Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/hS88l4BhBfpvZodmxfqvAbXrQkQ.roa
File: hS88l4BhBfpvZodmxfqvAbXrQkQ.roa (raw, json)
Hash identifier: kOFy0FdlbkrFUVJruZvCB8FHdKoitWJrakS0F9splPc=
Subject key identifier: 85:2F:3C:97:80:61:05:FA:6F:66:87:66:C5:FA:AF:01:B5:EB:42:44
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1564
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hS88l4BhBfpvZodmxfqvAbXrQkQ.roa
Signing time: Tue 11 Feb 2025 23:44:36 +0000
ROA not before: Tue 11 Feb 2025 23:44:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9680
IP address blocks: 2001:b000:91::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5476 (0x1564)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=852F3C97806105FA6F668766C5FAAF01B5EB4244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:13:34:7e:34:e9:e5:b0:14:fa:69:95:a9:
ff:2c:72:e5:87:c7:c1:29:1b:5a:9a:6b:cb:bb:5f:
6c:c3:60:73:21:3f:91:29:36:d2:30:9a:67:76:06:
0c:cc:35:04:06:73:9c:41:df:c5:b2:99:96:b2:d8:
60:e5:4c:b3:c4:7b:c4:b0:81:e9:89:00:7f:2e:0c:
34:0c:5f:49:d0:75:9a:d3:38:2d:ee:37:6b:7a:68:
85:a4:47:b8:16:52:52:39:60:bd:12:a7:4a:07:10:
f2:5b:f1:d7:5c:64:09:ec:40:04:27:84:7f:87:1a:
27:e0:a1:26:d3:31:ee:fe:d9:6e:d4:24:fd:09:b0:
35:90:09:ad:31:65:40:08:e3:e6:ad:fe:13:c8:80:
80:9c:a7:06:3c:61:83:50:97:de:50:1b:48:16:8a:
41:54:70:fb:62:25:84:82:ac:6b:6f:59:c2:d0:59:
0b:10:de:07:ee:ed:cb:4b:9d:72:c1:54:ec:1c:56:
33:7b:e3:0f:e3:a5:6c:f8:b7:ee:b5:ff:74:d3:be:
94:4b:f9:5f:6f:43:77:36:55:86:ca:f9:eb:df:1c:
17:18:0a:8d:1e:61:2b:22:f4:45:b8:84:70:0d:d1:
4b:f2:8c:5c:f0:fd:da:c4:00:fe:ba:30:71:43:b1:
bf:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2F:3C:97:80:61:05:FA:6F:66:87:66:C5:FA:AF:01:B5:EB:42:44
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hS88l4BhBfpvZodmxfqvAbXrQkQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000:91::/48
Signature Algorithm: sha256WithRSAEncryption
93:06:9d:8c:af:3a:49:07:e4:c8:ae:cf:ae:22:a4:8b:2c:2e:
4e:58:dd:58:f0:78:f1:4a:32:fd:06:39:e9:0b:10:25:52:e3:
95:f5:44:30:5c:95:bc:1f:55:dd:01:72:25:2f:77:6e:2a:0f:
11:7f:da:40:94:86:b1:96:ef:f6:fb:f2:1b:7b:51:02:b0:72:
c2:ac:39:37:cc:b5:07:63:74:3b:e8:78:e3:fc:d0:d9:34:2f:
e1:3c:05:d6:51:b5:4c:ea:99:72:39:7e:47:74:5e:db:93:49:
7b:f3:ae:6e:bd:64:a1:7a:9d:b4:d6:b4:ba:82:7e:b0:a6:ff:
d0:19:78:84:0a:8d:5d:65:ae:52:c1:3c:61:12:b6:12:85:78:
02:bd:e8:28:65:71:0c:32:5d:47:9d:ba:39:62:bc:da:ee:66:
80:b8:00:44:5e:56:08:99:1b:6b:5e:81:d8:ac:19:82:2f:51:
50:87:dc:8b:73:58:1f:12:6f:09:67:85:5a:b3:83:9b:40:f8:
b2:9d:c9:cb:12:c8:63:aa:c4:24:f9:8a:28:c6:20:1e:d5:65:
d2:0f:c3:f4:29:dd:71:be:af:d5:d7:84:ab:21:a8:4b:07:67:
a5:4d:d9:e8:6d:85:14:52:de:6b:50:8f:62:d1:27:d8:90:79:
55:0b:d1:12
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICFWQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg1MkYzQzk3ODA2MTA1
RkE2RjY2ODc2NkM1RkFBRjAxQjVFQjQyNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3OBM0fjTp5bAU+mmVqf8scuWHx8EpG1qaa8u7X2zDYHMhP5Ep
NtIwmmd2BgzMNQQGc5xB38WymZay2GDlTLPEe8SwgemJAH8uDDQMX0nQdZrTOC3u
N2t6aIWkR7gWUlI5YL0Sp0oHEPJb8ddcZAnsQAQnhH+HGifgoSbTMe7+2W7UJP0J
sDWQCa0xZUAI4+at/hPIgICcpwY8YYNQl95QG0gWikFUcPtiJYSCrGtvWcLQWQsQ
3gfu7ctLnXLBVOwcVjN74w/jpWz4t+61/3TTvpRL+V9vQ3c2VYbK+evfHBcYCo0e
YSsi9EW4hHAN0UvyjFzw/drEAP66MHFDsb/nAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUhS88l4BhBfpvZodmxfqvAbXrQkQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oUzg4bDRCaEJmcHZab2RteGZx
dkFiWHJRa1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw
AACRMA0GCSqGSIb3DQEBCwUAA4IBAQCTBp2MrzpJB+TIrs+uIqSLLC5OWN1Y8Hjx
SjL9BjnpCxAlUuOV9UQwXJW8H1XdAXIlL3duKg8Rf9pAlIaxlu/2+/Ibe1ECsHLC
rDk3zLUHY3Q76Hjj/NDZNC/hPAXWUbVM6plyOX5HdF7bk0l7865uvWShep201rS6
gn6wpv/QGXiECo1dZa5SwTxhErYShXgCvegoZXEMMl1Hnbo5Yrza7maAuABEXlYI
mRtrXoHYrBmCL1FQh9yLc1gfEm8JZ4Vas4ObQPiyncnLEshjqsQk+YooxiAe1WXS
D8P0Kd1xvq/V14SrIahLB2elTdnobYUUUt5rUI9i0SfYkHlVC9ES
-----END CERTIFICATE-----
Generated at Sat May 10 12:49:11 2025 by rpki-client