Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Q41lDw8BjbkPCeXrlrzGqDDgpPs.roa
File: Q41lDw8BjbkPCeXrlrzGqDDgpPs.roa (raw, json)
Hash identifier: l6aL43IK05KOv7FyB7rmdhajmLJS62xPlkhQuKKOExI=
Subject key identifier: 43:8D:65:0F:0F:01:8D:B9:0F:09:E5:EB:96:BC:C6:A8:30:E0:A4:FB
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1503
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q41lDw8BjbkPCeXrlrzGqDDgpPs.roa
Signing time: Tue 11 Feb 2025 23:44:14 +0000
ROA not before: Tue 11 Feb 2025 23:44:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 54994
IP address blocks: 203.74.117.0/25 maxlen: 25
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5379 (0x1503)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=438D650F0F018DB90F09E5EB96BCC6A830E0A4FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:4b:63:d8:5e:8f:35:3e:45:9e:89:f0:f9:
08:3c:e3:aa:f6:f4:3e:75:16:94:62:a8:58:71:54:
43:18:1c:c7:5f:44:c5:bf:c2:1a:7b:45:15:1f:66:
9a:fc:b6:24:9a:5b:ec:82:f9:68:e9:85:4f:bf:49:
de:3d:e6:a1:78:68:17:32:45:86:8f:6a:10:ec:a2:
21:9d:72:57:43:42:28:60:e9:4a:bd:9b:02:66:56:
b6:54:17:8d:c4:f1:db:64:22:8c:18:c9:48:e6:fc:
d1:ca:68:48:a3:cf:bf:2a:f3:68:79:a2:66:46:1b:
ba:9a:0f:59:9f:0e:25:85:eb:48:8c:32:a4:c5:7b:
f2:19:cf:8b:93:e1:3c:1f:b4:78:54:22:d8:81:c2:
90:f7:aa:24:bc:56:f6:09:c5:06:9e:ce:56:2c:2d:
b3:27:47:d3:82:ad:7b:6b:0e:02:32:17:29:c2:5c:
dd:6c:e0:0d:a5:c6:6a:50:46:6c:6c:12:5b:aa:1c:
15:13:fa:e2:2a:07:16:c8:e2:a5:c8:3b:54:b6:bd:
46:ea:5d:3f:23:c8:79:2c:1e:bd:c3:ec:b0:dc:00:
f8:54:6a:5f:20:76:e1:83:52:92:b0:1d:fd:32:9e:
bd:c7:9c:e7:b6:30:39:9f:ba:2f:96:4c:5e:ab:8c:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8D:65:0F:0F:01:8D:B9:0F:09:E5:EB:96:BC:C6:A8:30:E0:A4:FB
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Q41lDw8BjbkPCeXrlrzGqDDgpPs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.74.117.0/25
Signature Algorithm: sha256WithRSAEncryption
51:41:db:58:ed:da:b5:17:43:5d:ef:a6:fb:4e:43:58:74:41:
0d:9f:b5:f1:42:01:07:91:44:2a:97:c4:b3:1e:1d:89:3b:32:
52:11:fc:c9:f7:76:81:20:c0:09:68:4e:63:9e:6c:91:cd:70:
69:60:5a:9b:79:3d:38:e3:b7:5e:5f:1a:86:76:43:65:f4:59:
61:9c:71:fc:21:80:96:b8:a6:9c:80:3a:f9:47:4a:1a:6f:04:
d7:dc:90:d9:53:4b:25:3c:bc:3c:34:16:a0:d9:8f:5f:64:25:
0f:ac:2b:64:2f:ce:97:72:52:0a:04:78:d7:8b:47:03:30:ab:
69:02:dd:f5:4a:c1:86:86:f5:aa:05:7e:11:8a:af:48:bc:9f:
de:84:c7:64:78:4b:69:a4:ac:a6:7a:f1:3f:ca:09:8d:82:79:
03:e8:71:03:59:60:99:3d:90:75:14:8e:39:8c:14:a1:e8:01:
81:f3:de:ba:02:31:65:18:bc:c3:f3:3a:f0:1f:3b:0d:40:e5:
35:98:79:60:db:10:99:c0:0b:61:0d:5e:1e:f0:bf:27:06:dd:
13:59:83:b5:62:68:c3:60:5f:a5:38:8d:19:15:01:40:50:ed:
6b:00:fc:71:b9:61:37:ff:ab:53:15:1a:c7:2c:27:a3:74:2b:
88:9b:33:6c
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICFQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzOEQ2NTBGMEYwMThE
QjkwRjA5RTVFQjk2QkNDNkE4MzBFMEE0RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDj0tj2F6PNT5Fnonw+Qg846r29D51FpRiqFhxVEMYHMdfRMW/
whp7RRUfZpr8tiSaW+yC+WjphU+/Sd495qF4aBcyRYaPahDsoiGdcldDQihg6Uq9
mwJmVrZUF43E8dtkIowYyUjm/NHKaEijz78q82h5omZGG7qaD1mfDiWF60iMMqTF
e/IZz4uT4TwftHhUItiBwpD3qiS8VvYJxQaezlYsLbMnR9OCrXtrDgIyFynCXN1s
4A2lxmpQRmxsEluqHBUT+uIqBxbI4qXIO1S2vUbqXT8jyHksHr3D7LDcAPhUal8g
duGDUpKwHf0ynr3HnOe2MDmfui+WTF6rjCgNAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUQ41lDw8BjbkPCeXrlrzGqDDgpPswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9RNDFsRHc4Qmpia1BDZVhybHJ6
R3FERGdwUHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHy0p1
ADANBgkqhkiG9w0BAQsFAAOCAQEAUUHbWO3atRdDXe+m+05DWHRBDZ+18UIBB5FE
KpfEsx4diTsyUhH8yfd2gSDACWhOY55skc1waWBam3k9OOO3Xl8ahnZDZfRZYZxx
/CGAlrimnIA6+UdKGm8E19yQ2VNLJTy8PDQWoNmPX2QlD6wrZC/Ol3JSCgR414tH
AzCraQLd9UrBhob1qgV+EYqvSLyf3oTHZHhLaaSspnrxP8oJjYJ5A+hxA1lgmT2Q
dRSOOYwUoegBgfPeugIxZRi8w/M68B87DUDlNZh5YNsQmcALYQ1eHvC/JwbdE1mD
tWJow2BfpTiNGRUBQFDtawD8cblhN/+rUxUaxywno3QriJszbA==
-----END CERTIFICATE-----
Generated at Sat May 10 14:04:43 2025 by rpki-client