Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FANTASIA/M6txBHB5CepAlrWcwf3JsV-CuB0.roa
File: M6txBHB5CepAlrWcwf3JsV-CuB0.roa (raw, json)
Hash identifier: 7W5NO+5uUxTt0ik2P1v/qcAZAAau2KMGPP00Mt/JMIE=
Subject key identifier: 33:AB:71:04:70:79:09:EA:40:96:B5:9C:C1:FD:C9:B1:5F:82:B8:1D
Certificate issuer: /CN=5B6B6F9DD4E2976144344002CF16293A0CA0A7D5
Certificate serial: F1
Authority key identifier: 5B:6B:6F:9D:D4:E2:97:61:44:34:40:02:CF:16:29:3A:0C:A0:A7:D5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/W2tvndTil2FENEACzxYpOgygp9U.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASIA/M6txBHB5CepAlrWcwf3JsV-CuB0.roa
Signing time: Tue 06 Aug 2024 03:41:05 +0000
ROA not before: Tue 06 Aug 2024 03:41:05 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131642
IP address blocks: 2401:28e0::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241 (0xf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5B6B6F9DD4E2976144344002CF16293A0CA0A7D5
Validity
Not Before: Aug 6 03:41:05 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=33AB7104707909EA4096B59CC1FDC9B15F82B81D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:20:da:b8:18:41:b5:80:68:97:fc:df:9b:
46:0c:96:f8:30:bc:10:7d:0a:06:04:98:79:ca:95:
d7:be:aa:48:82:0f:a4:f1:ff:d2:93:96:45:e1:91:
cb:2c:70:ed:88:1b:47:2d:83:3d:39:b0:d4:8f:46:
6f:33:81:5c:a6:f8:8e:91:ad:e5:15:ef:9c:15:41:
97:0d:7a:17:4e:89:6a:2c:fa:f4:e2:8e:e8:e6:6f:
b7:14:82:72:89:02:87:e8:1b:52:62:21:50:77:1d:
25:59:b0:86:ca:62:06:2b:f3:6c:b9:9f:ba:0d:70:
f5:42:b8:05:08:7c:ec:69:33:84:14:76:c2:db:d4:
a0:26:7d:5e:3c:8a:2b:75:c5:9f:3c:b3:bb:e2:a2:
1b:75:fa:c0:00:bf:f5:d5:66:54:92:b2:b0:a7:25:
9d:44:02:3e:63:b6:98:c7:b2:b0:39:1d:32:f5:83:
02:9f:a5:d0:44:e3:e1:00:bd:78:90:22:6d:44:34:
6d:35:58:84:96:7b:0f:0c:34:33:fa:c0:ff:91:0e:
3b:9a:e5:93:1f:42:53:b8:5c:93:b2:35:2f:7c:f0:
2f:70:47:51:1c:f5:d0:0c:ee:1b:b0:42:b3:cb:74:
38:da:53:0b:7e:53:ba:eb:87:7c:9e:a3:53:6a:55:
65:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AB:71:04:70:79:09:EA:40:96:B5:9C:C1:FD:C9:B1:5F:82:B8:1D
X509v3 Authority Key Identifier:
keyid:5B:6B:6F:9D:D4:E2:97:61:44:34:40:02:CF:16:29:3A:0C:A0:A7:D5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASIA/W2tvndTil2FENEACzxYpOgygp9U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/W2tvndTil2FENEACzxYpOgygp9U.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FANTASIA/M6txBHB5CepAlrWcwf3JsV-CuB0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:28e0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:21:5e:ed:71:d3:ee:9d:ca:62:d4:45:cb:37:0e:a0:12:cf:
d9:1f:b4:f6:a0:0c:86:92:a4:26:3f:fe:ff:ec:95:5b:7d:1a:
ea:33:05:60:c5:fd:75:6d:e0:c0:ba:a3:7c:db:66:5e:53:f0:
7e:7d:91:62:01:97:2c:f7:9d:ec:a2:06:59:6d:91:5d:ef:6a:
88:9b:1a:fb:d0:21:a7:5b:04:57:f4:c1:d1:5f:14:d8:91:ad:
d3:3c:a0:8c:c9:87:44:6b:f8:ec:bf:ae:c2:a3:b9:08:9a:56:
01:58:41:f3:6b:81:73:c2:e8:71:e0:b8:c5:d1:be:51:50:8b:
ee:29:13:6d:4d:17:5b:09:86:b6:d5:b0:62:23:28:7f:91:54:
f1:64:a7:37:e9:df:e8:21:2b:05:17:c2:dd:f8:b3:7f:1d:02:
c1:62:14:de:ae:44:b6:21:f2:c7:50:cf:39:67:ba:7d:bf:ff:
9f:93:2e:cb:bf:5d:46:7c:7f:6f:31:96:45:97:ce:c6:82:04:
56:e7:7a:c2:89:88:c5:ce:53:b1:e2:15:0a:21:5d:34:49:f1:
ab:3d:02:0b:3f:28:43:14:78:a6:08:02:60:99:39:31:3c:a6:
20:bb:86:21:0b:e7:c2:de:09:26:ce:60:ea:41:0a:01:fa:16:
04:53:b0:c5
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUI2
QjZGOURENEUyOTc2MTQ0MzQ0MDAyQ0YxNjI5M0EwQ0EwQTdENTAeFw0yNDA4MDYw
MzQxMDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMzQUI3MTA0NzA3OTA5
RUE0MDk2QjU5Q0MxRkRDOUIxNUY4MkI4MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTCCDauBhBtYBol/zfm0YMlvgwvBB9CgYEmHnKlde+qkiCD6Tx
/9KTlkXhkcsscO2IG0ctgz05sNSPRm8zgVym+I6RreUV75wVQZcNehdOiWos+vTi
jujmb7cUgnKJAofoG1JiIVB3HSVZsIbKYgYr82y5n7oNcPVCuAUIfOxpM4QUdsLb
1KAmfV48iit1xZ88s7vioht1+sAAv/XVZlSSsrCnJZ1EAj5jtpjHsrA5HTL1gwKf
pdBE4+EAvXiQIm1ENG01WISWew8MNDP6wP+RDjua5ZMfQlO4XJOyNS988C9wR1Ec
9dAM7huwQrPLdDjaUwt+U7rrh3yeo1NqVWX1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUM6txBHB5CepAlrWcwf3JsV+CuB0wHwYDVR0jBBgwFoAUW2tvndTil2FENEAC
zxYpOgygp9UwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkFOVEFT
SUEvVzJ0dm5kVGlsMkZFTkVBQ3p4WXBPZ3lncDlVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9XMnR2bmRUaWwyRkVORUFDenhZcE9neWdwOVUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GQU5UQVNJQS9NNnR4QkhCNUNlcEFs
cldjd2YzSnNWLUN1QjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAEo4DANBgkqhkiG9w0BAQsFAAOCAQEAnCFe7XHT7p3KYtRFyzcOoBLP2R+0
9qAMhpKkJj/+/+yVW30a6jMFYMX9dW3gwLqjfNtmXlPwfn2RYgGXLPed7KIGWW2R
Xe9qiJsa+9Ahp1sEV/TB0V8U2JGt0zygjMmHRGv47L+uwqO5CJpWAVhB82uBc8Lo
ceC4xdG+UVCL7ikTbU0XWwmGttWwYiMof5FU8WSnN+nf6CErBRfC3fizfx0CwWIU
3q5EtiHyx1DPOWe6fb//n5Muy79dRnx/bzGWRZfOxoIEVud6womIxc5TseIVCiFd
NEnxqz0CCz8oQxR4pggCYJk5MTymILuGIQvnwt4JJs5g6kEKAfoWBFOwxQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:34 2025 by rpki-client