Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/-SNjUXjEUkzA5W37XahM3NdibYQ.roa
File: -SNjUXjEUkzA5W37XahM3NdibYQ.roa (raw, json)
Hash identifier: c51DlMVBR2bPFEDn4HzbJNVGrkEAz34fuLxdspZtT7w=
Subject key identifier: F9:23:63:51:78:C4:52:4C:C0:E5:6D:FB:5D:A8:4C:DC:D7:62:6D:84
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 08AF
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/-SNjUXjEUkzA5W37XahM3NdibYQ.roa
Signing time: Sun 07 Feb 2021 12:48:34 +0000
ROA not before: Sun 07 Feb 2021 12:48:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.121.178.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2223 (0x8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Feb 7 12:48:34 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F923635178C4524CC0E56DFB5DA84CDCD7626D84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:76:00:86:2a:75:8c:f8:fa:8c:6f:09:6d:c5:
c4:9e:5f:e7:6a:e4:d9:e4:63:78:03:a8:31:7d:45:
87:57:1e:76:a5:22:85:d2:a5:63:bb:96:5c:21:49:
eb:9c:cc:ff:fb:a5:78:2b:57:be:14:28:b1:7e:b1:
39:3d:8a:d0:a9:61:a9:6b:57:a1:d9:39:b5:80:84:
12:f1:98:31:c3:89:11:4a:50:48:d5:87:cf:a4:42:
88:cf:8b:f0:6b:2a:ed:b1:73:5e:e0:70:65:6b:14:
21:f6:d3:45:a9:f7:a3:6b:88:83:39:f8:28:ab:42:
83:44:02:5f:3c:21:5b:2d:38:26:c5:75:fa:c0:48:
6f:82:0b:f3:41:79:c7:59:ed:8a:16:9f:7d:ad:2f:
c8:d3:4d:b7:6d:be:3f:8f:d5:f7:34:3a:fe:4f:57:
39:98:84:e6:fd:8e:9e:ad:d9:a9:2d:b4:92:5b:3a:
e3:f9:17:93:71:1e:7b:aa:74:7b:2d:45:79:22:34:
84:62:09:a6:02:60:8e:07:91:b0:f1:97:ca:72:08:
b4:9a:09:48:39:79:88:70:61:bc:eb:06:e3:1f:51:
8d:a3:3c:37:17:9e:bf:40:07:74:72:b5:9c:f9:15:
2c:a3:14:df:6b:20:3f:a4:06:19:62:a1:9d:d2:59:
7d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:23:63:51:78:C4:52:4C:C0:E5:6D:FB:5D:A8:4C:DC:D7:62:6D:84
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/-SNjUXjEUkzA5W37XahM3NdibYQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.178.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:d2:71:34:ea:08:87:08:63:c9:58:f7:6d:31:b7:fc:49:54:
11:eb:56:d6:04:19:15:52:ea:3c:bd:a5:19:a2:b0:0a:bd:c2:
2b:e7:54:ec:8a:29:3b:7c:00:ab:85:a1:07:23:73:fe:38:6e:
31:f2:f1:4a:3d:ac:35:c3:b5:e7:9c:8f:a2:f7:4d:56:b6:3e:
d3:b2:46:92:a8:8a:db:63:64:61:5d:8b:a1:82:dc:06:fd:b6:
81:6e:7a:df:70:a9:d9:39:8e:ca:29:70:5d:47:37:d2:5b:c7:
3c:cc:1e:f9:b4:42:61:44:03:3d:97:aa:c6:f5:2f:09:09:da:
c1:40:58:38:2c:60:22:62:7b:9d:bb:aa:76:a4:04:77:22:48:
97:78:b6:8d:9b:99:8e:54:87:0a:13:4e:eb:06:18:b3:80:85:
48:47:80:2d:76:75:5b:c8:6c:4f:dd:fb:4a:a1:f1:53:8e:4a:
08:7f:b0:03:c3:78:93:00:99:f6:ef:d2:be:ab:80:ae:a9:1d:
71:76:eb:5b:a0:a3:e6:3f:4f:2c:c4:b1:d6:fa:60:4d:92:da:
df:77:65:af:d3:db:14:cd:0a:c2:4a:3e:29:09:19:94:09:e5:
7d:14:c1:cf:c3:16:d0:be:21:05:23:58:50:63:d8:c0:9c:fc:
c9:ad:44:2e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMTAyMDcx
MjQ4MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY5MjM2MzUxNzhDNDUy
NENDMEU1NkRGQjVEQTg0Q0RDRDc2MjZEODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTdgCGKnWM+PqMbwltxcSeX+dq5NnkY3gDqDF9RYdXHnalIoXS
pWO7llwhSeuczP/7pXgrV74UKLF+sTk9itCpYalrV6HZObWAhBLxmDHDiRFKUEjV
h8+kQojPi/BrKu2xc17gcGVrFCH200Wp96NriIM5+CirQoNEAl88IVstOCbFdfrA
SG+CC/NBecdZ7YoWn32tL8jTTbdtvj+P1fc0Ov5PVzmYhOb9jp6t2akttJJbOuP5
F5NxHnuqdHstRXkiNIRiCaYCYI4HkbDxl8pyCLSaCUg5eYhwYbzrBuMfUY2jPDcX
nr9AB3RytZz5FSyjFN9rID+kBhlioZ3SWX3VAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU+SNjUXjEUkzA5W37XahM3NdibYQwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy8tU05qVVhqRVVrekE1
VzM3WGFoTTNOZGliWVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3myMA0GCSqGSIb3DQEBCwUAA4IBAQAM0nE06giHCGPJWPdtMbf8SVQR61bW
BBkVUuo8vaUZorAKvcIr51Tsiik7fACrhaEHI3P+OG4x8vFKPaw1w7XnnI+i901W
tj7TskaSqIrbY2RhXYuhgtwG/baBbnrfcKnZOY7KKXBdRzfSW8c8zB75tEJhRAM9
l6rG9S8JCdrBQFg4LGAiYnudu6p2pAR3IkiXeLaNm5mOVIcKE07rBhizgIVIR4At
dnVbyGxP3ftKofFTjkoIf7ADw3iTAJn279K+q4CuqR1xdutboKPmP08sxLHW+mBN
ktrfd2Wv09sUzQrCSj4pCRmUCeV9FMHPwxbQviEFI1hQY9jAnPzJrUQu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org