Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/stJcH-GbmNAnb_yFATwPjCfX4rY.roa
File: stJcH-GbmNAnb_yFATwPjCfX4rY.roa (raw, json)
Hash identifier: ZVgqzXBA0p0BH0i3xyfS4cd87ZoORkpyEnmXaKjRIDo=
Subject key identifier: B2:D2:5C:1F:E1:9B:98:D0:27:6F:FC:85:01:3C:0F:8C:27:D7:E2:B6
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 157A
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/stJcH-GbmNAnb_yFATwPjCfX4rY.roa
Signing time: Tue 11 Feb 2025 23:44:41 +0000
ROA not before: Tue 11 Feb 2025 23:44:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 61.224.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5498 (0x157a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B2D25C1FE19B98D0276FFC85013C0F8C27D7E2B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:02:eb:32:5a:45:31:65:33:d4:5b:dc:b8:
e1:ec:fd:34:78:5b:b7:ba:fc:c6:2e:6d:b2:60:6a:
8b:6a:6b:37:1e:49:0f:ff:9d:1f:da:33:c6:68:e5:
ab:a8:f8:3f:a3:8d:0a:79:47:81:6a:95:c0:3c:c0:
13:8d:8e:01:a2:2a:77:ea:61:fe:eb:28:98:41:74:
6f:e9:04:67:f2:89:25:60:30:91:16:95:fa:0c:21:
3b:41:fc:a8:ef:1e:73:b2:71:a4:e6:6b:87:a0:f0:
50:a4:2b:2b:fb:d9:49:cb:c0:28:58:89:43:09:29:
24:77:b9:ae:8a:cd:42:73:c1:b4:27:c1:5c:ee:46:
71:1e:e2:76:20:e9:f9:f6:1b:52:32:6f:f9:6f:41:
e5:c3:f2:61:fd:8f:e6:fd:d8:db:09:fe:2b:f9:93:
a5:8f:a1:85:18:10:fa:68:46:6b:e2:42:fd:90:a1:
18:57:5e:7a:25:c5:62:6a:f9:9a:09:9f:d3:bf:77:
81:3e:01:e6:a0:b5:78:5a:74:94:55:8c:12:41:c6:
3b:b1:6e:43:09:77:c8:ef:b3:57:98:34:59:3b:d1:
60:f9:70:9d:f6:78:a1:77:9e:4e:af:e0:4c:5d:00:
a1:ef:1b:ae:2a:81:00:64:f8:3d:22:56:d7:d3:9b:
39:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D2:5C:1F:E1:9B:98:D0:27:6F:FC:85:01:3C:0F:8C:27:D7:E2:B6
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/stJcH-GbmNAnb_yFATwPjCfX4rY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.224.0.0/14
Signature Algorithm: sha256WithRSAEncryption
a3:d7:88:61:01:87:71:84:5f:d8:e6:a5:b1:4e:19:e8:0f:d6:
ff:e3:e8:4b:0d:96:af:b9:52:21:e1:5a:02:a4:b4:30:36:3b:
55:f5:73:b5:5f:37:54:02:90:d3:85:d4:d6:80:8b:06:27:c1:
ce:82:13:e7:75:38:1c:be:c2:04:24:b1:50:00:af:36:64:ca:
da:62:b7:30:35:a7:c1:1d:0a:b0:13:a4:38:dc:1f:23:c8:d4:
18:ce:1c:43:8b:87:e1:91:a9:0e:35:a6:e8:40:9f:f9:6f:68:
20:90:a1:e3:4f:10:cc:9e:87:70:2a:02:a9:c7:dc:c3:58:a8:
04:e3:31:1b:27:e1:31:8a:71:2c:aa:49:86:eb:98:c7:7a:16:
14:31:38:32:02:40:6a:4c:de:cb:1a:05:a2:cb:e6:01:8e:c0:
e0:0f:35:c6:fe:b6:7f:51:f1:32:b7:52:ee:4a:25:4c:1f:f4:
50:4a:b1:a9:04:16:b4:18:9a:4d:aa:97:7b:b5:31:9c:8a:43:
e5:7d:6c:93:6f:2e:95:1d:16:a5:2f:1e:ec:6f:0f:39:33:b5:
69:10:b0:58:74:de:27:1b:5d:15:9a:05:70:29:44:b5:c5:c7:
38:a1:ea:cb:6f:f5:90:00:cb:fa:83:e8:fd:e9:93:35:60:72:
12:70:16:0f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIyRDI1QzFGRTE5Qjk4
RDAyNzZGRkM4NTAxM0MwRjhDMjdEN0UyQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoYgLrMlpFMWUz1FvcuOHs/TR4W7e6/MYubbJgaotqazceSQ//
nR/aM8Zo5auo+D+jjQp5R4FqlcA8wBONjgGiKnfqYf7rKJhBdG/pBGfyiSVgMJEW
lfoMITtB/KjvHnOycaTma4eg8FCkKyv72UnLwChYiUMJKSR3ua6KzUJzwbQnwVzu
RnEe4nYg6fn2G1Iyb/lvQeXD8mH9j+b92NsJ/iv5k6WPoYUYEPpoRmviQv2QoRhX
XnolxWJq+ZoJn9O/d4E+AeagtXhadJRVjBJBxjuxbkMJd8jvs1eYNFk70WD5cJ32
eKF3nk6v4ExdAKHvG64qgQBk+D0iVtfTmzmTAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUstJcH+GbmNAnb/yFATwPjCfX4rYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9zdEpjSC1HYm1OQW5iX3lGQVR3
UGpDZlg0clkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPeAw
DQYJKoZIhvcNAQELBQADggEBAKPXiGEBh3GEX9jmpbFOGegP1v/j6EsNlq+5UiHh
WgKktDA2O1X1c7VfN1QCkNOF1NaAiwYnwc6CE+d1OBy+wgQksVAArzZkytpitzA1
p8EdCrATpDjcHyPI1BjOHEOLh+GRqQ41puhAn/lvaCCQoeNPEMyeh3AqAqnH3MNY
qATjMRsn4TGKcSyqSYbrmMd6FhQxODICQGpM3ssaBaLL5gGOwOAPNcb+tn9R8TK3
Uu5KJUwf9FBKsakEFrQYmk2ql3u1MZyKQ+V9bJNvLpUdFqUvHuxvDzkztWkQsFh0
3icbXRWaBXApRLXFxzih6stv9ZAAy/qD6P3pkzVgchJwFg8=
-----END CERTIFICATE-----
Generated at Sat May 10 12:21:49 2025 by rpki-client