Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Py1Tl4Tnyz8cJVZ4zG9YOVgW7sw.roa
File: Py1Tl4Tnyz8cJVZ4zG9YOVgW7sw.roa (raw, json)
Hash identifier: /OKmgPke3hNR7fRGItmFq9HbfUcnJqQ2BwSEGrBip/M=
Subject key identifier: 3F:2D:53:97:84:E7:CB:3F:1C:25:56:78:CC:6F:58:39:58:16:EE:CC
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 0763
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Py1Tl4Tnyz8cJVZ4zG9YOVgW7sw.roa
Signing time: Tue 29 Sep 2020 10:03:45 +0000
ROA not before: Tue 29 Sep 2020 10:03:45 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.121.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1891 (0x763)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Sep 29 10:03:45 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=3F2D539784E7CB3F1C255678CC6F58395816EECC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e0:43:8d:56:03:fa:59:ff:c6:d7:0f:b3:e2:
48:31:c2:f0:29:c1:89:7b:de:a9:15:5d:cb:78:38:
5b:6d:10:24:0c:68:d3:8c:fd:8d:a4:88:a1:78:2f:
1a:4a:94:c8:45:1d:d5:a3:d0:fa:94:35:6c:3c:f3:
6b:8d:41:21:b2:ef:cf:da:e6:45:75:cf:22:ee:db:
16:7a:58:30:dc:2a:be:e9:a7:27:21:b1:fb:25:2c:
98:ee:e4:62:13:6a:4f:a5:8b:cd:58:7e:e3:a2:73:
3e:76:54:86:eb:87:78:d3:30:0f:aa:23:5d:39:61:
e2:ca:30:f7:3b:7c:34:af:36:5a:dc:ae:69:a2:37:
16:39:14:dc:8e:ac:2a:91:59:c5:63:8b:95:15:90:
4c:67:2b:6b:07:4c:c9:f4:7e:e8:30:51:c1:49:7a:
57:84:6c:d1:71:3d:53:0b:b7:24:21:dd:72:07:05:
9e:36:be:b6:4e:b8:22:e7:e7:f9:d7:2e:8d:2c:c9:
fe:7b:4b:56:34:41:05:9e:24:24:3b:55:b7:74:e2:
f2:c4:c1:fb:73:ba:5c:20:2b:b6:8e:eb:8e:62:2c:
14:a1:e3:9f:12:7b:75:fb:2f:3b:3a:ca:af:bd:43:
3d:3b:64:8c:70:bb:1f:f4:dc:6e:3c:6b:07:cc:0a:
53:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2D:53:97:84:E7:CB:3F:1C:25:56:78:CC:6F:58:39:58:16:EE:CC
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Py1Tl4Tnyz8cJVZ4zG9YOVgW7sw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.179.0/24
Signature Algorithm: sha256WithRSAEncryption
01:0f:e1:85:58:5e:75:9f:05:d2:65:62:05:a1:bf:8d:41:e2:
90:76:8b:d5:03:a5:65:94:4d:d3:a9:30:33:7c:05:1a:c6:7c:
85:28:cd:26:2e:61:44:9f:fb:1c:8d:97:ab:28:13:ce:13:34:
79:ab:66:f5:8d:53:aa:f5:5e:e4:f1:ec:ff:bc:47:a9:f1:2a:
7a:93:8f:c9:65:52:09:a3:8d:64:2f:4e:86:5b:b5:90:14:b2:
fb:72:6a:59:ab:38:ff:c8:71:1e:59:b6:1a:78:e5:eb:e5:f5:
cf:c7:ce:e9:fc:ae:a3:e6:c3:60:01:00:06:5a:eb:a3:3b:b4:
21:77:bd:02:17:c0:00:54:e4:81:9e:ef:ea:45:c4:c1:3b:f4:
65:a1:10:fd:81:14:cd:11:48:ef:4e:02:32:08:e0:b2:bc:c3:
34:b7:90:06:a0:04:15:20:ee:50:24:7c:df:dc:6d:8c:ad:c3:
f4:bb:f5:8d:7b:d8:db:fb:1b:4a:5d:5b:0b:95:ba:bf:29:55:
20:16:5c:4c:c4:4b:c2:e2:a4:52:30:07:e4:3a:d8:8b:4a:ec:
e9:66:9e:8c:c1:b8:58:93:9c:e0:12:3e:23:5e:48:3c:76:e6:
f4:42:64:a8:39:5e:70:11:dc:a9:bb:30:81:18:7a:71:06:7d:
8f:16:34:54
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMDA5Mjkx
MDAzNDVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDNGMkQ1Mzk3ODRFN0NC
M0YxQzI1NTY3OENDNkY1ODM5NTgxNkVFQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb4EONVgP6Wf/G1w+z4kgxwvApwYl73qkVXct4OFttECQMaNOM
/Y2kiKF4LxpKlMhFHdWj0PqUNWw882uNQSGy78/a5kV1zyLu2xZ6WDDcKr7ppych
sfslLJju5GITak+li81YfuOicz52VIbrh3jTMA+qI105YeLKMPc7fDSvNlrcrmmi
NxY5FNyOrCqRWcVji5UVkExnK2sHTMn0fugwUcFJeleEbNFxPVMLtyQh3XIHBZ42
vrZOuCLn5/nXLo0syf57S1Y0QQWeJCQ7Vbd04vLEwftzulwgK7aO645iLBSh458S
e3X7Lzs6yq+9Qz07ZIxwux/03G48awfMClNjAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUPy1Tl4Tnyz8cJVZ4zG9YOVgW7swwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy9QeTFUbDRUbnl6OGNK
Vlo0ekc5WU9WZ1c3c3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3mzMA0GCSqGSIb3DQEBCwUAA4IBAQABD+GFWF51nwXSZWIFob+NQeKQdovV
A6VllE3TqTAzfAUaxnyFKM0mLmFEn/scjZerKBPOEzR5q2b1jVOq9V7k8ez/vEep
8Sp6k4/JZVIJo41kL06GW7WQFLL7cmpZqzj/yHEeWbYaeOXr5fXPx87p/K6j5sNg
AQAGWuujO7Qhd70CF8AAVOSBnu/qRcTBO/RloRD9gRTNEUjvTgIyCOCyvMM0t5AG
oAQVIO5QJHzf3G2MrcP0u/WNe9jb+xtKXVsLlbq/KVUgFlxMxEvC4qRSMAfkOtiL
SuzpZp6MwbhYk5zgEj4jXkg8dub0QmSoOV5wEdypuzCBGHpxBn2PFjRU
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:23 2025 by rpki-client