Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/XFj2M5zD3arWAkFrzvxPQPjQ45o.roa
File: XFj2M5zD3arWAkFrzvxPQPjQ45o.roa (raw, json)
Hash identifier: pBgA1OIRHoa/tFBCJBU5H1EPAGS6NG5AfudQllx7GeU=
Subject key identifier: 5C:58:F6:33:9C:C3:DD:AA:D6:02:41:6B:CE:FC:4F:40:F8:D0:E3:9A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1533
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XFj2M5zD3arWAkFrzvxPQPjQ45o.roa
Signing time: Tue 11 Feb 2025 23:44:25 +0000
ROA not before: Tue 11 Feb 2025 23:44:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 223.136.0.0/13 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5427 (0x1533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5C58F6339CC3DDAAD602416BCEFC4F40F8D0E39A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:58:cd:17:cd:24:a8:42:84:84:34:9b:c3:7e:
7c:4f:e0:b4:64:9e:11:d9:92:ab:9f:b9:3c:62:1e:
79:fa:54:b7:1b:c2:a4:8e:98:dc:ac:9d:ed:68:b7:
b7:7f:a4:60:2d:e4:bc:40:e7:c1:81:b5:ab:56:c4:
0c:53:06:0e:a3:76:0b:ea:38:4b:ff:e7:c9:c2:71:
a9:c7:ad:38:e5:8d:9d:f7:ef:60:e8:1b:39:1e:16:
c2:d9:d7:fb:fa:a8:11:b1:fa:02:2d:85:6b:03:eb:
28:c6:06:54:a8:97:a7:d9:38:97:21:45:d9:59:dc:
a6:f8:2f:cb:18:74:7d:7d:30:93:a8:c4:53:57:0f:
03:96:9d:94:54:f1:6f:d5:7d:fd:19:fb:f0:1a:a1:
51:f5:bc:b0:7b:68:58:f1:ab:ac:3e:ea:b7:9c:65:
3b:39:48:1d:e5:6f:21:a2:76:ec:12:8e:30:72:37:
83:13:c1:eb:b3:fb:41:71:8f:0b:fd:0e:9c:e6:33:
b2:e1:78:79:27:91:6d:c6:1d:a7:c7:cf:16:f7:da:
4e:3f:96:29:34:c9:7d:10:28:b1:dd:c8:54:3f:53:
c5:dd:a4:f4:d0:43:85:d7:c5:26:3e:47:b9:f7:dd:
f8:7d:8a:03:41:6e:23:80:50:0c:83:1c:18:03:a6:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:58:F6:33:9C:C3:DD:AA:D6:02:41:6B:CE:FC:4F:40:F8:D0:E3:9A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XFj2M5zD3arWAkFrzvxPQPjQ45o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.136.0.0/13
Signature Algorithm: sha256WithRSAEncryption
d0:00:35:98:64:93:c4:53:98:c7:f5:3d:7e:39:ae:0a:fb:ed:
0a:0a:33:69:31:3f:13:32:6f:32:6e:b4:02:93:12:d6:a9:c6:
2d:99:c7:89:25:07:66:4f:0d:9a:5a:21:76:b3:e1:ad:d4:d6:
38:ce:bc:ca:9a:9d:e2:4e:00:6d:59:a7:57:9c:6f:5b:2b:30:
ec:4b:bf:07:41:a7:14:91:d0:5c:b8:e8:f9:37:34:70:ef:6e:
9d:66:ef:9d:01:5d:75:a8:50:80:c3:fc:7d:60:89:7e:73:d7:
2a:68:9b:b7:c9:e9:80:05:9f:86:24:a4:50:84:c1:c9:2a:52:
86:7a:af:70:ea:ee:35:62:14:b9:ad:70:5a:0d:6a:f2:cf:8d:
bb:3a:64:f9:ae:67:a4:41:b6:5a:5b:b5:85:1b:58:43:72:4b:
3c:a3:38:01:40:39:b2:95:a4:2f:10:10:77:ee:95:27:a9:26:
81:b0:70:d7:5b:e8:a8:66:e2:9c:fb:70:2a:4a:1b:af:3b:04:
ae:ab:0c:ea:c2:1e:0f:61:07:0a:ca:e6:50:13:fd:6a:8a:b0:
b5:e5:65:61:30:ab:65:e9:90:80:d4:d1:a9:7f:ef:38:51:43:
75:8d:e9:d8:0b:2c:ca:70:58:db:97:df:fe:31:6b:0c:29:1f:
b6:62:c6:d1
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDNThGNjMzOUNDM0RE
QUFENjAyNDE2QkNFRkM0RjQwRjhEMEUzOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7WM0XzSSoQoSENJvDfnxP4LRknhHZkqufuTxiHnn6VLcbwqSO
mNysne1ot7d/pGAt5LxA58GBtatWxAxTBg6jdgvqOEv/58nCcanHrTjljZ3372Do
GzkeFsLZ1/v6qBGx+gIthWsD6yjGBlSol6fZOJchRdlZ3Kb4L8sYdH19MJOoxFNX
DwOWnZRU8W/Vff0Z+/AaoVH1vLB7aFjxq6w+6recZTs5SB3lbyGiduwSjjByN4MT
weuz+0Fxjwv9DpzmM7LheHknkW3GHafHzxb32k4/lik0yX0QKLHdyFQ/U8XdpPTQ
Q4XXxSY+R7n33fh9igNBbiOAUAyDHBgDppnRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUXFj2M5zD3arWAkFrzvxPQPjQ45owHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9YRmoyTTV6RDNhcldBa0ZyenZ4
UFFQalE0NW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD34gw
DQYJKoZIhvcNAQELBQADggEBANAANZhkk8RTmMf1PX45rgr77QoKM2kxPxMybzJu
tAKTEtapxi2Zx4klB2ZPDZpaIXaz4a3U1jjOvMqaneJOAG1Zp1ecb1srMOxLvwdB
pxSR0Fy46Pk3NHDvbp1m750BXXWoUIDD/H1giX5z1ypom7fJ6YAFn4YkpFCEwckq
UoZ6r3Dq7jViFLmtcFoNavLPjbs6ZPmuZ6RBtlpbtYUbWENySzyjOAFAObKVpC8Q
EHfulSepJoGwcNdb6Khm4pz7cCpKG687BK6rDOrCHg9hBwrK5lAT/WqKsLXlZWEw
q2XpkIDU0al/7zhRQ3WN6dgLLMpwWNuX3/4xawwpH7ZixtE=
-----END CERTIFICATE-----
Generated at Wed Jun 25 22:18:09 2025 by rpki-client