Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/gaAzLSgBW2PJq3nMg0K9ZfdKQgk.roa
File: gaAzLSgBW2PJq3nMg0K9ZfdKQgk.roa (raw, json)
Hash identifier: nfNk2Bfi7AJSkr7xNYIVSB5S/MN+ffxITfYnDaYCxSs=
Subject key identifier: 81:A0:33:2D:28:01:5B:63:C9:AB:79:CC:83:42:BD:65:F7:4A:42:09
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 0762
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/gaAzLSgBW2PJq3nMg0K9ZfdKQgk.roa
Signing time: Tue 29 Sep 2020 10:03:44 +0000
ROA not before: Tue 29 Sep 2020 10:03:44 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.121.178.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1890 (0x762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Sep 29 10:03:44 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=81A0332D28015B63C9AB79CC8342BD65F74A4209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:eb:9d:d5:fa:e8:85:12:07:d7:7b:90:fb:dd:
33:32:4c:20:f4:d0:40:2e:bf:6c:54:55:5f:63:42:
b4:c3:43:bd:a3:c6:8f:64:74:56:6a:18:58:89:83:
54:8e:26:cc:94:42:b9:16:f5:72:52:d4:50:00:61:
62:68:27:fa:34:23:8e:3d:a3:29:d6:17:88:27:c3:
6e:67:35:77:d0:f6:38:85:16:c5:41:36:bd:0b:61:
c7:e4:d9:c5:69:5b:d3:8a:01:de:92:cc:98:aa:5a:
89:3d:40:fd:47:d2:99:a5:e5:eb:34:c3:cf:9e:3e:
14:62:66:16:db:b6:c4:3e:6e:07:e9:59:84:5b:6c:
97:55:26:81:55:a1:46:81:11:5c:f0:0e:a1:b3:8b:
7f:88:60:27:6c:38:7a:fb:52:6a:40:ff:20:60:ee:
ee:b1:97:1a:d9:79:7e:ff:e4:5a:d9:33:8b:b8:55:
8e:39:72:6f:1e:4f:7f:1d:e0:80:a0:1f:23:a4:d5:
40:32:da:ad:89:1c:b3:9b:c3:cf:21:e5:40:9b:78:
84:1f:18:d6:44:26:9e:4e:96:81:8e:70:ea:a3:e6:
31:f9:fb:b0:3e:58:a5:6b:2e:3f:66:a4:55:5a:b2:
5b:b3:30:ba:81:1d:6f:d1:a0:e0:5f:a2:5b:c5:a0:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A0:33:2D:28:01:5B:63:C9:AB:79:CC:83:42:BD:65:F7:4A:42:09
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/gaAzLSgBW2PJq3nMg0K9ZfdKQgk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.178.0/24
Signature Algorithm: sha256WithRSAEncryption
80:25:f4:2c:d8:af:11:70:fa:f6:11:5d:6c:c8:6b:b7:33:ce:
01:4b:3b:d0:b3:0f:87:63:ea:19:28:8f:e5:ca:4b:7a:1b:68:
19:73:3c:d2:d6:24:51:30:ff:e2:3b:71:56:97:ac:63:36:20:
92:f4:72:d8:55:57:08:fe:c5:44:f9:5e:7a:84:6f:30:90:5e:
ad:1a:62:09:bd:de:8a:92:b9:f5:1b:0f:81:11:70:6a:ce:b0:
d5:22:de:01:37:13:1e:eb:69:66:e2:05:2f:13:26:69:d8:3a:
50:a6:03:9d:c9:40:51:2e:b9:58:e1:e9:1c:c9:5e:55:17:13:
27:c0:c8:e6:d5:89:40:e2:dd:43:fd:c1:d8:4e:f5:65:0e:89:
3f:48:db:91:53:3e:80:f5:bf:5d:b7:3c:a4:cc:d1:b3:b1:41:
e2:f8:27:d7:db:0f:e2:75:39:69:17:c4:da:06:f7:a4:c9:3d:
e0:02:f5:12:a7:30:8c:38:af:e5:89:59:48:c9:1b:1a:1f:3e:
d2:74:48:8f:14:27:ad:9f:2c:38:b9:25:d2:14:99:7a:2e:4f:
64:bb:0e:6c:98:91:d4:df:72:68:b3:8d:af:e9:a5:d3:ab:e7:
3e:ef:fe:61:c2:a9:4a:12:6a:db:8b:a3:63:ac:a3:09:05:85:
0e:57:da:0c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMDA5Mjkx
MDAzNDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDgxQTAzMzJEMjgwMTVC
NjNDOUFCNzlDQzgzNDJCRDY1Rjc0QTQyMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo653V+uiFEgfXe5D73TMyTCD00EAuv2xUVV9jQrTDQ72jxo9k
dFZqGFiJg1SOJsyUQrkW9XJS1FAAYWJoJ/o0I449oynWF4gnw25nNXfQ9jiFFsVB
Nr0LYcfk2cVpW9OKAd6SzJiqWok9QP1H0pml5es0w8+ePhRiZhbbtsQ+bgfpWYRb
bJdVJoFVoUaBEVzwDqGzi3+IYCdsOHr7UmpA/yBg7u6xlxrZeX7/5FrZM4u4VY45
cm8eT38d4ICgHyOk1UAy2q2JHLObw88h5UCbeIQfGNZEJp5OloGOcOqj5jH5+7A+
WKVrLj9mpFVasluzMLqBHW/RoOBfolvFoO0dAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUgaAzLSgBW2PJq3nMg0K9ZfdKQgkwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy9nYUF6TFNnQlcyUEpx
M25NZzBLOVpmZEtRZ2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3myMA0GCSqGSIb3DQEBCwUAA4IBAQCAJfQs2K8RcPr2EV1syGu3M84BSzvQ
sw+HY+oZKI/lykt6G2gZczzS1iRRMP/iO3FWl6xjNiCS9HLYVVcI/sVE+V56hG8w
kF6tGmIJvd6Kkrn1Gw+BEXBqzrDVIt4BNxMe62lm4gUvEyZp2DpQpgOdyUBRLrlY
4ekcyV5VFxMnwMjm1YlA4t1D/cHYTvVlDok/SNuRUz6A9b9dtzykzNGzsUHi+CfX
2w/idTlpF8TaBvekyT3gAvUSpzCMOK/liVlIyRsaHz7SdEiPFCetnyw4uSXSFJl6
Lk9kuw5smJHU33Jos42v6aXTq+c+7/5hwqlKEmrbi6NjrKMJBYUOV9oM
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org