Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa
File: O-yzXgc2YMRYmpKT1j6Zu22TahU.roa (raw, json)
Hash identifier: XSv8XcCeZfYxpCo5qMJuIhatnzkc+thCXb6Jb+IQqsQ=
Subject key identifier: 3B:EC:B3:5E:07:36:60:C4:58:9A:92:93:D6:3E:99:BB:6D:93:6A:15
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: 0293
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa
Signing time: Mon 26 Aug 2024 05:27:51 +0000
ROA not before: Mon 26 Aug 2024 05:27:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 659 (0x293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Aug 26 05:27:51 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3BECB35E073660C4589A9293D63E99BB6D936A15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:21:b4:33:e8:22:4d:62:9a:c0:37:f0:8c:7c:
bc:46:19:c7:06:3d:d3:cc:e4:ef:66:99:ae:ab:85:
5b:c6:e8:64:d7:c1:a1:38:05:0e:56:d5:df:42:75:
54:ec:9e:30:35:6c:e2:59:39:8d:8b:5d:a1:d6:4b:
11:7c:b2:be:1f:c5:82:ea:69:71:91:ac:24:a5:4e:
ba:6a:f2:3e:7b:96:f4:05:f5:35:a1:3e:26:b2:3c:
53:7f:d7:1d:3b:c5:ce:9b:a2:1a:dd:89:83:3d:19:
cd:77:5f:83:f2:cf:9e:b3:4a:f7:b4:d6:14:10:9c:
1d:39:88:51:84:d2:59:af:4d:9e:91:ec:08:49:38:
55:43:f5:c0:a2:a7:4b:99:e6:cb:16:2d:21:bb:9c:
7e:9a:a9:89:99:4e:49:8d:32:2b:ee:38:dc:bc:a6:
53:a8:7c:cd:8b:1b:1e:49:f4:f4:4e:62:e9:11:b3:
dc:00:30:eb:74:de:f2:31:e9:18:48:c2:f3:3a:68:
b7:86:31:b2:07:97:44:f6:41:16:c6:0a:8e:98:57:
a4:8e:7b:ab:d5:73:59:4b:7f:41:5f:e2:d5:e0:a8:
f9:e0:30:66:a2:f0:8c:2c:3a:3b:b4:d0:86:83:ea:
ce:14:c8:e1:9c:05:50:84:c3:50:ae:29:20:2c:a2:
6e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EC:B3:5E:07:36:60:C4:58:9A:92:93:D6:3E:99:BB:6D:93:6A:15
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/O-yzXgc2YMRYmpKT1j6Zu22TahU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
97:23:17:61:20:97:70:01:db:c4:73:fd:fa:97:1d:29:6c:f0:
59:96:1c:54:17:15:ac:0b:26:58:fc:02:60:af:37:91:9d:a1:
ce:fe:ef:1a:e8:e7:74:a9:64:09:16:9f:c2:77:0c:e4:1f:ff:
41:a8:ce:56:4b:97:a8:c0:78:31:81:a4:91:d2:12:ce:8a:15:
4c:d3:d1:96:d7:90:b2:95:aa:23:f1:97:8d:43:61:a8:79:ff:
5b:d6:70:bd:39:5a:1f:a1:de:07:32:d4:57:d5:ef:9f:5c:28:
26:d7:16:25:4b:50:0e:c9:2b:f8:08:f7:40:2c:bc:5e:f8:15:
c3:e9:0a:f8:18:df:e6:81:83:6a:32:7f:84:95:55:b9:56:e7:
5f:b6:fd:36:6b:9e:ab:3c:cb:58:9e:35:1c:17:27:b6:1f:91:
7a:20:c3:b5:e5:4a:cc:86:a0:7c:3f:d8:f3:cc:6c:70:6a:23:
a0:7d:1f:65:9e:bb:88:80:71:1c:f1:75:ea:e4:fc:4f:50:0f:
1b:54:9f:c2:47:b4:01:95:55:8f:26:79:6b:cd:cc:84:97:81:
73:ca:a0:1f:ee:2c:7f:76:83:87:56:f8:90:91:10:30:a8:18:
2a:28:08:32:79:1d:ba:6b:10:f0:dd:be:92:da:83:a5:a7:ef:
f8:6a:c0:84
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2
MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yNDA4MjYw
NTI3NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNCRUNCMzVFMDczNjYw
QzQ1ODlBOTI5M0Q2M0U5OUJCNkQ5MzZBMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYIbQz6CJNYprAN/CMfLxGGccGPdPM5O9mma6rhVvG6GTXwaE4
BQ5W1d9CdVTsnjA1bOJZOY2LXaHWSxF8sr4fxYLqaXGRrCSlTrpq8j57lvQF9TWh
PiayPFN/1x07xc6bohrdiYM9Gc13X4Pyz56zSve01hQQnB05iFGE0lmvTZ6R7AhJ
OFVD9cCip0uZ5ssWLSG7nH6aqYmZTkmNMivuONy8plOofM2LGx5J9PROYukRs9wA
MOt03vIx6RhIwvM6aLeGMbIHl0T2QRbGCo6YV6SOe6vVc1lLf0Ff4tXgqPngMGai
8IwsOju00IaD6s4UyOGcBVCEw1CuKSAsom6nAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUO+yzXgc2YMRYmpKT1j6Zu22TahUwHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN
XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y
QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL08teXpYZ2MyWU1SWW1wS1QxajZadTIy
VGFoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G
CSqGSIb3DQEBCwUAA4IBAQCXIxdhIJdwAdvEc/36lx0pbPBZlhxUFxWsCyZY/AJg
rzeRnaHO/u8a6Od0qWQJFp/CdwzkH/9BqM5WS5eowHgxgaSR0hLOihVM09GW15Cy
laoj8ZeNQ2Goef9b1nC9OVofod4HMtRX1e+fXCgm1xYlS1AOySv4CPdALLxe+BXD
6Qr4GN/mgYNqMn+ElVW5Vudftv02a56rPMtYnjUcFye2H5F6IMO15UrMhqB8P9jz
zGxwaiOgfR9lnruIgHEc8XXq5PxPUA8bVJ/CR7QBlVWPJnlrzcyEl4FzyqAf7ix/
doOHVviQkRAwqBgqKAgyeR26axDw3b6S2oOlp+/4asCE
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:57:30 2025 by rpki-client