Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/3WDDJ4YDv7ardPFNU1gV4XhUTWg.roa
File: 3WDDJ4YDv7ardPFNU1gV4XhUTWg.roa (raw, json)
Hash identifier: O7Do1oXvgvLb3TrR2bNQdMIohXtEZOiSa+tzQf70f88=
Subject key identifier: DD:60:C3:27:86:03:BF:B6:AB:74:F1:4D:53:58:15:E1:78:54:4D:68
Certificate issuer: /CN=165495E8D327E4F62D5A16438F080E608A34D0D3
Certificate serial: 0E60
Authority key identifier: 16:54:95:E8:D3:27:E4:F6:2D:5A:16:43:8F:08:0E:60:8A:34:D0:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FlSV6NMn5PYtWhZDjwgOYIo00NM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/3WDDJ4YDv7ardPFNU1gV4XhUTWg.roa
Signing time: Mon 26 Aug 2024 05:16:59 +0000
ROA not before: Mon 26 Aug 2024 05:16:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 64271
IP address blocks: 103.137.246.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3680 (0xe60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=165495E8D327E4F62D5A16438F080E608A34D0D3
Validity
Not Before: Aug 26 05:16:59 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DD60C3278603BFB6AB74F14D535815E178544D68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:82:8d:48:55:e3:8e:c5:56:33:57:d2:6b:13:
b1:98:74:38:33:63:44:05:8c:d6:b5:03:1d:61:c1:
96:f5:61:97:a0:c9:0b:83:96:1e:45:8c:ef:a2:3f:
ce:37:1a:40:b7:c0:f3:1e:43:66:dc:9c:e6:4b:c3:
54:1b:9a:65:1a:6a:99:cd:f2:57:4c:16:2f:b5:60:
8d:45:fc:66:40:57:e1:e6:ba:aa:7f:a9:80:84:94:
df:20:fe:a5:fa:47:f7:03:c9:14:02:88:e0:ee:91:
b7:4b:b7:59:ee:a2:3d:94:4b:7c:7c:50:09:c9:a8:
e0:36:2d:81:ae:49:35:ee:ba:78:0f:5c:1d:12:0a:
40:11:b0:0a:b2:76:60:c2:a8:41:42:2e:31:8d:3c:
8f:0e:7b:d7:c3:7e:2b:b7:f0:2c:53:7b:06:00:2a:
91:bf:7b:d5:c1:26:3d:69:24:f9:6a:3d:ff:7b:22:
87:cd:0b:ca:d4:dc:f8:72:e1:66:e4:55:ec:b2:a6:
82:c7:59:79:7f:77:2e:4f:38:d3:3a:bb:cb:38:23:
5e:26:1c:94:b6:57:02:64:e8:31:11:67:93:bd:0b:
64:5c:27:33:f0:a2:87:03:51:39:ce:9a:31:c0:5d:
74:db:63:71:54:3e:98:e6:e6:6f:c8:d7:4f:41:3b:
14:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:60:C3:27:86:03:BF:B6:AB:74:F1:4D:53:58:15:E1:78:54:4D:68
X509v3 Authority Key Identifier:
keyid:16:54:95:E8:D3:27:E4:F6:2D:5A:16:43:8F:08:0E:60:8A:34:D0:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/FlSV6NMn5PYtWhZDjwgOYIo00NM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FlSV6NMn5PYtWhZDjwgOYIo00NM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GAMESOUL/3WDDJ4YDv7ardPFNU1gV4XhUTWg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.246.0/23
