Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GARENATW/oXURo9K-0rYjGO4aZIcfU-e00tc.roa
File: oXURo9K-0rYjGO4aZIcfU-e00tc.roa (raw, json)
Hash identifier: hCk7bh3oMD0b0bv+k76L8dxpMhBBKwA9A7gHCt4aepM=
Subject key identifier: A1:75:11:A3:D2:BE:D2:B6:23:18:EE:1A:64:87:1F:53:E7:B4:D2:D7
Certificate issuer: /CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Certificate serial: 08B1
Authority key identifier: 26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/oXURo9K-0rYjGO4aZIcfU-e00tc.roa
Signing time: Sun 07 Feb 2021 12:48:35 +0000
ROA not before: Sun 07 Feb 2021 12:48:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.121.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2225 (0x8b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261E03DBE27DFCD8B3E0C55F2F0433EA022D1D4B
Validity
Not Before: Feb 7 12:48:35 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A17511A3D2BED2B62318EE1A64871F53E7B4D2D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:04:7e:59:28:9b:03:7d:50:81:08:85:26:88:
42:06:c0:a5:a7:f3:3d:3f:4f:71:33:09:9b:8f:15:
c7:fb:52:f5:f1:2f:8e:9e:90:80:d0:74:b9:48:b7:
a3:31:8e:63:8a:6a:d0:4c:8e:f0:76:41:6a:10:3b:
c0:02:20:af:96:bf:ab:80:c5:53:79:e1:f3:b3:48:
73:b8:f1:a1:ff:39:cd:3c:0a:33:1b:ff:4b:05:f9:
39:8d:9a:6a:c5:33:8d:d9:80:75:de:1c:df:44:71:
4b:e8:c1:f8:8d:58:d2:4a:27:86:0a:15:01:a2:f5:
86:cb:5d:01:4a:1a:8f:68:13:ae:54:ac:b3:f5:07:
9c:92:98:95:82:37:67:7e:5a:69:da:ef:95:9a:49:
39:d4:36:22:44:98:5a:e7:9a:8a:a5:0a:1a:5f:52:
3f:ef:1d:74:a4:9e:d9:12:d7:a5:68:2d:14:09:2b:
6a:ca:97:71:31:23:dc:09:e5:45:90:f1:18:c0:4d:
2f:f1:d2:45:2b:c7:98:e7:58:b3:b4:2a:13:5e:47:
2b:1b:3e:24:32:49:b2:60:c5:e1:df:0c:c7:dd:a9:
a2:84:1d:16:d0:77:76:18:63:f7:9f:d2:c8:d7:1c:
83:d1:8e:62:40:2e:5a:87:d0:6b:c2:74:62:d7:d4:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:75:11:A3:D2:BE:D2:B6:23:18:EE:1A:64:87:1F:53:E7:B4:D2:D7
X509v3 Authority Key Identifier:
keyid:26:1E:03:DB:E2:7D:FC:D8:B3:E0:C5:5F:2F:04:33:EA:02:2D:1D:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/Jh4D2-J9_Niz4MVfLwQz6gItHUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Jh4D2-J9_Niz4MVfLwQz6gItHUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GARENATW/oXURo9K-0rYjGO4aZIcfU-e00tc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.179.0/24
Signature Algorithm: sha256WithRSAEncryption
19:99:d2:a6:68:5f:e7:57:e6:87:90:4b:c0:d6:d6:ad:fb:f2:
48:b8:96:76:39:0a:fd:f9:5f:38:87:d4:0f:4f:22:fb:00:e8:
02:ec:92:d9:df:19:3a:2a:6d:8c:67:74:d9:16:26:7a:50:87:
5d:ce:e8:6f:ea:63:6e:1e:c3:ca:f9:ad:d7:8e:61:cb:be:f8:
61:ae:29:59:89:06:bb:29:1d:4d:08:4d:5c:cc:34:b9:d3:7c:
df:11:56:79:e4:80:57:90:90:0e:3a:78:04:65:2d:05:2d:20:
35:46:05:ce:4d:53:b5:0a:85:91:93:26:30:5e:20:f8:68:14:
a7:ae:9a:7e:df:a4:7c:29:dd:12:0b:52:f8:14:2a:9a:db:f5:
2a:b9:41:f9:ff:69:fe:e2:ad:f6:a6:17:3f:76:6f:7a:2c:0d:
b8:2d:3d:93:4c:00:33:49:6d:cb:4a:cc:31:d9:01:e4:db:a3:
b1:04:f9:ad:47:55:88:d5:de:0b:c8:3e:9d:2d:3a:63:88:6a:
6a:95:97:0d:b1:35:a8:d7:c4:63:1d:cf:ed:fa:91:a5:85:9e:
b7:0f:34:ed:e9:98:a2:e3:96:53:d8:d0:87:af:37:69:8b:34:
a3:3c:ce:c9:14:c6:53:d5:ed:b5:44:5a:4e:9c:6d:a3:12:45:
5b:07:4f:7f
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjYx
RTAzREJFMjdERkNEOEIzRTBDNTVGMkYwNDMzRUEwMjJEMUQ0QjAeFw0yMTAyMDcx
MjQ4MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEExNzUxMUEzRDJCRUQy
QjYyMzE4RUUxQTY0ODcxRjUzRTdCNEQyRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZBH5ZKJsDfVCBCIUmiEIGwKWn8z0/T3EzCZuPFcf7UvXxL46e
kIDQdLlIt6MxjmOKatBMjvB2QWoQO8ACIK+Wv6uAxVN54fOzSHO48aH/Oc08CjMb
/0sF+TmNmmrFM43ZgHXeHN9EcUvowfiNWNJKJ4YKFQGi9YbLXQFKGo9oE65UrLP1
B5ySmJWCN2d+Wmna75WaSTnUNiJEmFrnmoqlChpfUj/vHXSkntkS16VoLRQJK2rK
l3ExI9wJ5UWQ8RjATS/x0kUrx5jnWLO0KhNeRysbPiQySbJgxeHfDMfdqaKEHRbQ
d3YYY/ef0sjXHIPRjmJALlqH0GvCdGLX1JipAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUoXURo9K+0rYjGO4aZIcfU+e00tcwHwYDVR0jBBgwFoAUJh4D2+J9/Niz4MVf
LwQz6gItHUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0FSRU5B
VFcvSmg0RDItSjlfTml6NE1WZkx3UXo2Z0l0SFVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9KaDREMi1KOV9OaXo0TVZmTHdRejZnSXRIVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9HQVJFTkFUVy9vWFVSbzlLLTByWWpH
TzRhWkljZlUtZTAwdGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3mzMA0GCSqGSIb3DQEBCwUAA4IBAQAZmdKmaF/nV+aHkEvA1tat+/JIuJZ2
OQr9+V84h9QPTyL7AOgC7JLZ3xk6Km2MZ3TZFiZ6UIddzuhv6mNuHsPK+a3XjmHL
vvhhrilZiQa7KR1NCE1czDS503zfEVZ55IBXkJAOOngEZS0FLSA1RgXOTVO1CoWR
kyYwXiD4aBSnrpp+36R8Kd0SC1L4FCqa2/UquUH5/2n+4q32phc/dm96LA24LT2T
TAAzSW3LSswx2QHk26OxBPmtR1WI1d4LyD6dLTpjiGpqlZcNsTWo18RjHc/t+pGl
hZ63DzTt6Zii45ZT2NCHrzdpizSjPM7JFMZT1e21RFpOnG2jEkVbB09/
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:54 2025 by rpki-client