Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GH/cLk6S8zPSHKvea55JXML7OoVB-E.roa
File: cLk6S8zPSHKvea55JXML7OoVB-E.roa (raw, json)
Hash identifier: eTjEuz8thYMVmAKgRP2i3luclkreu6tPTMar4VhLkzs=
Subject key identifier: 70:B9:3A:4B:CC:CF:48:72:AF:79:AE:79:25:73:0B:EC:EA:15:07:E1
Certificate issuer: /CN=E63C5A15B7CE90030108F4AD38E541E6CDB5BEFE
Certificate serial: 11ED
Authority key identifier: E6:3C:5A:15:B7:CE:90:03:01:08:F4:AD:38:E5:41:E6:CD:B5:BE:FE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/5jxaFbfOkAMBCPStOOVB5s21vv4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GH/cLk6S8zPSHKvea55JXML7OoVB-E.roa
Signing time: Fri 01 Sep 2023 08:53:51 +0000
ROA not before: Fri 01 Sep 2023 08:53:51 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18046
IP address blocks: 103.130.44.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4589 (0x11ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E63C5A15B7CE90030108F4AD38E541E6CDB5BEFE
Validity
Not Before: Sep 1 08:53:51 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=70B93A4BCCCF4872AF79AE7925730BECEA1507E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:75:ad:d3:a5:19:c6:4c:f9:ff:8c:f2:78:
b9:83:7f:84:9e:f8:36:61:14:ff:2b:ab:8d:3f:70:
be:68:18:4d:c3:7e:a8:d8:27:6a:23:f3:10:27:a9:
ec:1a:4b:b2:6c:e5:8f:f0:5f:d2:22:32:19:25:c3:
c4:c5:92:74:dc:64:74:e6:5f:7e:62:c3:c7:79:4e:
8c:b0:2b:67:8a:cd:b1:f9:e2:3b:6c:bf:32:e5:a1:
9a:87:d9:9f:bf:55:e0:d0:c4:33:7b:12:c9:50:ef:
5b:34:be:d1:b8:f6:65:de:cb:0c:79:cb:aa:23:c8:
3d:51:b5:63:0c:ff:91:1a:9d:6e:d9:9e:09:0e:54:
c1:5b:fb:4a:54:e9:78:a8:c9:aa:5f:9b:d2:17:de:
45:d2:c3:ac:02:24:63:ed:1e:da:12:c4:79:c0:e0:
94:d3:ea:62:f5:30:37:54:48:38:fe:cb:3a:7a:7e:
24:d2:e3:17:2b:23:64:8d:c2:a4:36:b0:3b:f7:7f:
c6:5e:df:73:22:8f:69:cd:95:08:f8:f4:b4:5d:d3:
4d:58:21:1a:d7:bb:aa:86:ff:3f:46:ed:0c:2e:6c:
84:17:e0:ec:91:12:c7:0c:ad:f0:92:4d:8a:6a:e8:
d7:7c:b4:9f:e6:a3:5a:40:a3:24:44:2a:41:48:2e:
10:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B9:3A:4B:CC:CF:48:72:AF:79:AE:79:25:73:0B:EC:EA:15:07:E1
X509v3 Authority Key Identifier:
keyid:E6:3C:5A:15:B7:CE:90:03:01:08:F4:AD:38:E5:41:E6:CD:B5:BE:FE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GH/5jxaFbfOkAMBCPStOOVB5s21vv4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/5jxaFbfOkAMBCPStOOVB5s21vv4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GH/cLk6S8zPSHKvea55JXML7OoVB-E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:09:3a:a4:cf:0d:f7:9c:ba:1b:72:98:2b:46:79:0a:1e:6f:
87:1d:ce:8e:fb:70:a2:f6:ed:db:41:38:cc:bd:a6:e3:72:f8:
