Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/63fma9erbFFgqXN_chkq6Jlrk24.roa
File: 63fma9erbFFgqXN_chkq6Jlrk24.roa (raw, json)
Hash identifier: tbPJpcklScApAw3vl42lEMNGSeV3GLVtm+rmSV5iywc=
Subject key identifier: EB:77:E6:6B:D7:AB:6C:51:60:A9:73:7F:72:19:2A:E8:99:6B:93:6E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12A5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/63fma9erbFFgqXN_chkq6Jlrk24.roa
Signing time: Fri 01 Sep 2023 08:04:45 +0000
ROA not before: Fri 01 Sep 2023 08:04:45 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 218.34.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4773 (0x12a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:45 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=EB77E66BD7AB6C5160A9737F72192AE8996B936E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:94:51:ad:45:a7:b8:6a:83:c9:d9:a9:64:
de:e0:78:29:15:db:59:a2:87:cb:a9:b8:d3:f6:59:
34:18:82:da:df:b9:d7:cc:6d:c9:a3:86:42:3c:46:
b0:be:ae:12:7d:cd:69:44:1c:76:99:9b:af:11:11:
61:2b:17:93:27:76:91:ac:16:08:82:ad:84:af:66:
d4:96:7c:9c:34:32:ac:46:f8:7f:a3:d0:ef:e3:ab:
d7:2e:1b:26:15:1d:97:5e:73:ad:95:f4:1b:1c:96:
99:18:87:4e:69:76:17:c5:00:2e:53:f0:78:03:0e:
0c:fd:a2:0a:94:78:43:94:ee:c1:27:01:07:1d:ee:
f2:b1:96:54:da:9b:6d:a6:14:4a:1a:78:e6:fb:99:
e6:17:86:ef:f9:7f:2f:18:19:f5:33:2e:e4:eb:0b:
99:c5:fc:be:b2:7b:cd:59:b8:03:f0:dc:7c:a3:7b:
aa:65:09:1d:ab:ea:ad:70:7a:49:8e:e6:e1:e6:57:
ea:ae:30:17:54:1d:23:4c:c8:99:3c:e2:e4:e2:87:
9d:00:6a:cb:2c:81:e5:3d:71:17:f4:26:ae:c3:0a:
33:a2:83:3b:ea:95:4c:29:3c:62:e7:8c:bc:eb:87:
46:bc:67:7b:99:13:e2:9b:e4:ab:e2:32:76:19:ff:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:77:E6:6B:D7:AB:6C:51:60:A9:73:7F:72:19:2A:E8:99:6B:93:6E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/63fma9erbFFgqXN_chkq6Jlrk24.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:06:6a:cd:7c:02:04:71:16:69:89:ac:bf:62:1c:f4:cd:78:
b0:5e:bb:b5:66:60:9d:91:db:4d:75:d9:46:67:8b:26:e5:12:
8d:12:4a:8f:56:fd:18:b0:09:52:5e:19:e2:d1:b0:8d:7e:e1:
1b:4c:3c:ad:ef:22:e1:6a:47:07:44:2e:94:68:f6:a8:66:97:
77:44:ce:04:16:ff:06:d2:ae:85:49:1a:f8:fa:d8:94:87:4d:
f7:4d:39:50:c4:d5:28:59:fb:d1:f9:78:0b:7f:aa:a2:48:be:
c0:f5:ff:b9:7f:09:d4:82:fd:d2:99:64:34:a0:15:d7:75:88:
46:1d:d1:72:ef:f1:c0:04:05:a7:8c:3a:19:66:16:04:31:73:
ab:46:7b:e1:12:64:0e:ab:42:a3:99:e0:57:d3:00:78:8c:fc:
ca:b6:34:02:3c:46:e7:04:24:47:62:1c:2d:cf:8e:5a:ac:42:
4e:22:23:9b:30:23:6d:38:fe:7b:7a:2d:9c:9b:2d:de:d6:a4:
eb:fd:16:58:60:36:4d:66:67:e2:7d:77:58:2d:c9:a3:0b:99:
75:a3:3a:ec:9b:bf:34:30:b4:de:aa:f0:f8:6a:e3:5d:e2:56:
08:49:bf:2e:b0:27:68:69:be:52:d3:11:6b:7a:81:a4:5c:4b:
b0:de:22:36
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVCNzdFNjZCRDdBQjZD
NTE2MEE5NzM3RjcyMTkyQUU4OTk2QjkzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz4JRRrUWnuGqDydmpZN7geCkV21mih8upuNP2WTQYgtrfudfM
bcmjhkI8RrC+rhJ9zWlEHHaZm68REWErF5MndpGsFgiCrYSvZtSWfJw0MqxG+H+j
0O/jq9cuGyYVHZdec62V9BsclpkYh05pdhfFAC5T8HgDDgz9ogqUeEOU7sEnAQcd
7vKxllTam22mFEoaeOb7meYXhu/5fy8YGfUzLuTrC5nF/L6ye81ZuAPw3Hyje6pl
CR2r6q1wekmO5uHmV+quMBdUHSNMyJk84uTih50AasssgeU9cRf0Jq7DCjOigzvq
lUwpPGLnjLzrh0a8Z3uZE+Kb5KviMnYZ/wmjAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU63fma9erbFFgqXN/chkq6Jlrk24wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNjNmbWE5ZXJiRkZncVhOX2Noa3E2
SmxyazI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANoiMA0G
CSqGSIb3DQEBCwUAA4IBAQAbBmrNfAIEcRZpiay/Yhz0zXiwXru1ZmCdkdtNddlG
Z4sm5RKNEkqPVv0YsAlSXhni0bCNfuEbTDyt7yLhakcHRC6UaPaoZpd3RM4EFv8G
0q6FSRr4+tiUh033TTlQxNUoWfvR+XgLf6qiSL7A9f+5fwnUgv3SmWQ0oBXXdYhG
HdFy7/HABAWnjDoZZhYEMXOrRnvhEmQOq0KjmeBX0wB4jPzKtjQCPEbnBCRHYhwt
z45arEJOIiObMCNtOP57ei2cmy3e1qTr/RZYYDZNZmfifXdYLcmjC5l1ozrsm780
MLTeqvD4auNd4lYISb8usCdoab5S0xFreoGkXEuw3iI2
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:29:46 2024 by rpki-client on console-ams.rpki-client.org