Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/yhCy4Otcv0eugI6Hwl1u5jqaHYY.roa
File: yhCy4Otcv0eugI6Hwl1u5jqaHYY.roa (raw, json)
Hash identifier: lZ4LmG8Jt3IRN5U9wM+NNmdvatexaeFFQMq7sfzcFoY=
Subject key identifier: CA:10:B2:E0:EB:5C:BF:47:AE:80:8E:87:C2:5D:6E:E6:3A:9A:1D:86
Certificate issuer: /CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
Certificate serial: 0C36
Authority key identifier: 45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/yhCy4Otcv0eugI6Hwl1u5jqaHYY.roa
Signing time: Tue 29 Sep 2020 09:59:07 +0000
ROA not before: Tue 29 Sep 2020 09:59:07 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131675
IP address blocks: 103.132.44.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3126 (0xc36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=455CD50D82958499FDAFCB0ADF10251F4CAB3E2D
Validity
Not Before: Sep 29 09:59:07 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CA10B2E0EB5CBF47AE808E87C25D6EE63A9A1D86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d4:38:55:af:8a:07:5b:84:84:67:bf:bc:8a:
28:e7:1b:e0:ff:1b:f4:18:ed:29:cc:04:12:bd:14:
c7:07:42:d1:33:0f:e6:07:36:a2:d9:13:86:84:73:
d3:57:1a:2c:49:79:09:5c:02:17:4b:76:c6:65:09:
e1:49:09:06:66:43:42:7a:b5:3e:06:94:d6:f3:ac:
90:88:c5:74:2a:6b:9a:61:d4:49:53:f5:a4:05:d5:
56:1f:f2:87:6e:ea:f7:9b:ad:32:5b:08:10:f1:df:
a6:bd:a0:a2:87:fe:c1:96:b0:ab:7e:12:5f:3b:09:
03:85:f6:9e:ba:88:03:dc:63:00:18:b6:74:3e:21:
4c:cd:2a:b7:cd:80:01:7e:21:d2:7b:92:f0:48:f7:
38:85:d3:f0:8a:52:92:41:ec:13:51:75:fd:37:b5:
ad:4a:db:a9:56:50:79:39:5f:fc:cf:01:4a:27:c6:
c4:88:d8:1e:00:cb:c6:eb:d3:da:f2:85:6d:f5:99:
d1:ee:c9:17:e0:d5:14:99:8d:b9:9f:9a:d4:10:3b:
99:16:b9:98:48:21:b6:70:bb:d8:e8:31:b1:6a:bf:
5e:05:25:b8:b8:eb:b2:de:2b:c6:72:06:2c:03:86:
24:9e:37:51:b9:ed:69:82:0e:b2:00:34:b2:59:91:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:10:B2:E0:EB:5C:BF:47:AE:80:8E:87:C2:5D:6E:E6:3A:9A:1D:86
X509v3 Authority Key Identifier:
keyid:45:5C:D5:0D:82:95:84:99:FD:AF:CB:0A:DF:10:25:1F:4C:AB:3E:2D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/RVzVDYKVhJn9r8sK3xAlH0yrPi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RVzVDYKVhJn9r8sK3xAlH0yrPi0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BEYONDORBIT/yhCy4Otcv0eugI6Hwl1u5jqaHYY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.132.44.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:94:b5:d8:d5:9f:d7:ed:db:eb:94:23:4c:24:5b:c2:27:68:
2c:23:b4:77:9e:8b:36:f6:84:f5:3e:33:b7:81:5b:6c:8f:b9:
d7:29:40:2b:1c:b2:3c:53:fa:51:41:f6:8b:fd:a5:fc:97:2a:
