Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/uLT30ZJd4t6CmTytzqJ8jKNyjkM.roa
File: uLT30ZJd4t6CmTytzqJ8jKNyjkM.roa (raw, json)
Hash identifier: 8sNEEEvxEIifHAQixd2Nb7UExg6kAb2S/A99DE00EMA=
Subject key identifier: B8:B4:F7:D1:92:5D:E2:DE:82:99:3C:AD:CE:A2:7C:8C:A3:72:8E:43
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 13D1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/uLT30ZJd4t6CmTytzqJ8jKNyjkM.roa
Signing time: Fri 05 Jan 2024 09:07:10 +0000
ROA not before: Fri 05 Jan 2024 09:07:10 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.192.0/18 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5073 (0x13d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Jan 5 09:07:10 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B8B4F7D1925DE2DE82993CADCEA27C8CA3728E43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fc:5d:e7:08:fe:28:4f:7f:83:82:1d:d6:97:
84:4b:3f:fc:cb:67:cc:c7:95:b0:ce:3c:3c:47:78:
ff:d2:07:e2:c2:ae:d9:d1:40:09:16:8d:38:97:f1:
d8:08:ef:36:fe:86:85:1d:6f:f0:d2:be:2b:cc:04:
36:0f:0e:3d:38:21:2b:97:31:b9:f5:96:4b:49:f1:
e9:42:f5:33:72:c9:72:07:7c:ad:3a:d2:eb:38:e5:
fc:ff:d3:11:92:ae:bb:4e:fc:ee:c3:a7:e6:98:fd:
e0:a5:ca:9a:96:ee:af:1a:7c:70:2f:46:c2:4a:0e:
f8:23:47:97:05:42:2e:e4:81:79:2e:8d:26:b0:d3:
84:31:f9:bc:57:fe:67:ea:bb:e5:b3:2e:59:ac:77:
1e:b7:22:94:47:56:36:78:f7:b7:05:8b:56:e6:a4:
14:1d:ba:97:2b:4a:ac:b8:aa:61:04:9d:df:24:ca:
cc:72:34:09:00:54:ef:b5:4a:7b:6c:dc:66:c2:9f:
36:96:da:39:f2:83:0d:c1:8b:9e:f9:f9:dc:57:c4:
bf:e7:b6:f1:f2:06:ff:de:97:42:57:ec:08:eb:d8:
53:ce:fa:23:38:e6:93:49:5a:b9:10:6a:67:4a:20:
90:5a:46:68:85:07:70:0a:84:ff:5e:e4:03:e5:1d:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B4:F7:D1:92:5D:E2:DE:82:99:3C:AD:CE:A2:7C:8C:A3:72:8E:43
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/uLT30ZJd4t6CmTytzqJ8jKNyjkM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.192.0/18
Signature Algorithm: sha256WithRSAEncryption
30:f7:98:75:41:74:e4:24:0c:f3:e7:74:8f:e0:10:34:97:76:
5f:d6:6a:62:b1:90:a0:a0:33:3e:ad:6e:bc:d1:13:9a:1f:08:
33:12:7e:87:c8:08:d9:a9:e5:f3:0f:ba:a0:34:fa:c5:64:de:
7e:da:cb:f4:5f:43:9a:3c:23:04:51:81:5e:9f:c9:8e:b5:7c:
f7:0f:4f:3e:fd:cc:73:df:cf:97:f1:c9:7c:0c:f5:3f:57:83:
60:60:6d:51:38:c4:a8:fd:ed:d6:38:e0:3d:41:02:ab:2f:48:
53:65:72:a8:9e:c4:40:0a:13:90:c2:c5:33:4d:e5:f7:0a:44:
19:aa:47:a4:2c:38:e5:6f:89:a3:14:96:ad:68:72:3d:08:2d:
04:4b:c1:52:aa:71:ce:36:32:64:68:47:4f:9a:6b:83:a2:34:
64:e1:43:f1:a7:a2:f4:10:d8:a0:68:78:f9:f8:8f:83:0c:8e:
da:79:96:b9:15:21:58:cd:ba:20:77:09:59:34:cc:86:d2:b6:
44:67:90:b3:81:df:ae:08:b8:23:a0:60:18:31:3d:57:a1:c8:
4d:fe:5a:94:f8:de:58:26:cc:91:08:a6:27:08:14:23:1c:52:
ae:0e:36:f6:91:47:8a:1b:38:54:14:22:32:37:01:0c:b1:f1:
16:94:82:11
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yNDAxMDUw
OTA3MTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI4QjRGN0QxOTI1REUy
REU4Mjk5M0NBRENFQTI3QzhDQTM3MjhFNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt/F3nCP4oT3+Dgh3Wl4RLP/zLZ8zHlbDOPDxHeP/SB+LCrtnR
QAkWjTiX8dgI7zb+hoUdb/DSvivMBDYPDj04ISuXMbn1lktJ8elC9TNyyXIHfK06
0us45fz/0xGSrrtO/O7Dp+aY/eClypqW7q8afHAvRsJKDvgjR5cFQi7kgXkujSaw
04Qx+bxX/mfqu+WzLlmsdx63IpRHVjZ497cFi1bmpBQdupcrSqy4qmEEnd8kysxy
NAkAVO+1Snts3GbCnzaW2jnygw3Bi575+dxXxL/ntvHyBv/el0JX7Ajr2FPO+iM4
5pNJWrkQamdKIJBaRmiFB3AKhP9e5APlHf2RAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUuLT30ZJd4t6CmTytzqJ8jKNyjkMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdUxUMzBaSmQ0dDZDbVR5dHpxSjhq
S055amtNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76wDAN
BgkqhkiG9w0BAQsFAAOCAQEAMPeYdUF05CQM8+d0j+AQNJd2X9ZqYrGQoKAzPq1u
vNETmh8IMxJ+h8gI2anl8w+6oDT6xWTeftrL9F9DmjwjBFGBXp/JjrV89w9PPv3M
c9/Pl/HJfAz1P1eDYGBtUTjEqP3t1jjgPUECqy9IU2VyqJ7EQAoTkMLFM03l9wpE
GapHpCw45W+JoxSWrWhyPQgtBEvBUqpxzjYyZGhHT5prg6I0ZOFD8aei9BDYoGh4
+fiPgwyO2nmWuRUhWM26IHcJWTTMhtK2RGeQs4Hfrgi4I6BgGDE9V6HITf5alPje
WCbMkQimJwgUIxxSrg429pFHihs4VBQiMjcBDLHxFpSCEQ==
-----END CERTIFICATE-----
Generated at Fri Jan 5 14:17:38 2024 by rpki-client on console-ams.rpki-client.org