Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/S9nW_KVPG_O7r-QE2OKpRr2pRMU.roa
File: S9nW_KVPG_O7r-QE2OKpRr2pRMU.roa (raw, json)
Hash identifier: Wu++muKLa7cc/QWaQ/RmpdX/zHyUHlu4mXN8mUWw1RM=
Subject key identifier: 4B:D9:D6:FC:A5:4F:1B:F3:BB:AF:E4:04:D8:E2:A9:46:BD:A9:44:C5
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 158F
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S9nW_KVPG_O7r-QE2OKpRr2pRMU.roa
Signing time: Tue 11 Feb 2025 23:44:45 +0000
ROA not before: Tue 11 Feb 2025 23:44:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:23:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5519 (0x158f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4BD9D6FCA54F1BF3BBAFE404D8E2A946BDA944C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f2:43:b3:4c:89:2d:d9:62:05:6a:49:a2:f4:
92:2c:b1:94:25:7b:79:3d:2e:86:53:68:1d:b9:e4:
6e:98:24:be:08:b1:f2:bb:b1:02:ea:1f:b5:17:3d:
9d:e1:a5:8e:02:ac:5c:a0:ca:b6:5f:ab:6a:8b:bf:
94:46:16:ee:b5:2a:af:23:0f:07:34:e9:5d:a6:e5:
ec:9c:20:11:e8:13:f9:3e:70:8e:10:f8:43:f3:ad:
a0:35:08:14:71:6f:aa:df:d0:0e:9d:5e:32:ef:78:
d6:07:ae:eb:3b:ac:3e:04:20:46:16:90:f7:69:6b:
fa:01:04:71:b6:16:20:48:91:39:51:00:62:32:95:
07:ea:13:7c:77:b0:da:62:4e:78:98:e3:1d:f5:36:
15:72:50:53:22:4f:20:cf:17:4f:15:69:08:2e:c9:
13:f8:71:43:7a:1a:8f:04:6d:36:f9:03:4c:43:c4:
1e:eb:54:71:90:b9:22:e7:5b:f9:44:d0:f1:ed:da:
d2:d2:e7:89:d0:db:0f:9c:31:80:6c:90:74:55:d9:
3e:af:9d:67:4b:dd:f3:52:14:a5:43:c4:c2:30:b6:
17:1c:fc:24:c5:fa:9a:ea:2f:a6:b2:b3:14:68:f4:
f3:ec:f3:eb:9b:60:be:09:74:c7:1e:ea:e7:05:7f:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D9:D6:FC:A5:4F:1B:F3:BB:AF:E4:04:D8:E2:A9:46:BD:A9:44:C5
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S9nW_KVPG_O7r-QE2OKpRr2pRMU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:08:b4:05:76:31:80:b6:a4:46:1c:6d:5b:80:39:d1:45:73:
46:a4:9b:e0:f1:83:93:d6:6b:8f:f8:14:ba:1f:c3:f2:a7:93:
c4:63:44:9a:b6:5a:b7:fb:3a:0d:e6:18:c9:d9:2a:0e:0c:6a:
93:e5:3f:d1:72:a9:7e:fd:f4:42:44:66:d3:8d:5b:fb:0e:ef:
63:07:a8:41:60:59:ad:d7:72:ca:91:34:d8:74:22:c8:5a:0a:
9b:40:ad:1c:7f:16:66:28:b4:0f:aa:af:f9:5d:d4:f1:4b:f7:
63:41:d5:57:fb:59:d6:21:a3:95:e3:e0:d7:e1:8d:4c:7f:dc:
e8:62:5a:c3:58:a0:e5:85:3a:da:f2:ff:d8:52:10:ee:7e:f5:
b0:0d:fd:a5:2a:09:c4:1a:28:d0:6c:9b:fe:8f:4b:29:0a:0f:
83:6f:82:c5:c1:0a:b8:d6:7d:00:f6:ca:28:9b:05:19:f8:40:
ad:cc:71:69:fa:1d:75:b6:70:0d:f8:2c:88:af:cc:34:1c:59:
e3:c8:8f:6d:24:54:71:42:39:34:c5:33:a9:3c:6f:b8:14:9b:
fa:a1:32:c4:e6:88:fa:3c:09:b1:75:fe:1d:14:28:52:be:d9:
40:a4:a7:ba:10:7e:65:4d:f1:02:0c:e8:30:b8:e3:1d:8a:ec:
56:3a:4f:84
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRCRDlENkZDQTU0RjFC
RjNCQkFGRTQwNEQ4RTJBOTQ2QkRBOTQ0QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/8kOzTIkt2WIFakmi9JIssZQle3k9LoZTaB255G6YJL4IsfK7
sQLqH7UXPZ3hpY4CrFygyrZfq2qLv5RGFu61Kq8jDwc06V2m5eycIBHoE/k+cI4Q
+EPzraA1CBRxb6rf0A6dXjLveNYHrus7rD4EIEYWkPdpa/oBBHG2FiBIkTlRAGIy
lQfqE3x3sNpiTniY4x31NhVyUFMiTyDPF08VaQguyRP4cUN6Go8EbTb5A0xDxB7r
VHGQuSLnW/lE0PHt2tLS54nQ2w+cMYBskHRV2T6vnWdL3fNSFKVDxMIwthcc/CTF
+prqL6aysxRo9PPs8+ubYL4JdMce6ucFf80hAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUS9nW/KVPG/O7r+QE2OKpRr2pRMUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TOW5XX0tWUEdfTzdyLVFFMk9L
cFJyMnBSTVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBI
MA0GCSqGSIb3DQEBCwUAA4IBAQCLCLQFdjGAtqRGHG1bgDnRRXNGpJvg8YOT1muP
+BS6H8Pyp5PEY0Satlq3+zoN5hjJ2SoODGqT5T/Rcql+/fRCRGbTjVv7Du9jB6hB
YFmt13LKkTTYdCLIWgqbQK0cfxZmKLQPqq/5XdTxS/djQdVX+1nWIaOV4+DX4Y1M
f9zoYlrDWKDlhTra8v/YUhDufvWwDf2lKgnEGijQbJv+j0spCg+Db4LFwQq41n0A
9soomwUZ+ECtzHFp+h11tnAN+CyIr8w0HFnjyI9tJFRxQjk0xTOpPG+4FJv6oTLE
5oj6PAmxdf4dFChSvtlApKe6EH5lTfECDOgwuOMdiuxWOk+E
-----END CERTIFICATE-----
Generated at Sat May 10 12:20:37 2025 by rpki-client