Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/IYZBsn8wOS5oFjPMsjzv1j9I_gU.roa
File: IYZBsn8wOS5oFjPMsjzv1j9I_gU.roa (raw, json)
Hash identifier: 72swku8mkdZZ+Fsvoz5+BPZrUMsPa9SayRVYlRXUFx4=
Subject key identifier: 21:86:41:B2:7F:30:39:2E:68:16:33:CC:B2:3C:EF:D6:3F:48:FE:05
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 13A3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IYZBsn8wOS5oFjPMsjzv1j9I_gU.roa
Signing time: Wed 13 Dec 2023 02:47:58 +0000
ROA not before: Wed 13 Dec 2023 02:47:58 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.128.0/18 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5027 (0x13a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Dec 13 02:47:58 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=218641B27F30392E681633CCB23CEFD63F48FE05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:aa:06:27:8d:6d:86:20:b3:9f:47:00:5f:f2:
ff:a5:7d:bc:81:53:7c:59:95:23:51:50:5f:13:32:
0d:e4:7c:17:4a:be:61:3a:0d:af:a1:6c:af:da:51:
ea:a5:2f:9f:1b:fd:3e:52:a8:74:77:b5:78:b7:84:
a4:42:4d:84:cb:0c:11:8e:86:bf:d7:88:a7:fa:97:
6e:da:0f:90:44:10:0a:d0:0b:c3:6e:e3:37:5d:53:
5d:22:44:a1:b2:aa:4f:20:b0:8a:3d:d8:f6:ba:68:
c0:af:9f:05:f0:69:60:ca:f6:b2:c7:0a:29:b3:18:
2a:c2:09:12:4f:38:98:96:f4:ed:24:d0:c9:99:93:
d9:53:0e:75:cb:52:56:67:61:b0:b4:ac:97:f5:1d:
77:45:68:5e:a0:ec:19:fa:ac:bc:35:2b:ee:95:a5:
c7:74:f7:e2:1c:0c:d6:1f:c9:77:64:60:7c:e7:8f:
7b:d7:79:bc:60:48:59:8f:6d:6a:df:d6:4c:4d:98:
b9:ca:b8:22:77:80:a9:cb:2d:16:a2:03:09:95:80:
38:cd:21:e2:15:fa:b8:8e:3c:12:d8:10:35:a5:54:
94:77:c4:96:96:5b:1a:61:34:17:02:d8:4e:03:12:
e3:62:e0:64:04:f6:76:c1:35:15:a9:df:fa:2b:be:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:86:41:B2:7F:30:39:2E:68:16:33:CC:B2:3C:EF:D6:3F:48:FE:05
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/IYZBsn8wOS5oFjPMsjzv1j9I_gU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4e:c6:71:1c:67:91:6b:e6:f8:7f:37:47:53:72:4c:a5:3e:de:
9f:9f:f4:fe:1e:c9:97:ea:15:35:81:3a:48:63:8c:e7:56:ab:
21:98:c1:c3:e6:5b:fa:a4:f0:d1:ff:33:4f:68:18:af:99:c1:
a7:fb:dc:8a:d4:7a:af:5e:01:d9:5d:b2:b2:b4:64:f7:6f:8f:
ad:e0:1a:80:42:44:e8:72:fd:86:ff:60:4d:17:25:ec:c4:0d:
e0:d9:86:29:d1:10:1c:72:a4:b1:a1:0c:f1:a8:da:8b:36:96:
01:ea:5a:df:a2:cd:18:aa:78:d0:f3:0a:9e:a3:03:08:47:da:
65:f9:94:5f:a1:9f:c2:ce:85:c1:97:cd:2d:6a:d5:b8:d8:e3:
69:df:40:64:5e:f9:8f:ef:22:36:70:2e:fd:3e:be:e4:64:52:
8c:7f:08:3c:d9:71:9b:34:34:16:4b:64:ed:cf:42:ff:6c:94:
e0:b1:f4:d1:25:3d:a4:4a:6d:f4:da:15:a9:09:af:e3:0a:20:
c6:98:31:99:37:f9:48:f6:1a:35:e6:ba:ac:f4:5a:a3:53:bb:
2a:93:e1:8d:6f:a7:4d:0f:01:bd:ed:61:3b:0b:25:71:d2:fc:
c6:f6:72:4e:c3:22:cc:dd:c2:11:c1:82:1d:db:a7:7d:76:ff:
28:3e:6d:b4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzEyMTMw
MjQ3NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIxODY0MUIyN0YzMDM5
MkU2ODE2MzNDQ0IyM0NFRkQ2M0Y0OEZFMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGqgYnjW2GILOfRwBf8v+lfbyBU3xZlSNRUF8TMg3kfBdKvmE6
Da+hbK/aUeqlL58b/T5SqHR3tXi3hKRCTYTLDBGOhr/XiKf6l27aD5BEEArQC8Nu
4zddU10iRKGyqk8gsIo92Pa6aMCvnwXwaWDK9rLHCimzGCrCCRJPOJiW9O0k0MmZ
k9lTDnXLUlZnYbC0rJf1HXdFaF6g7Bn6rLw1K+6Vpcd09+IcDNYfyXdkYHznj3vX
ebxgSFmPbWrf1kxNmLnKuCJ3gKnLLRaiAwmVgDjNIeIV+riOPBLYEDWlVJR3xJaW
WxphNBcC2E4DEuNi4GQE9nbBNRWp3/orvgY9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIYZBsn8wOS5oFjPMsjzv1j9I/gUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSVlaQnNuOHdPUzVvRmpQTXNqenYx
ajlJX2dVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76gDAN
BgkqhkiG9w0BAQsFAAOCAQEATsZxHGeRa+b4fzdHU3JMpT7en5/0/h7Jl+oVNYE6
SGOM51arIZjBw+Zb+qTw0f8zT2gYr5nBp/vcitR6r14B2V2ysrRk92+PreAagEJE
6HL9hv9gTRcl7MQN4NmGKdEQHHKksaEM8ajaizaWAepa36LNGKp40PMKnqMDCEfa
ZfmUX6Gfws6FwZfNLWrVuNjjad9AZF75j+8iNnAu/T6+5GRSjH8IPNlxmzQ0Fktk
7c9C/2yU4LH00SU9pEpt9NoVqQmv4wogxpgxmTf5SPYaNea6rPRao1O7KpPhjW+n
TQ8Bve1hOwslcdL8xvZyTsMizN3CEcGCHdunfXb/KD5ttA==
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:29:46 2024 by rpki-client on console-ams.rpki-client.org