Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/8CJlrRcRNoOsorBpazyjF3eLTIE.roa
File: 8CJlrRcRNoOsorBpazyjF3eLTIE.roa (raw, json)
Hash identifier: acIVOrAmIIYzClxpG2htTZtF+r1kG8AdvPTMWHKPg2I=
Subject key identifier: F0:22:65:AD:17:11:36:83:AC:A2:B0:69:6B:3C:A3:17:77:8B:4C:81
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 08AD
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/8CJlrRcRNoOsorBpazyjF3eLTIE.roa
Signing time: Sun 07 Feb 2021 12:48:32 +0000
ROA not before: Sun 07 Feb 2021 12:48:32 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.121.177.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2221 (0x8ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Feb 7 12:48:32 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F02265AD17113683ACA2B0696B3CA317778B4C81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:ee:43:cd:a9:ef:17:bb:8b:ec:25:b4:c4:61:
db:0a:db:8f:c4:03:39:f3:98:05:2a:ce:f7:cb:00:
f1:cb:71:33:21:31:37:92:5b:95:2e:e8:4b:e5:d8:
c3:e6:33:46:b8:28:a1:da:97:0e:6e:19:f5:b4:56:
5e:b8:6a:a1:9a:60:1d:b8:a4:05:de:cc:3d:f7:f3:
da:72:3b:23:76:57:7d:79:45:7a:f1:6f:85:21:2d:
45:4d:07:63:46:f2:05:0a:18:5a:49:4d:31:d4:6a:
e4:95:d7:91:ff:18:37:2a:e8:dd:a7:7d:d1:67:17:
07:17:3c:1e:0c:6a:91:b2:b4:96:3e:0e:7c:06:21:
4f:ea:ac:7a:22:cb:1e:70:ff:fc:50:85:23:28:98:
4b:56:76:32:18:26:cf:37:0e:44:12:fb:3a:82:f9:
17:f4:2a:61:df:c4:e2:03:08:80:c7:5c:0c:3f:b3:
a6:50:fb:1c:56:5f:96:d4:0f:21:26:ba:fe:23:e6:
c6:b6:b7:de:76:bb:64:55:86:08:d5:fe:bc:62:7e:
17:23:57:44:3a:07:34:fd:9c:fe:ee:0f:81:c4:42:
b8:71:30:f5:d6:f8:f5:f9:88:81:0e:07:51:b1:98:
54:a4:4b:45:29:d4:d4:83:66:58:4a:2c:b2:0e:57:
7c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:22:65:AD:17:11:36:83:AC:A2:B0:69:6B:3C:A3:17:77:8B:4C:81
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/8CJlrRcRNoOsorBpazyjF3eLTIE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.177.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a6:46:d8:a6:83:7d:53:c5:ec:82:9c:6e:8a:4e:40:28:f1:
e0:99:5d:36:a1:12:aa:e1:51:77:a6:b0:92:e0:f8:77:06:24:
1a:90:32:45:b6:bd:ba:7c:75:4f:68:81:4b:33:67:33:ea:e6:
a7:e6:67:44:a0:11:0f:e0:be:e9:41:55:af:e0:2a:f2:16:e8:
9d:a2:24:a8:11:76:71:ca:96:db:a6:b9:ea:36:96:8c:6c:63:
f3:99:6a:4a:72:cb:44:c7:1f:18:7e:22:1b:42:ff:c2:19:78:
48:89:09:db:a5:db:d8:47:4a:1a:a5:9e:31:7a:c2:14:e3:34:
2a:23:b0:d8:fd:c7:0d:fd:7f:ab:24:c7:05:50:a6:f9:52:e8:
cd:c0:69:f2:18:ca:d8:dd:2e:57:a4:cd:c8:91:d0:fa:dd:4e:
08:f9:74:5b:78:c2:5a:9a:80:c0:17:e0:a5:9e:17:e1:0c:e2:
01:b5:04:da:e9:d6:0c:a1:c2:7c:3b:7b:e6:8e:16:7d:02:87:
25:c0:21:56:78:64:9e:43:2d:3e:f7:d3:dc:9d:a5:7c:6d:d1:
d8:26:ac:6c:0f:c0:1c:17:1f:4b:87:20:7e:99:e6:05:71:d5:
a5:1a:ad:0c:17:32:43:7a:b4:54:3d:2a:b0:94:53:0e:14:62:
14:22:1b:6d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMTAyMDcx
MjQ4MzJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEYwMjI2NUFEMTcxMTM2
ODNBQ0EyQjA2OTZCM0NBMzE3Nzc4QjRDODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD+7kPNqe8Xu4vsJbTEYdsK24/EAznzmAUqzvfLAPHLcTMhMTeS
W5Uu6Evl2MPmM0a4KKHalw5uGfW0Vl64aqGaYB24pAXezD3389pyOyN2V315RXrx
b4UhLUVNB2NG8gUKGFpJTTHUauSV15H/GDcq6N2nfdFnFwcXPB4MapGytJY+DnwG
IU/qrHoiyx5w//xQhSMomEtWdjIYJs83DkQS+zqC+Rf0KmHfxOIDCIDHXAw/s6ZQ
+xxWX5bUDyEmuv4j5sa2t952u2RVhgjV/rxifhcjV0Q6BzT9nP7uD4HEQrhxMPXW
+PX5iIEOB1GxmFSkS0Up1NSDZlhKLLIOV3zVAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU8CJlrRcRNoOsorBpazyjF3eLTIEwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy84Q0psclJjUk5vT3Nv
ckJwYXp5akYzZUxUSUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3mxMA0GCSqGSIb3DQEBCwUAA4IBAQAypkbYpoN9U8Xsgpxuik5AKPHgmV02
oRKq4VF3prCS4Ph3BiQakDJFtr26fHVPaIFLM2cz6uan5mdEoBEP4L7pQVWv4Cry
FuidoiSoEXZxypbbprnqNpaMbGPzmWpKcstExx8YfiIbQv/CGXhIiQnbpdvYR0oa
pZ4xesIU4zQqI7DY/ccN/X+rJMcFUKb5UujNwGnyGMrY3S5XpM3IkdD63U4I+XRb
eMJamoDAF+ClnhfhDOIBtQTa6dYMocJ8O3vmjhZ9AoclwCFWeGSeQy0+99PcnaV8
bdHYJqxsD8AcFx9LhyB+meYFcdWlGq0MFzJDerRUPSqwlFMOFGIUIhtt
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org