Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CLOUDWALK/D34hH4GRa56rDO19aKhb_5w-hm4.roa
File: D34hH4GRa56rDO19aKhb_5w-hm4.roa (raw, json)
Hash identifier: phkeFsnraOY8Y8DdH8E8C4wA60hVGMnf/zUMpgOZaO4=
Subject key identifier: 0F:7E:21:1F:81:91:6B:9E:AB:0C:ED:7D:68:A8:5B:FF:9C:3E:86:6E
Certificate issuer: /CN=A39E4FC057049E0560E61D3969D13A5E2F11ACD2
Certificate serial: F0
Authority key identifier: A3:9E:4F:C0:57:04:9E:05:60:E6:1D:39:69:D1:3A:5E:2F:11:AC:D2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/o55PwFcEngVg5h05adE6Xi8RrNI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDWALK/D34hH4GRa56rDO19aKhb_5w-hm4.roa
Signing time: Wed 04 Sep 2024 09:16:37 +0000
ROA not before: Wed 04 Sep 2024 09:16:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 2401:3a20::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A39E4FC057049E0560E61D3969D13A5E2F11ACD2
Validity
Not Before: Sep 4 09:16:37 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0F7E211F81916B9EAB0CED7D68A85BFF9C3E866E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:35:d0:3f:63:98:4f:67:e4:2b:fe:a8:9a:48:
25:62:51:b1:d8:2a:cf:ed:aa:a7:56:3b:0a:f7:60:
b6:eb:93:bd:b1:83:ca:74:50:4a:f7:58:5e:2d:14:
b4:fa:87:31:d1:d6:d4:93:6f:d2:06:43:c9:a1:18:
ad:1c:99:93:1c:26:c2:0a:0f:5b:dc:68:80:a2:37:
70:b6:cb:95:bc:79:7a:a4:a8:fe:0d:11:87:b7:4d:
7e:35:fe:ea:9c:f0:2b:55:cb:6a:6b:c2:27:84:05:
9e:70:55:c3:2f:9e:51:0c:bc:9e:ee:77:5b:cf:dc:
c0:d4:12:8f:fd:c5:97:69:27:6c:28:5e:06:b8:00:
51:77:98:0e:c9:f2:0c:4e:40:cc:60:ac:3b:b7:b8:
c2:42:1d:e0:5b:bd:81:db:65:5e:ae:0d:13:27:7e:
b3:71:5c:95:68:0a:47:5f:71:bc:be:e4:db:57:7b:
f0:20:d6:44:54:0c:77:2b:10:b5:7b:a3:d7:45:40:
49:c1:15:ba:61:53:0b:36:ce:c6:ff:22:20:4e:9a:
dc:38:5f:fb:28:d4:94:3f:14:41:f3:b3:cd:97:32:
42:21:1e:30:59:cd:6b:b9:df:c0:03:18:6f:7e:f2:
84:01:8e:1e:c8:50:6a:9a:32:49:45:f0:4d:73:b3:
0c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7E:21:1F:81:91:6B:9E:AB:0C:ED:7D:68:A8:5B:FF:9C:3E:86:6E
X509v3 Authority Key Identifier:
keyid:A3:9E:4F:C0:57:04:9E:05:60:E6:1D:39:69:D1:3A:5E:2F:11:AC:D2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDWALK/o55PwFcEngVg5h05adE6Xi8RrNI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/o55PwFcEngVg5h05adE6Xi8RrNI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CLOUDWALK/D34hH4GRa56rDO19aKhb_5w-hm4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3a20::/32