e2:3c:21:46:07:d2:ab:68:44:eb:aa:a0:94:4b:8b:05:f2:25:
ee:a3:f7:5c:bf:89:d3:a3:40:9e:54:6e:93:ea:b8:f8:43:eb:
6e:db:32:56:fe:7a:f0:5c:94:7a:b4:78:05:e4:ad:c3:56:bd:
16:19:d0:aa:e2:20:4e:a9:d9:20:0e:65:51:97:73:cd:66:65:
df:b9:6a:a2:72:f5:63:3d:65:5e:a6:38:f9:6a:9e:a1:79:7f:
d4:8c:ce:0d:fc:d9:0d:c4:80:57:1c:62:09:a8:b6:7c:27:67:
ff:72:9a:fe:a3:af:15:75:91:a2:28:f1:2c:15:ca:b6:fd:eb:
81:7a:a9:c4:14:77:f3:46:d5:80:2c:2f:ee:c8:11:7f:66:6d:
63:47:ef:a5:94:b8:ae:c0:05:40:8e:77:e7:1b:3a:b5:4d:26:
63:76:a0:90:70:dd:a4:4d:9a:d7:84:5f:a4:7b:ff:69:42:51:
d5:4f:c8:43:94:5d:c1:10:85:1c:65:78:f0:c1:3a:d1:df:2f:
4a:c5:ea:fa:98:13:f3:f3:11:18:06:2a:95:1f:31:d9:ac:b7:
42:98:4d:3e
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgICEe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTYz
QzVBMTVCN0NFOTAwMzAxMDhGNEFEMzhFNTQxRTZDREI1QkVGRTAeFw0yMzA5MDEw
ODUzNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDcwQjkzQTRCQ0NDRjQ4
NzJBRjc5QUU3OTI1NzMwQkVDRUExNTA3RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzfXWt06UZxkz5/4zyeLmDf4Se+DZhFP8rq40/cL5oGE3DfqjY
J2oj8xAnqewaS7Js5Y/wX9IiMhklw8TFknTcZHTmX35iw8d5ToywK2eKzbH54jts
vzLloZqH2Z+/VeDQxDN7EslQ71s0vtG49mXeywx5y6ojyD1RtWMM/5EanW7ZngkO
VMFb+0pU6Xioyapfm9IX3kXSw6wCJGPtHtoSxHnA4JTT6mL1MDdUSDj+yzp6fiTS
4xcrI2SNwqQ2sDv3f8Ze33Mij2nNlQj49LRd001YIRrXu6qG/z9G7QwubIQX4OyR
EscMrfCSTYpq6Nd8tJ/mo1pAoyREKkFILhBNAgMBAAGjggHmMIIB4jAdBgNVHQ4E
FgQUcLk6S8zPSHKvea55JXML7OoVB+EwHwYDVR0jBBgwFoAU5jxaFbfOkAMBCPSt
OOVB5s21vv4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBYBgNVHR8EUTBPME2g
S6BJhkdyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR0gvNWp4
YUZiZk9rQU1CQ1BTdE9PVkI1czIxdnY0LmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS81
anhhRmJmT2tBTUJDUFN0T09WQjVzMjF2djQuY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mAYIKwYBBQUHAQsEgYswgYgwUwYIKwYBBQUHMAuGR3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9HSC9jTGs2Uzh6UFNIS3ZlYTU1SlhNTDdPb1ZC
LUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9u
b3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4IsMA0GCSqG
SIb3DQEBCwUAA4IBAQBcCTqkzw33nLobcpgrRnkKHm+HHc6O+3Ci9u3bQTjMvabj
cvjiPCFGB9KraETrqqCUS4sF8iXuo/dcv4nTo0CeVG6T6rj4Q+tu2zJW/nrwXJR6
tHgF5K3DVr0WGdCq4iBOqdkgDmVRl3PNZmXfuWqicvVjPWVepjj5ap6heX/UjM4N
/NkNxIBXHGIJqLZ8J2f/cpr+o68VdZGiKPEsFcq2/euBeqnEFHfzRtWALC/uyBF/
Zm1jR++llLiuwAVAjnfnGzq1TSZjdqCQcN2kTZrXhF+ke/9pQlHVT8hDlF3BEIUc
ZXjwwTrR3y9Kxer6mBPz8xEYBiqVHzHZrLdCmE0+
-----END CERTIFICATE-----
Generated at Tue Oct 31 07:49:10 2023 by rpki-client on console-fra.rpki-client.org