a1:db:d1:c8:14:53:ef:0a:0f:6d:12:3c:84:a8:0a:23:81:fa:
c1:6a:69:79:45:3b:58:45:cf:68:fa:ab:53:7a:11:ba:f3:c8:
22:d7:2f:24:58:30:96:95:da:09:b8:91:d0:67:cb:d8:44:55:
ad:a4:c7:ac:25:81:51:1c:f7:4c:9b:06:5d:3e:f2:5a:dc:29:
dd:fa:8c:a3:f4:a4:a3:1e:64:20:93:81:38:dd:54:55:7f:cf:
78:03:39:2c:e8:a1:27:b9:43:7a:97:f2:ba:e1:a2:fa:df:76:
31:ec:79:df:26:06:cc:f6:18:75:f9:53:a2:c7:7d:5b:ae:69:
eb:37:b2:f1:06:37:bb:41:cd:2f:b4:32:df:97:f7:d6:ac:1d:
6d:0a:38:db:0e:7d:b2:97:48:f8:55:15:7c:28:3a:e4:97:02:
59:38:a7:e0:e5:6e:30:f1:5b:25:c9:32:56:c1:cc:65:78:6a:
ba:7d:9c:19:d3:67:08:c1:33:ba:7d:9e:81:57:5d:ce:21:15:
c3:1e:d7:3c
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgICDDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU1
Q0Q1MEQ4Mjk1ODQ5OUZEQUZDQjBBREYxMDI1MUY0Q0FCM0UyRDAeFw0yMDA5Mjkw
OTU5MDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENBMTBCMkUwRUI1Q0JG
NDdBRTgwOEU4N0MyNUQ2RUU2M0E5QTFEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDR1DhVr4oHW4SEZ7+8iijnG+D/G/QY7SnMBBK9FMcHQtEzD+YH
NqLZE4aEc9NXGixJeQlcAhdLdsZlCeFJCQZmQ0J6tT4GlNbzrJCIxXQqa5ph1ElT
9aQF1VYf8odu6vebrTJbCBDx36a9oKKH/sGWsKt+El87CQOF9p66iAPcYwAYtnQ+
IUzNKrfNgAF+IdJ7kvBI9ziF0/CKUpJB7BNRdf03ta1K26lWUHk5X/zPAUonxsSI
2B4Ay8br09ryhW31mdHuyRfg1RSZjbmfmtQQO5kWuZhIIbZwu9joMbFqv14FJbi4
67LeK8ZyBiwDhiSeN1G57WmCDrIANLJZkcCNAgMBAAGjggH4MIIB9DAdBgNVHQ4E
FgQUyhCy4Otcv0eugI6Hwl1u5jqaHYYwHwYDVR0jBBgwFoAURVzVDYKVhJn9r8sK
3xAlH0yrPi0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBhBgNVHR8EWjBYMFag
VKBShlByc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQkVZT05E
T1JCSVQvUlZ6VkRZS1ZoSm45cjhzSzN4QWxIMHlyUGkwLmNybDBgBggrBgEFBQcB
AQRUMFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kv
VFdOSUNDQS9SVnpWRFlLVmhKbjlyOHNLM3hBbEgweXJQaTAuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBoQYIKwYBBQUHAQsEgZQwgZEwXAYIKwYBBQUHMAuGUHJzeW5jOi8v
cnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CRVlPTkRPUkJJVC95aEN5NE90
Y3YwZXVnSTZId2wxdTVqcWFIWVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jy
ZHAudHduaWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ4QsMA0GCSqGSIb3DQEBCwUAA4IBAQCflLXY1Z/X7dvrlCNMJFvC
J2gsI7R3nos29oT1PjO3gVtsj7nXKUArHLI8U/pRQfaL/aX8lyqh29HIFFPvCg9t
EjyEqAojgfrBaml5RTtYRc9o+qtTehG688gi1y8kWDCWldoJuJHQZ8vYRFWtpMes
JYFRHPdMmwZdPvJa3Cnd+oyj9KSjHmQgk4E43VRVf894Azks6KEnuUN6l/K64aL6
33Yx7HnfJgbM9hh1+VOix31brmnrN7LxBje7Qc0vtDLfl/fWrB1tCjjbDn2yl0j4
VRV8KDrklwJZOKfg5W4w8VslyTJWwcxleGq6fZwZ02cIwTO6fZ6BV13OIRXDHtc8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org