Signature Algorithm: sha256WithRSAEncryption
72:55:d4:cf:e6:16:7c:fe:a0:94:63:2c:5f:a3:07:10:be:d8:
6d:4c:82:3e:2d:81:3e:8e:96:13:fd:5c:76:b7:db:01:93:a2:
80:51:78:bd:35:5f:1b:0a:57:e3:0c:bb:35:4d:52:62:78:1e:
1a:25:d6:5b:0e:2b:b3:bf:7d:b1:00:94:5a:de:99:f3:ba:70:
56:23:11:21:ab:7d:79:ea:c6:f5:86:e3:90:99:21:1e:48:a1:
c0:f2:9e:86:f2:21:29:ce:89:6c:aa:dd:06:70:4c:f9:2f:17:
7b:33:28:22:e9:f2:18:1f:61:09:08:af:e6:e9:0b:46:5f:4b:
92:58:2a:24:c4:18:0d:68:d0:57:2b:46:17:65:65:68:1e:4c:
83:cf:dd:5a:cd:05:19:49:f8:55:0f:ce:68:c5:a3:fa:92:b2:
55:a7:17:2a:f3:99:37:76:2b:cd:29:11:eb:42:be:0d:69:1f:
00:b5:cf:56:68:3b:9b:8e:f4:2a:54:07:29:61:e4:c5:bd:58:
f1:66:f2:b5:db:c0:d6:14:6a:a5:d1:78:61:b3:10:5d:4f:2e:
46:e0:a9:b5:ae:12:b5:ce:de:7f:dc:9d:b3:db:f7:27:7c:29:
45:03:84:b6:14:7a:ea:16:d0:6e:41:e8:7a:9d:11:8c:73:7e:
95:d4:13:d8
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTM5
RTRGQzA1NzA0OUUwNTYwRTYxRDM5NjlEMTNBNUUyRjExQUNEMjAeFw0yNDA5MDQw
OTE2MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGN0UyMTFGODE5MTZC
OUVBQjBDRUQ3RDY4QTg1QkZGOUMzRTg2NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6NdA/Y5hPZ+Qr/qiaSCViUbHYKs/tqqdWOwr3YLbrk72xg8p0
UEr3WF4tFLT6hzHR1tSTb9IGQ8mhGK0cmZMcJsIKD1vcaICiN3C2y5W8eXqkqP4N
EYe3TX41/uqc8CtVy2prwieEBZ5wVcMvnlEMvJ7ud1vP3MDUEo/9xZdpJ2woXga4
AFF3mA7J8gxOQMxgrDu3uMJCHeBbvYHbZV6uDRMnfrNxXJVoCkdfcby+5NtXe/Ag
1kRUDHcrELV7o9dFQEnBFbphUws2zsb/IiBOmtw4X/so1JQ/FEHzs82XMkIhHjBZ
zWu538ADGG9+8oQBjh7IUGqaMklF8E1zswwPAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUD34hH4GRa56rDO19aKhb/5w+hm4wHwYDVR0jBBgwFoAUo55PwFcEngVg5h05
adE6Xi8RrNIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0xPVURX
QUxLL281NVB3RmNFbmdWZzVoMDVhZEU2WGk4UnJOSS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvbzU1UHdGY0VuZ1ZnNWgwNWFkRTZYaThSck5JLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0xPVURXQUxLL0QzNGhINEdSYTU2
ckRPMTlhS2hiXzV3LWhtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAkATogMA0GCSqGSIb3DQEBCwUAA4IBAQByVdTP5hZ8/qCUYyxfowcQvtht
TII+LYE+jpYT/Vx2t9sBk6KAUXi9NV8bClfjDLs1TVJieB4aJdZbDiuzv32xAJRa
3pnzunBWIxEhq3156sb1huOQmSEeSKHA8p6G8iEpzolsqt0GcEz5Lxd7Mygi6fIY
H2EJCK/m6QtGX0uSWCokxBgNaNBXK0YXZWVoHkyDz91azQUZSfhVD85oxaP6krJV
pxcq85k3divNKRHrQr4NaR8Atc9WaDubjvQqVAcpYeTFvVjxZvK128DWFGql0Xhh
sxBdTy5G4Km1rhK1zt5/3J2z2/cnfClFA4S2FHrqFtBuQeh6nRGMc36V1BPY
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:31 2025 by rpki-client