Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/t_3O6TOxXLPVaqq-eI3N-nBmq08.roa
File: t_3O6TOxXLPVaqq-eI3N-nBmq08.roa (raw, json)
Hash identifier: qNXaJNb3t9dJkdVX8Gvbr1bngJEEsbVn/ROYy+QQe+o=
Subject key identifier: B7:FD:CE:E9:33:B1:5C:B3:D5:6A:AA:BE:78:8D:CD:FA:70:66:AB:4F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12E5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/t_3O6TOxXLPVaqq-eI3N-nBmq08.roa
Signing time: Fri 01 Sep 2023 08:05:08 +0000
ROA not before: Fri 01 Sep 2023 08:05:08 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 218.184.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4837 (0x12e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:08 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B7FDCEE933B15CB3D56AAABE788DCDFA7066AB4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:77:ab:67:8f:1e:ee:a8:ba:53:61:5e:66:1c:
1a:b5:ba:c8:1a:c4:07:82:45:0a:3f:b1:74:e9:8d:
f7:18:53:91:62:2c:26:a1:00:e9:c7:c7:1e:60:5e:
2b:72:ea:01:3f:1b:f2:03:4c:54:12:23:c1:63:d0:
6a:6b:5a:7b:b4:9e:32:03:d0:86:7b:7d:ca:69:5a:
be:44:a8:8a:1d:fb:c1:a6:56:bf:be:2c:76:cf:68:
18:df:72:e5:de:dd:f3:7d:52:2c:cb:dc:84:56:de:
fa:d2:2e:04:b9:df:66:2d:11:26:98:ec:45:f9:bd:
ab:fa:4f:ea:66:bb:f7:6b:7b:b1:f3:22:27:6b:66:
99:16:1a:69:62:2a:77:49:7d:91:d8:bc:72:89:7f:
c5:3e:45:ca:e4:82:07:06:20:5a:78:e8:aa:b0:9f:
9a:31:fa:b1:b7:09:20:05:2c:9f:df:25:56:54:2b:
fb:ed:e7:f3:60:e2:26:5a:05:e4:61:f9:e9:97:73:
f1:86:90:57:b9:20:34:7c:e9:4d:6d:0d:16:19:46:
03:f0:2c:7f:2b:4c:8c:dd:7f:4d:bb:26:56:31:a7:
b2:60:a8:c8:75:62:2f:60:df:99:4a:41:e6:cd:80:
26:09:51:90:d6:bc:3a:b5:4a:c0:d6:da:90:b0:03:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FD:CE:E9:33:B1:5C:B3:D5:6A:AA:BE:78:8D:CD:FA:70:66:AB:4F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/t_3O6TOxXLPVaqq-eI3N-nBmq08.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.184.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:08:87:75:9a:0c:1c:87:08:95:b7:e0:5b:f6:6e:41:9b:d2:
cf:b6:8b:32:a1:91:50:14:22:d3:7c:9e:24:b5:9a:c6:f2:f6:
c6:ee:36:f8:e2:aa:da:ca:e4:0d:c4:62:4b:ac:1b:19:f3:a2:
66:83:3d:f3:ae:7a:49:39:23:48:65:ab:63:28:56:10:35:77:
41:69:bb:ec:ae:0a:86:a3:46:89:99:0f:81:e7:cf:6b:55:c9:
d1:29:75:43:23:04:14:19:f4:5d:d2:98:36:9b:d8:71:b3:94:
2b:48:e5:bb:71:45:34:6c:14:95:1e:73:05:f6:b9:da:85:ff:
b8:b0:31:f1:5e:d9:c8:d6:65:f6:a6:64:1b:39:10:12:c5:f9:
5e:6a:04:0e:bd:7a:27:26:17:2b:e9:bd:bf:d2:55:47:c4:da:
a4:14:32:35:c8:72:4f:e1:1e:00:04:16:e0:e4:79:e9:2e:fb:
30:44:30:14:6f:6c:fd:9a:f4:5c:df:5f:42:9b:a6:bb:a8:72:
1b:9b:60:07:80:b7:70:70:ba:e5:61:7b:25:95:a9:76:40:3b:
5d:d7:0a:75:0c:a2:63:b3:66:19:96:44:f3:22:1b:a9:e9:c9:
14:c0:90:78:58:02:0d:c4:c4:3b:9b:2a:80:53:7e:9a:c9:1e:
4a:24:b6:97
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI3RkRDRUU5MzNCMTVD
QjNENTZBQUFCRTc4OERDREZBNzA2NkFCNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDid6tnjx7uqLpTYV5mHBq1usgaxAeCRQo/sXTpjfcYU5FiLCah
AOnHxx5gXity6gE/G/IDTFQSI8Fj0GprWnu0njID0IZ7fcppWr5EqIod+8GmVr++
LHbPaBjfcuXe3fN9UizL3IRW3vrSLgS532YtESaY7EX5vav6T+pmu/dre7HzIidr
ZpkWGmliKndJfZHYvHKJf8U+RcrkggcGIFp46Kqwn5ox+rG3CSAFLJ/fJVZUK/vt
5/Ng4iZaBeRh+emXc/GGkFe5IDR86U1tDRYZRgPwLH8rTIzdf027JlYxp7JgqMh1
Yi9g35lKQebNgCYJUZDWvDq1SsDW2pCwA6VpAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUt/3O6TOxXLPVaqq+eI3N+nBmq08wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdF8zTzZUT3hYTFBWYXFxLWVJM04t
bkJtcTA4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANq4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVCId1mgwchwiVt+Bb9m5Bm9LPtosyoZFQFCLTfJ4k
tZrG8vbG7jb44qrayuQNxGJLrBsZ86Jmgz3zrnpJOSNIZatjKFYQNXdBabvsrgqG
o0aJmQ+B589rVcnRKXVDIwQUGfRd0pg2m9hxs5QrSOW7cUU0bBSVHnMF9rnahf+4
sDHxXtnI1mX2pmQbORASxfleagQOvXonJhcr6b2/0lVHxNqkFDI1yHJP4R4ABBbg
5HnpLvswRDAUb2z9mvRc319Cm6a7qHIbm2AHgLdwcLrlYXsllal2QDtd1wp1DKJj
s2YZlkTzIhup6ckUwJB4WAINxMQ7myqAU36ayR5KJLaX
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:29:46 2024 by rpki-client on console-ams.rpki-client.org