Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/vBQG0N5-RY5devY58IbgENvu9Eg.roa
File: vBQG0N5-RY5devY58IbgENvu9Eg.roa (raw, json)
Hash identifier: /uGkTiT/7w3dcPXI3QcsyaYCn3TanpicNFa1zLhqj6k=
Subject key identifier: BC:14:06:D0:DE:7E:45:8E:5D:7A:F6:39:F0:86:E0:10:DB:EE:F4:48
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14E9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/vBQG0N5-RY5devY58IbgENvu9Eg.roa
Signing time: Tue 11 Feb 2025 23:44:09 +0000
ROA not before: Tue 11 Feb 2025 23:44:09 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 114.32.0.0/12 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 01:22:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5353 (0x14e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 11 23:44:09 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BC1406D0DE7E458E5D7AF639F086E010DBEEF448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:02:1d:f1:8f:52:8b:80:23:9b:27:e1:87:
f1:55:1e:86:af:5c:68:27:ef:1b:ca:7c:bb:97:61:
75:56:ae:3a:66:43:96:0f:40:fb:ce:b2:20:45:29:
f0:db:3a:5d:9b:70:de:10:a9:cf:b6:3b:ca:b4:db:
65:50:95:9f:9e:87:f2:4d:69:6d:e8:31:ed:86:af:
34:1d:81:d5:3a:6a:4b:99:bc:d0:c2:ce:45:ec:b6:
8c:ff:7b:e3:74:07:bc:9f:7b:88:ec:b3:78:66:14:
a8:45:ef:cd:96:22:e3:35:37:ec:8f:14:a2:3b:8f:
68:4a:c3:f3:ce:d4:c6:ea:47:5d:7d:39:ff:98:a8:
e1:57:16:1e:20:1a:e5:56:b7:0b:65:40:57:65:12:
37:c7:33:4a:b4:e0:8d:2e:64:e1:c7:94:5b:31:3d:
25:8f:a9:5d:47:26:86:96:93:dc:b0:ff:c9:a3:f9:
0c:d6:14:74:b6:26:7b:dc:6d:a4:62:0b:f3:67:0c:
5a:9c:f1:a5:53:3e:12:cf:b8:0f:72:67:48:49:d9:
7b:b3:6b:2e:80:a3:f3:e8:1b:0c:b6:12:da:c0:81:
2a:9b:78:11:8d:02:ed:2e:f4:f9:9c:b6:66:7b:09:
43:cc:82:cc:eb:2a:bc:1b:98:7c:a2:b7:71:5d:a5:
29:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:14:06:D0:DE:7E:45:8E:5D:7A:F6:39:F0:86:E0:10:DB:EE:F4:48
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/vBQG0N5-RY5devY58IbgENvu9Eg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.32.0.0/12
Signature Algorithm: sha256WithRSAEncryption
1d:1d:fb:03:ec:9c:1c:84:cd:54:3d:e1:68:8b:a0:cb:96:aa:
48:b3:08:37:ed:30:b5:cf:0a:7b:13:2e:c0:f5:fe:14:11:95:
00:2c:73:7f:b2:a2:0a:49:51:21:35:c8:20:d8:d3:f5:cc:de:
88:b1:90:ea:9e:7f:8e:55:3e:fe:4f:7d:0d:a2:83:a3:a9:fc:
f6:27:13:98:b9:07:4c:2d:ec:96:62:2f:29:af:2b:12:8a:3b:
27:f8:79:ad:35:6a:b6:dd:0f:37:1c:6f:5c:54:08:79:c7:40:
11:ba:59:a4:10:f6:67:8f:43:fd:bc:1a:de:86:e8:1c:65:c3:
a9:7d:0e:ad:6b:49:86:d5:0c:52:36:bc:e1:d4:b3:2b:04:1c:
4e:5a:df:4b:52:f6:07:9f:c9:b6:0d:75:45:28:7f:dd:a5:45:
77:85:83:5e:7d:ca:37:6b:cc:79:16:be:b8:d5:a5:1a:6c:df:
3d:05:75:22:10:20:0d:8a:a4:56:61:b4:47:b2:ca:f7:bd:32:
5b:6c:f3:94:ce:db:e4:8d:b2:88:93:62:55:ea:8f:e0:16:8f:
34:22:ba:34:82:a4:5c:4e:cd:9f:49:e5:88:f7:dd:ea:55:a8:
64:2e:68:05:b0:76:48:e7:59:8b:c6:d3:58:73:19:d6:3d:b0:
c4:a6:84:4d
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTEy
MzQ0MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJDMTQwNkQwREU3RTQ1
OEU1RDdBRjYzOUYwODZFMDEwREJFRUY0NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7GwId8Y9Si4Ajmyfhh/FVHoavXGgn7xvKfLuXYXVWrjpmQ5YP
QPvOsiBFKfDbOl2bcN4Qqc+2O8q022VQlZ+eh/JNaW3oMe2GrzQdgdU6akuZvNDC
zkXstoz/e+N0B7yfe4jss3hmFKhF782WIuM1N+yPFKI7j2hKw/PO1MbqR119Of+Y
qOFXFh4gGuVWtwtlQFdlEjfHM0q04I0uZOHHlFsxPSWPqV1HJoaWk9yw/8mj+QzW
FHS2JnvcbaRiC/NnDFqc8aVTPhLPuA9yZ0hJ2Xuzay6Ao/PoGwy2EtrAgSqbeBGN
Au0u9PmctmZ7CUPMgszrKrwbmHyit3FdpSmrAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUvBQG0N5+RY5devY58IbgENvu9EgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC92QlFHME41LVJZNWRldlk1OEli
Z0VOdnU5RWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEciAw
DQYJKoZIhvcNAQELBQADggEBAB0d+wPsnByEzVQ94WiLoMuWqkizCDftMLXPCnsT
LsD1/hQRlQAsc3+yogpJUSE1yCDY0/XM3oixkOqef45VPv5PfQ2ig6Op/PYnE5i5
B0wt7JZiLymvKxKKOyf4ea01arbdDzccb1xUCHnHQBG6WaQQ9mePQ/28Gt6G6Bxl
w6l9Dq1rSYbVDFI2vOHUsysEHE5a30tS9gefybYNdUUof92lRXeFg159yjdrzHkW
vrjVpRps3z0FdSIQIA2KpFZhtEeyyve9Mlts85TO2+SNsoiTYlXqj+AWjzQiujSC
pFxOzZ9J5Yj33epVqGQuaAWwdkjnWYvG01hzGdY9sMSmhE0=
-----END CERTIFICATE-----
Generated at Sat May 10 11:36:20 2025 by rpki-client