Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/ZtEdh8LBmp3q6QlZsrDAqu0hrqQ.roa
File: ZtEdh8LBmp3q6QlZsrDAqu0hrqQ.roa (raw, json)
Hash identifier: IZ+DSVw2sUbYOsJlzsmwPhDAiLRJfvwoLdEJlkdua9M=
Subject key identifier: 66:D1:1D:87:C2:C1:9A:9D:EA:E9:09:59:B2:B0:C0:AA:ED:21:AE:A4
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 08B3
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/ZtEdh8LBmp3q6QlZsrDAqu0hrqQ.roa
Signing time: Sun 07 Feb 2021 12:50:47 +0000
ROA not before: Sun 07 Feb 2021 12:50:47 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131630
IP address blocks: 103.121.176.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2227 (0x8b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Feb 7 12:50:47 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=66D11D87C2C19A9DEAE90959B2B0C0AAED21AEA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:87:b7:e3:80:22:38:37:bc:c1:3c:25:f5:a6:
02:34:d7:a6:9b:e1:ec:c1:90:06:36:d8:00:18:5a:
10:b9:1c:3c:e3:38:0f:50:e7:42:b6:49:88:bf:b3:
17:73:61:19:ac:15:1b:cc:8b:3c:0f:17:fa:e7:ff:
c4:25:b3:6c:7e:cb:e9:ad:fa:7f:89:c6:23:b3:86:
a0:63:21:2c:ae:b8:e2:7c:99:30:98:fa:11:57:75:
e9:e8:44:47:11:4b:47:8f:b3:e6:d4:20:b1:5f:69:
f9:87:8d:c1:22:53:49:c2:dd:7e:cf:fe:2e:a3:13:
43:a0:35:e2:aa:45:e5:8d:21:ad:1f:c1:e4:92:bd:
0f:b0:d5:5d:73:64:e1:12:e7:10:be:9f:67:75:b9:
33:2f:a4:81:b5:d1:cc:56:1a:ee:19:60:f3:9d:68:
b4:ab:4c:ea:71:76:5c:7c:7f:b0:bf:98:83:b5:65:
f4:b2:cf:b5:66:72:49:94:5e:df:90:ef:c1:ad:ed:
7d:9e:98:96:30:cf:a3:c8:25:c4:f4:f8:e6:ad:9e:
29:96:10:0d:aa:0f:96:9d:2e:69:54:ea:54:96:be:
a1:dc:21:a4:ec:17:97:cc:df:83:43:ee:99:bf:32:
77:7a:31:ae:ed:bb:56:ee:68:90:00:bf:40:16:62:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D1:1D:87:C2:C1:9A:9D:EA:E9:09:59:B2:B0:C0:AA:ED:21:AE:A4
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/ZtEdh8LBmp3q6QlZsrDAqu0hrqQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.176.0/22
Signature Algorithm: sha256WithRSAEncryption
18:11:2c:36:5d:d2:f3:a2:5f:00:cb:d0:60:5c:45:d5:5b:cb:
08:9b:34:3c:fc:0c:8c:81:1c:8e:1b:59:7d:bc:48:f6:7e:e6:
7f:51:3e:73:4b:1e:56:dc:66:43:37:e2:03:44:92:67:b3:68:
8c:23:29:95:cb:7a:62:16:a2:d5:ad:40:01:04:9a:3c:5c:8b:
7f:81:0d:da:50:4b:85:cf:ae:0f:77:ed:e8:56:70:e5:7f:4c:
bc:f1:54:9b:4a:c2:31:82:d4:66:1a:b8:20:eb:6c:4e:ba:da:
5b:8e:28:bd:31:46:8b:0d:2e:bd:8c:73:81:9a:76:78:5b:43:
e6:fb:f8:d0:5d:19:77:2a:b5:a4:7c:a6:9e:d8:9a:fa:e9:00:
0f:cd:1a:93:c6:cc:25:6b:b0:0f:0b:d9:d8:8c:f9:2a:21:17:
5a:65:c2:46:2c:a2:e3:19:3a:a7:87:cd:19:41:bd:56:9a:47:
0a:22:85:d7:08:e2:03:fc:79:82:f1:16:38:7a:f6:08:ca:61:
a7:34:b6:83:9b:30:ae:e8:03:bf:b7:e1:88:f1:ad:36:4c:80:
1a:06:b5:c8:30:a8:6c:85:76:39:5e:00:67:d6:7c:51:d4:be:
0e:08:21:87:7d:d2:81:67:ee:2b:a3:4f:24:71:46:d8:6f:86:
49:c2:09:f6
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMTAyMDcx
MjUwNDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY2RDExRDg3QzJDMTlB
OURFQUU5MDk1OUIyQjBDMEFBRUQyMUFFQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXh7fjgCI4N7zBPCX1pgI016ab4ezBkAY22AAYWhC5HDzjOA9Q
50K2SYi/sxdzYRmsFRvMizwPF/rn/8Qls2x+y+mt+n+JxiOzhqBjISyuuOJ8mTCY
+hFXdenoREcRS0ePs+bUILFfafmHjcEiU0nC3X7P/i6jE0OgNeKqReWNIa0fweSS
vQ+w1V1zZOES5xC+n2d1uTMvpIG10cxWGu4ZYPOdaLSrTOpxdlx8f7C/mIO1ZfSy
z7VmckmUXt+Q78Gt7X2emJYwz6PIJcT0+OatnimWEA2qD5adLmlU6lSWvqHcIaTs
F5fM34ND7pm/Mnd6Ma7tu1buaJAAv0AWYgSbAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUZtEdh8LBmp3q6QlZsrDAqu0hrqQwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy9adEVkaDhMQm1wM3E2
UWxac3JEQXF1MGhycVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3mwMA0GCSqGSIb3DQEBCwUAA4IBAQAYESw2XdLzol8Ay9BgXEXVW8sImzQ8
/AyMgRyOG1l9vEj2fuZ/UT5zSx5W3GZDN+IDRJJns2iMIymVy3piFqLVrUABBJo8
XIt/gQ3aUEuFz64Pd+3oVnDlf0y88VSbSsIxgtRmGrgg62xOutpbjii9MUaLDS69
jHOBmnZ4W0Pm+/jQXRl3KrWkfKae2Jr66QAPzRqTxswla7APC9nYjPkqIRdaZcJG
LKLjGTqnh80ZQb1WmkcKIoXXCOID/HmC8RY4evYIymGnNLaDmzCu6AO/t+GI8a02
TIAaBrXIMKhshXY5XgBn1nxR1L4OCCGHfdKBZ+4ro08kcUbYb4ZJwgn2
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org