Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/_m29MMUBQa_BS_xH1G8-O677ryM.roa
File: _m29MMUBQa_BS_xH1G8-O677ryM.roa (raw, json)
Hash identifier: JB408ztMPLlqJ09+uT8p4cGSSWYI5SC9Fqx8f7URUwU=
Subject key identifier: FE:6D:BD:30:C5:01:41:AF:C1:4B:FC:47:D4:6F:3E:3B:AE:FB:AF:23
Certificate issuer: /CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
Certificate serial: 0FE9
Authority key identifier: 45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/_m29MMUBQa_BS_xH1G8-O677ryM.roa
Signing time: Fri 01 Sep 2023 08:24:42 +0000
ROA not before: Fri 01 Sep 2023 08:24:42 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 396982
IP address blocks: 103.132.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4073 (0xfe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
Validity
Not Before: Sep 1 08:24:42 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FE6DBD30C50141AFC14BFC47D46F3E3BAEFBAF23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e4:46:5d:88:d6:67:16:4b:0e:29:3f:8a:b6:
b7:89:04:3b:6f:3e:25:1b:29:ca:66:18:02:32:76:
d3:1a:79:4b:c7:13:b7:3f:ba:f8:79:27:12:ae:fe:
67:8e:6e:06:ff:07:ad:e4:d7:c1:44:a1:ef:e3:e0:
5d:3e:bb:9b:99:8f:15:d3:05:6a:b3:09:05:62:66:
9d:58:14:9b:25:e2:df:8b:1e:e7:60:e1:0d:70:15:
6c:ca:27:cb:aa:67:98:a2:e6:bd:4a:66:90:94:2c:
9e:3f:55:69:ed:2e:42:cf:7d:d1:a2:98:98:be:31:
11:dd:bc:b6:37:11:4b:82:94:ee:25:38:86:0e:a5:
1d:dc:98:72:71:5e:d4:e5:07:f4:1e:9e:cc:f8:c6:
67:b4:58:19:0f:d0:54:09:19:2e:17:0e:ad:6b:60:
a5:57:92:43:f2:80:79:7f:54:f7:a5:2b:31:b5:aa:
bb:1c:d7:b2:ec:b9:25:13:85:bf:33:ae:c5:af:81:
63:ab:6a:78:3a:74:2e:95:c4:e1:f5:73:41:27:df:
aa:a2:cf:75:32:da:ec:f1:58:37:0a:69:7a:e4:ea:
19:40:a7:41:36:82:90:aa:25:8f:7f:89:da:ee:4a:
49:f4:44:de:80:17:32:77:63:08:15:2c:e0:78:57:
33:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:6D:BD:30:C5:01:41:AF:C1:4B:FC:47:D4:6F:3E:3B:AE:FB:AF:23
X509v3 Authority Key Identifier:
keyid:45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/RVzVDYKVhJn9r8sK3xAlH0yrPi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/_m29MMUBQa_BS_xH1G8-O677ryM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.46.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ff:ab:86:a9:6f:ab:eb:01:54:83:e4:e1:b2:ad:9f:55:d8:
e7:3f:e8:88:01:c7:9c:60:48:06:6e:44:be:e2:65:3f:fb:7e:
a6:0d:02:62:27:a0:aa:9d:a2:0c:7e:80:75:73:4f:da:39:f8:
02:17:0f:be:64:43:0c:f0:31:9e:15:cc:88:90:52:a4:b5:4d:
55:df:a0:a8:26:f6:ae:b4:c2:8b:16:b0:94:c6:a6:1c:07:4e:
8f:d3:42:48:35:04:c5:13:50:6d:c6:77:43:94:66:6e:79:c3:
31:40:82:b4:51:1d:dc:7f:c9:88:af:a8:5c:f4:fc:9b:ca:9b:
af:56:41:84:d9:ee:01:e5:b9:2f:dd:ea:a7:2f:b8:fd:f0:63:
c4:44:1d:c1:a6:6a:30:f1:46:40:6b:bb:9c:3a:2e:d1:7e:6e:
f3:dd:ab:52:88:bb:d4:17:a4:bd:d8:b9:6d:35:68:a8:2b:13:
9b:5d:ce:4e:52:c3:e4:9b:3a:86:de:e6:d8:66:aa:50:36:55:
17:09:51:dd:64:a1:cf:f3:54:d2:b2:20:ce:fb:36:f0:83:03:
ab:e0:d4:05:e3:fd:ae:b1:cf:2f:76:3c:6f:af:19:e7:7d:1d:
d4:89:a0:1a:73:26:88:3d:db:52:0f:10:b0:e4:cc:0d:85:f4:
f8:4f:89:a6
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgICD+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU1
Q0Q1MEQ4Mjk1ODQ5OUZEQUZDQjBBREYxMDI1MUY0Q0FCM0UyRDAeFw0yMzA5MDEw
ODI0NDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZFNkRCRDMwQzUwMTQx
QUZDMTRCRkM0N0Q0NkYzRTNCQUVGQkFGMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC85EZdiNZnFksOKT+KtreJBDtvPiUbKcpmGAIydtMaeUvHE7c/
uvh5JxKu/meObgb/B63k18FEoe/j4F0+u5uZjxXTBWqzCQViZp1YFJsl4t+LHudg
4Q1wFWzKJ8uqZ5ii5r1KZpCULJ4/VWntLkLPfdGimJi+MRHdvLY3EUuClO4lOIYO
pR3cmHJxXtTlB/Qensz4xme0WBkP0FQJGS4XDq1rYKVXkkPygHl/VPelKzG1qrsc
17LsuSUThb8zrsWvgWOrang6dC6VxOH1c0En36qiz3Uy2uzxWDcKaXrk6hlAp0E2
gpCqJY9/idruSkn0RN6AFzJ3YwgVLOB4VzPbAgMBAAGjggH4MIIB9DAdBgNVHQ4E
FgQU/m29MMUBQa/BS/xH1G8+O677ryMwHwYDVR0jBBgwFoAURVzVDYKVhJn9r8sK
3xAlH0yrPi0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBgNVHR8EWjBYMFag
VKBShlByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVZT05E
T1JCSVQvUlZ6VkRZS1ZoSm45cjhzSzN4QWxIMHlyUGkwLmNybDBgBggrBgEFBQcB
AQRUMFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kv
VFdOSUNDQS9SVnpWRFlLVmhKbjlyOHNLM3hBbEgweXJQaTAuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBoQYIKwYBBQUHAQsEgZQwgZEwXAYIKwYBBQUHMAuGUHJzeW5jOi8v
cnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CRVlPTkRPUkJJVC9fbTI5TU1V
QlFhX0JTX3hIMUc4LU82NzdyeU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jy
ZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZ4QuMA0GCSqGSIb3DQEBCwUAA4IBAQBR/6uGqW+r6wFUg+Thsq2f
VdjnP+iIAcecYEgGbkS+4mU/+36mDQJiJ6CqnaIMfoB1c0/aOfgCFw++ZEMM8DGe
FcyIkFKktU1V36CoJvautMKLFrCUxqYcB06P00JINQTFE1BtxndDlGZuecMxQIK0
UR3cf8mIr6hc9PybypuvVkGE2e4B5bkv3eqnL7j98GPERB3Bpmow8UZAa7ucOi7R
fm7z3atSiLvUF6S92LltNWioKxObXc5OUsPkmzqG3ubYZqpQNlUXCVHdZKHP81TS
siDO+zbwgwOr4NQF4/2usc8vdjxvrxnnfR3UiaAacyaIPdtSDxCw5MwNhfT4T4mm
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org