Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Tz9z685QCdsINqyn9Dx5y6j-bfo.roa
File: Tz9z685QCdsINqyn9Dx5y6j-bfo.roa (raw, json)
Hash identifier: Xgm5QAvWvFzgUOypaJPE/N5puRtZZmmRWe71PLgkdhA=
Subject key identifier: 4F:3F:73:EB:CE:50:09:DB:08:36:AC:A7:F4:3C:79:CB:A8:FE:6D:FA
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 155D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Tz9z685QCdsINqyn9Dx5y6j-bfo.roa
Signing time: Tue 11 Feb 2025 23:44:34 +0000
ROA not before: Tue 11 Feb 2025 23:44:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 203.66.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5469 (0x155d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:34 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4F3F73EBCE5009DB0836ACA7F43C79CBA8FE6DFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c3:e2:44:ee:dc:25:22:44:b3:b0:74:cf:32:
0a:5a:aa:91:36:f7:7d:d5:31:1b:f6:b7:4a:4d:38:
85:43:e9:fc:2e:3e:e1:c5:02:df:64:86:62:55:4c:
0e:f1:20:ed:d9:07:df:b6:9a:4d:2d:01:1c:60:90:
6c:39:3f:85:55:49:42:1f:b6:4a:a6:3c:32:f7:ec:
39:93:fc:4d:9c:58:5f:6b:01:d5:cb:5e:60:1c:6d:
1b:d2:ca:c1:c5:d4:00:01:9d:61:36:fa:0a:8d:8e:
22:06:f5:3b:98:c5:bd:45:a6:82:10:d5:6b:d9:3b:
a7:bd:7b:ae:93:7f:e5:bc:2c:f7:4c:21:bc:d5:b1:
c7:76:c3:23:67:b6:ff:97:3a:70:12:4f:41:78:5e:
9c:d2:4a:02:d2:b0:50:8c:f5:46:32:bd:74:31:94:
84:7a:ab:61:bc:1d:9c:5f:91:ea:f7:de:db:6a:a0:
f0:5c:a5:ab:50:0f:3b:3a:f3:89:8a:99:e5:99:46:
01:8b:be:35:0b:1c:12:5d:a6:b7:70:40:a6:3f:a0:
2f:96:54:ef:73:ad:41:58:ad:81:b0:e5:26:33:f6:
f1:1d:a5:a6:4f:17:fb:bb:8b:06:78:59:66:ff:d9:
fb:0a:29:1d:28:11:46:e6:f2:29:f8:34:71:78:1d:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3F:73:EB:CE:50:09:DB:08:36:AC:A7:F4:3C:79:CB:A8:FE:6D:FA
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Tz9z685QCdsINqyn9Dx5y6j-bfo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.66.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:93:a4:e8:ec:27:f2:7a:11:8e:cf:2a:f1:ea:8d:a6:41:27:
65:0b:5d:7a:82:05:a4:a2:b0:3c:62:e4:54:f9:ec:31:0b:6d:
a8:4a:36:23:9c:77:fc:f9:5b:b4:fd:33:76:99:76:4d:e5:8e:
56:00:d8:d3:25:a8:f5:60:e9:22:be:93:4b:86:d5:02:25:3e:
54:68:2d:9f:94:e5:ca:ed:69:0e:3f:72:a6:8e:3c:7d:19:be:
77:ce:b8:5b:e3:2f:5d:f7:1a:54:77:b0:c9:0c:05:66:38:9d:
88:57:3c:87:f0:3c:c2:2d:7b:3c:fb:2b:fc:bb:9e:85:cf:58:
cc:33:08:8d:1a:8f:85:f4:47:7a:89:11:5f:8f:a3:d7:b7:b4:
38:c3:f1:4c:fb:4b:0c:da:2c:4b:49:6e:90:d4:49:6c:0d:6a:
02:47:a3:6a:31:ff:66:97:39:f2:05:20:29:6d:83:bc:fb:0b:
13:1b:a0:ed:1a:aa:87:34:cf:99:cf:52:9f:60:73:21:15:da:
e0:41:0f:fc:7d:c7:57:d9:94:f2:61:1b:33:4b:97:b7:ef:9d:
7a:db:bb:d2:02:d0:0d:c5:3c:cf:c5:44:55:a8:ae:b9:dd:76:
93:08:b7:c6:be:47:d1:67:ec:7b:f5:e1:bb:06:27:ea:8d:1c:
44:07:6a:65
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRGM0Y3M0VCQ0U1MDA5
REIwODM2QUNBN0Y0M0M3OUNCQThGRTZERkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6w+JE7twlIkSzsHTPMgpaqpE2933VMRv2t0pNOIVD6fwuPuHF
At9khmJVTA7xIO3ZB9+2mk0tARxgkGw5P4VVSUIftkqmPDL37DmT/E2cWF9rAdXL
XmAcbRvSysHF1AABnWE2+gqNjiIG9TuYxb1FpoIQ1WvZO6e9e66Tf+W8LPdMIbzV
scd2wyNntv+XOnAST0F4XpzSSgLSsFCM9UYyvXQxlIR6q2G8HZxfker33ttqoPBc
patQDzs684mKmeWZRgGLvjULHBJdprdwQKY/oC+WVO9zrUFYrYGw5SYz9vEdpaZP
F/u7iwZ4WWb/2fsKKR0oEUbm8in4NHF4HUcXAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUTz9z685QCdsINqyn9Dx5y6j+bfowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Uejl6Njg1UUNkc0lOcXluOUR4
NXk2ai1iZm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAy0Iw
DQYJKoZIhvcNAQELBQADggEBAKGTpOjsJ/J6EY7PKvHqjaZBJ2ULXXqCBaSisDxi
5FT57DELbahKNiOcd/z5W7T9M3aZdk3ljlYA2NMlqPVg6SK+k0uG1QIlPlRoLZ+U
5crtaQ4/cqaOPH0ZvnfOuFvjL133GlR3sMkMBWY4nYhXPIfwPMItezz7K/y7noXP
WMwzCI0aj4X0R3qJEV+Po9e3tDjD8Uz7SwzaLEtJbpDUSWwNagJHo2ox/2aXOfIF
ICltg7z7CxMboO0aqoc0z5nPUp9gcyEV2uBBD/x9x1fZlPJhGzNLl7fvnXrbu9IC
0A3FPM/FRFWorrnddpMIt8a+R9Fn7Hv14bsGJ+qNHEQHamU=
-----END CERTIFICATE-----
Generated at Sat May 10 12:43:56 2025 by rpki-client