODA3
OUE5RDUzRTMwRjUwRUM4NDVBMDU4NTgzMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC631RRZxH09L4S61AQ9R+djF6BOc5hSOy76yKIAI1wcOM8Jl77
C5VQlXDzGKqExnFO8LNvsRlH/PvuHRWsdmS6FrzN/4YKwdG67QgWHYfOGOEECDsF
E4pEFyCw4L2Jht94J1gj9CMfccvg0qAAwTBQsJIS3rLa47ZXx3vFzXta6fh/FNXU
fmR15p763Bii1grGwb1z1qMI6dt02dwAHjkCp6sVDrv0bTTR2rqz2X3Ri9DLXQSt
Zn/nfHUrwMqPAxFp2ntAF8HMjb3Rw2MNePp+LZ/OXyUw7ee6HtEwKhQOPa2qL/3Y
mxOM5eUDGaUeb82vNqfTBY/QM5PKo0RZVAuLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNU3mP4lIB5qdU+MPUOyEWgWFgwAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OVTNtUDRsSUI1cWRVLU1QVU95
RVdnV0Znd0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAy0Uw
DQYJKoZIhvcNAQELBQADggEBAHORuilMxJZWJGuP8uUldYy3ySvN2BanI5Zm1h6B
ukzSZOnbkKx+xRxiMAcamypGWgPnDaN5gydRJWdDW36CGo/SLmnxsmRycBU5M+OL
1vbOxreNxg2mdMer+DiNpGdajd+iqrRJplCvkcPMGlWiAI3kjl8DKovjT43PYVtP
S3BNpTJbdKzZ4rFOldmtdAYde9RXrTRMVS6wLLOkFoKW4obsEwQJKKBJaW/83GXv
AS8hSoCphk5wP4kMhSIp4/wH00jvD4n1o44/0dJVlIsfWm6eHPVopkTG4ZN53mw+
qCUCTzqoc6Ixe1xakbhC2rvx1EoXAhag4cS9mVtegV76MhY=
-----END CERTIFICATE-----
Generated at Sat May 10 12:24:24 2025 by rpki-client