Signature Algorithm: sha256WithRSAEncryption
cd:40:44:07:3f:9a:20:c2:ac:20:68:7e:fd:b3:70:fb:5a:67:
89:83:41:e5:ef:7a:3a:b9:c1:4f:49:07:e8:bb:9a:31:c7:c3:
a4:d0:d7:17:15:42:6d:21:fa:4b:5e:61:5f:0e:6b:41:20:fa:
2d:4a:9a:77:f4:31:ed:2f:ca:41:b5:4f:77:4e:56:aa:42:19:
d9:b5:c0:e6:d1:d2:13:21:23:f1:ec:11:47:06:16:fa:2b:96:
b4:33:e9:24:b1:97:ab:ca:43:75:36:1b:7d:c6:be:f0:db:f2:
f0:3e:45:01:c9:c9:b6:4b:75:15:ef:b9:4b:0c:cd:a9:55:38:
39:3c:5b:0f:fb:dc:cc:4b:1a:44:a9:6b:9d:f9:91:cc:19:12:
ee:f0:5b:b8:d0:e7:23:c0:d1:a8:16:4e:07:92:d1:c8:ab:66:
9f:db:be:34:24:8e:9a:5f:96:cc:60:d7:47:f7:1f:a8:55:e0:
66:0a:2e:de:d1:8e:f9:01:91:f0:6a:e8:17:b1:dc:60:fd:df:
2d:91:80:91:93:2a:bf:80:ee:df:cc:43:a9:4a:4d:70:af:79:
88:7b:c4:f9:5e:10:c6:2c:57:d5:12:32:e9:03:59:0c:c1:f9:
1c:91:b7:95:a7:5b:4c:c7:16:33:86:9e:aa:e4:3e:69:b0:3a:
9e:b4:30:32
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDmAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTY1
NDk1RThEMzI3RTRGNjJENUExNjQzOEYwODBFNjA4QTM0RDBEMzAeFw0yNDA4MjYw
NTE2NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERENjBDMzI3ODYwM0JG
QjZBQjc0RjE0RDUzNTgxNUUxNzg1NDRENjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVgo1IVeOOxVYzV9JrE7GYdDgzY0QFjNa1Ax1hwZb1YZegyQuD
lh5FjO+iP843GkC3wPMeQ2bcnOZLw1QbmmUaapnN8ldMFi+1YI1F/GZAV+Hmuqp/
qYCElN8g/qX6R/cDyRQCiODukbdLt1nuoj2US3x8UAnJqOA2LYGuSTXuungPXB0S
CkARsAqydmDCqEFCLjGNPI8Oe9fDfiu38CxTewYAKpG/e9XBJj1pJPlqPf97IofN
C8rU3Phy4WbkVeyypoLHWXl/dy5PONM6u8s4I14mHJS2VwJk6DERZ5O9C2RcJzPw
oocDUTnOmjHAXXTbY3FUPpjm5m/I109BOxQhAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3WDDJ4YDv7ardPFNU1gV4XhUTWgwHwYDVR0jBBgwFoAUFlSV6NMn5PYtWhZD
jwgOYIo00NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FNRVNP
VUwvRmxTVjZOTW41UFl0V2haRGp3Z09ZSW8wME5NLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9GbFNWNk5NbjVQWXRXaFpEandnT1lJbzAwTk0uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQU1FU09VTC8zV0RESjRZRHY3YXJk
UEZOVTFnVjRYaFVUV2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ4n2MA0GCSqGSIb3DQEBCwUAA4IBAQDNQEQHP5ogwqwgaH79s3D7WmeJg0Hl
73o6ucFPSQfou5oxx8Ok0NcXFUJtIfpLXmFfDmtBIPotSpp39DHtL8pBtU93Tlaq
QhnZtcDm0dITISPx7BFHBhb6K5a0M+kksZerykN1Nht9xr7w2/LwPkUBycm2S3UV
77lLDM2pVTg5PFsP+9zMSxpEqWud+ZHMGRLu8Fu40OcjwNGoFk4HktHIq2af2740
JI6aX5bMYNdH9x+oVeBmCi7e0Y75AZHwaugXsdxg/d8tkYCRkyq/gO7fzEOpSk1w
r3mIe8T5XhDGLFfVEjLpA1kMwfkckbeVp1tMxxYzhp6q5D5psDqetDAy
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:38:43 2025 by rpki-client