Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHAIJIN/YGOd5z1R01CW1mZxHFhrLNdaX4g.roa
File: YGOd5z1R01CW1mZxHFhrLNdaX4g.roa (raw, json)
Hash identifier: RFMxZkMVXWjCeZzjpnmpJ+/LR2onAX8j+Nh7X/eUOGY=
Subject key identifier: 60:63:9D:E7:3D:51:D3:50:96:D6:66:71:1C:58:6B:2C:D7:5A:5F:88
Certificate issuer: /CN=11465FC34A08781329C48823F49104765B5C333B
Certificate serial: 0105
Authority key identifier: 11:46:5F:C3:4A:08:78:13:29:C4:88:23:F4:91:04:76:5B:5C:33:3B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EUZfw0oIeBMpxIgj9JEEdltcMzs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHAIJIN/YGOd5z1R01CW1mZxHFhrLNdaX4g.roa
Signing time: Fri 14 Oct 2022 08:31:17 +0000
ROA not before: Fri 14 Oct 2022 08:31:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17718
IP address blocks: 103.174.154.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261 (0x105)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11465FC34A08781329C48823F49104765B5C333B
Validity
Not Before: Oct 14 08:31:17 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=60639DE73D51D35096D666711C586B2CD75A5F88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:1c:96:34:4d:85:69:3a:a1:6f:34:24:10:
0d:d4:c6:f4:0d:89:53:2c:e3:9b:4b:bd:48:b9:38:
db:4d:52:26:23:f0:a9:23:e3:a3:2e:0c:c0:15:a9:
3a:f9:b0:b9:40:a2:9f:84:bd:32:3e:73:40:c3:da:
d3:74:95:06:a3:dd:71:65:88:45:e7:68:ec:55:d8:
bb:cb:66:bd:79:d1:84:b2:f2:53:d8:64:1b:58:65:
6b:5a:de:db:e5:f6:ea:a9:07:5d:50:80:bc:28:a4:
6f:70:16:fb:de:2d:6d:8b:e5:6a:98:30:e2:27:4d:
b2:d0:fc:9b:34:34:24:79:78:5e:73:c1:28:20:ea:
f0:69:2d:a7:63:74:1b:6e:67:a5:65:10:a0:96:f2:
c7:9a:9d:82:2d:b6:b2:42:5d:cc:04:6f:72:25:7d:
7f:b6:72:8c:93:ee:cd:f5:34:bc:01:17:62:1b:64:
1d:18:b9:5f:08:cd:74:36:0c:3c:b7:49:a6:b5:d4:
5a:87:fc:c7:71:92:cd:c7:cd:da:6e:d9:7d:51:b4:
8b:6d:a4:95:1a:02:6e:23:e3:9c:56:b4:63:2d:e2:
96:96:51:70:e5:36:29:69:9a:c9:d8:0e:3b:ff:c7:
db:af:b6:81:26:0d:73:ee:e4:c1:c3:cc:de:b3:5f:
5a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:63:9D:E7:3D:51:D3:50:96:D6:66:71:1C:58:6B:2C:D7:5A:5F:88
X509v3 Authority Key Identifier:
keyid:11:46:5F:C3:4A:08:78:13:29:C4:88:23:F4:91:04:76:5B:5C:33:3B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHAIJIN/EUZfw0oIeBMpxIgj9JEEdltcMzs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EUZfw0oIeBMpxIgj9JEEdltcMzs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHAIJIN/YGOd5z1R01CW1mZxHFhrLNdaX4g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.154.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:42:b1:16:c9:8a:9f:ea:a0:67:27:d4:33:36:48:bd:d8:12:
6e:b8:80:fc:47:d9:35:47:40:92:93:07:57:55:e0:b9:70:1e:
0b:6d:d6:62:25:96:97:90:2d:d6:34:f2:b7:f1:c5:fc:d1:93:
de:e4:70:a6:2f:8b:6a:a4:da:4b:e7:85:16:91:81:1f:68:d4:
57:e1:ac:60:61:66:27:d3:22:78:96:63:80:a1:cb:42:cd:92:
59:f7:b6:d0:a0:e6:ff:7c:ee:7b:b6:8c:04:b8:56:09:a6:cb:
52:2a:34:f6:cb:c0:8a:8f:59:bc:aa:5f:9c:c6:d6:fd:34:28:
70:9b:7b:f4:8b:a0:61:64:a7:ca:91:84:10:ae:9c:a6:2c:c3:
b8:d4:29:5b:ee:27:c6:ea:de:a4:ff:52:b0:48:b3:4c:43:d7:
9c:19:82:a2:3f:74:2f:cf:c4:55:63:68:f1:24:01:82:71:57:
22:7e:f3:08:2a:af:93:21:d7:28:7f:44:34:4d:fa:ca:86:ab:
14:c7:59:a7:3b:c5:d8:85:1c:07:db:7e:3b:67:2e:28:d7:05:
2e:84:46:a7:ab:5b:c8:93:c9:b8:e0:36:8a:1a:b0:fb:33:c6:
80:e1:8a:e7:4c:21:a0:29:c3:cd:db:76:a0:47:a7:34:cf:db:
3b:91:d0:ce
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTE0
NjVGQzM0QTA4NzgxMzI5QzQ4ODIzRjQ5MTA0NzY1QjVDMzMzQjAeFw0yMjEwMTQw
ODMxMTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYwNjM5REU3M0Q1MUQz
NTA5NkQ2NjY3MTFDNTg2QjJDRDc1QTVGODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2BRyWNE2FaTqhbzQkEA3UxvQNiVMs45tLvUi5ONtNUiYj8Kkj
46MuDMAVqTr5sLlAop+EvTI+c0DD2tN0lQaj3XFliEXnaOxV2LvLZr150YSy8lPY
ZBtYZWta3tvl9uqpB11QgLwopG9wFvveLW2L5WqYMOInTbLQ/Js0NCR5eF5zwSgg
6vBpLadjdBtuZ6VlEKCW8seanYIttrJCXcwEb3IlfX+2coyT7s31NLwBF2IbZB0Y
uV8IzXQ2DDy3Saa11FqH/Mdxks3Hzdpu2X1RtIttpJUaAm4j45xWtGMt4paWUXDl
NilpmsnYDjv/x9uvtoEmDXPu5MHDzN6zX1rtAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUYGOd5z1R01CW1mZxHFhrLNdaX4gwHwYDVR0jBBgwFoAUEUZfw0oIeBMpxIgj
9JEEdltcMzswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hBSUpJ
Ti9FVVpmdzBvSWVCTXB4SWdqOUpFRWRsdGNNenMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0VVWmZ3MG9JZUJNcHhJZ2o5SkVFZGx0Y016cy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NIQUlKSU4vWUdPZDV6MVIwMUNXMW1a
eEhGaHJMTmRhWDRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWeumjANBgkqhkiG9w0BAQsFAAOCAQEAnEKxFsmKn+qgZyfUMzZIvdgSbriA/EfZ
NUdAkpMHV1XguXAeC23WYiWWl5At1jTyt/HF/NGT3uRwpi+LaqTaS+eFFpGBH2jU
V+GsYGFmJ9MieJZjgKHLQs2SWfe20KDm/3zue7aMBLhWCabLUio09svAio9ZvKpf
nMbW/TQocJt79IugYWSnypGEEK6cpizDuNQpW+4nxurepP9SsEizTEPXnBmCoj90
L8/EVWNo8SQBgnFXIn7zCCqvkyHXKH9ENE36yoarFMdZpzvF2IUcB9t+O2cuKNcF
LoRGp6tbyJPJuOA2ihqw+zPGgOGK50whoCnDzdt2oEenNM/bO5HQzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org