Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/XkDkHu9vGC2L4PU2lEX0sOAD1uU.roa
File: XkDkHu9vGC2L4PU2lEX0sOAD1uU.roa (raw, json)
Hash identifier: 2vPg5jWp/5Rf9X35DIt3z/6z9c1b90nSReZT3+Cd5gs=
Subject key identifier: 5E:40:E4:1E:EF:6F:18:2D:8B:E0:F5:36:94:45:F4:B0:E0:03:D6:E5
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1574
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XkDkHu9vGC2L4PU2lEX0sOAD1uU.roa
Signing time: Tue 11 Feb 2025 23:44:40 +0000
ROA not before: Tue 11 Feb 2025 23:44:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5492 (0x1574)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5E40E41EEF6F182D8BE0F5369445F4B0E003D6E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d1:bd:51:5a:b0:f0:a0:a5:02:90:25:ec:32:
2c:78:62:25:96:8b:9a:44:b8:a1:9f:e3:2e:af:34:
f0:fc:23:65:50:11:c8:dc:f3:b3:87:9a:52:55:ff:
14:7e:94:93:3f:75:98:1d:15:5d:c6:09:b4:95:bb:
2b:da:52:e3:14:8b:88:cd:80:f6:57:d7:7b:f1:57:
2e:27:fb:cb:00:59:4c:7f:7a:83:5f:93:20:40:8c:
14:ac:27:78:82:43:04:ff:84:49:d1:b4:f4:f0:35:
70:78:b4:75:72:73:d4:26:93:cd:4f:e5:be:1d:ea:
80:9d:0d:b3:f5:a4:8c:61:b2:1b:9d:f0:ae:ad:ef:
7a:05:f1:72:54:65:e9:2e:e6:65:c3:f9:1e:d2:27:
a2:28:5b:89:84:08:97:fd:de:b1:fa:e7:27:d8:f0:
25:a5:4e:d2:e4:fe:e7:1c:53:be:b8:9f:69:bd:2a:
ca:63:52:44:af:96:cb:89:b1:e9:50:dc:5a:bb:72:
f8:f5:40:75:d1:16:6e:08:2b:9c:0e:50:bc:8a:03:
7d:e2:38:e6:71:c9:56:39:e9:04:34:db:7a:4f:ea:
04:43:03:75:0e:eb:3f:f4:09:cc:1b:56:0c:87:d4:
ed:7e:f3:de:17:b9:33:be:7b:ff:77:bb:28:7c:ba:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:40:E4:1E:EF:6F:18:2D:8B:E0:F5:36:94:45:F4:B0:E0:03:D6:E5
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XkDkHu9vGC2L4PU2lEX0sOAD1uU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.71.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:51:01:80:e1:d5:19:f4:ac:09:a2:3e:13:cc:4a:fa:cd:09:
f4:09:f8:cf:35:ac:01:59:15:cb:7e:a2:75:18:aa:4e:f2:c2:
33:34:7c:6e:2d:f9:41:f7:04:62:7d:8f:75:61:45:65:f8:9e:
c6:c8:ae:1c:75:bb:fe:9d:09:f8:ea:06:e4:80:90:f0:ab:39:
e4:6c:51:fc:50:03:e7:08:5e:42:d8:a8:d6:fc:28:8b:99:4c:
7d:ca:71:6f:2e:f7:5a:1e:31:31:d2:2c:69:8b:78:ab:ec:8b:
83:de:55:f1:4f:9b:46:f8:5e:94:58:e7:82:7a:f5:0a:bd:de:
af:06:56:cf:3e:b9:c5:c9:c7:9f:80:d2:eb:72:eb:d9:82:08:
02:69:65:33:93:cd:88:62:c7:5e:ad:43:3c:7b:67:f1:14:fd:
f9:9f:19:11:ca:9b:46:ac:31:e1:1c:73:bc:50:a0:23:c0:5f:
43:b3:b4:bb:ac:1b:4c:b1:f1:c8:0c:98:52:35:ba:cc:9b:97:
c7:6f:78:9e:32:34:76:21:8e:56:cd:0e:f3:10:a7:d8:8f:38:
25:1a:f4:93:0f:ca:b0:7f:11:19:e9:1d:6d:d3:1d:5e:d6:96:
55:d8:16:92:91:8d:a9:41:4b:4e:fe:66:75:97:90:b0:be:88:
b2:9e:50:27
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVFNDBFNDFFRUY2RjE4
MkQ4QkUwRjUzNjk0NDVGNEIwRTAwM0Q2RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe0b1RWrDwoKUCkCXsMix4YiWWi5pEuKGf4y6vNPD8I2VQEcjc
87OHmlJV/xR+lJM/dZgdFV3GCbSVuyvaUuMUi4jNgPZX13vxVy4n+8sAWUx/eoNf
kyBAjBSsJ3iCQwT/hEnRtPTwNXB4tHVyc9Qmk81P5b4d6oCdDbP1pIxhshud8K6t
73oF8XJUZeku5mXD+R7SJ6IoW4mECJf93rH65yfY8CWlTtLk/uccU764n2m9Kspj
UkSvlsuJselQ3Fq7cvj1QHXRFm4IK5wOULyKA33iOOZxyVY56QQ023pP6gRDA3UO
6z/0CcwbVgyH1O1+894XuTO+e/93uyh8us8fAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXkDkHu9vGC2L4PU2lEX0sOAD1uUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Ya0RrSHU5dkdDMkw0UFUybEVY
MHNPQUQxdVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBH
MA0GCSqGSIb3DQEBCwUAA4IBAQDBUQGA4dUZ9KwJoj4TzEr6zQn0CfjPNawBWRXL
fqJ1GKpO8sIzNHxuLflB9wRifY91YUVl+J7GyK4cdbv+nQn46gbkgJDwqznkbFH8
UAPnCF5C2KjW/CiLmUx9ynFvLvdaHjEx0ixpi3ir7IuD3lXxT5tG+F6UWOeCevUK
vd6vBlbPPrnFycefgNLrcuvZgggCaWUzk82IYsderUM8e2fxFP35nxkRyptGrDHh
HHO8UKAjwF9Ds7S7rBtMsfHIDJhSNbrMm5fHb3ieMjR2IY5WzQ7zEKfYjzglGvST
D8qwfxEZ6R1t0x1e1pZV2BaSkY2pQUtO/mZ1l5CwvoiynlAn
-----END CERTIFICATE-----
Generated at Sat May 10 14:18:36 2025 by rpki-client