Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GU/_P2yKki7cy5RjeeFXWJWDQHPZag.roa
File: _P2yKki7cy5RjeeFXWJWDQHPZag.roa (raw, json)
Hash identifier: WWWAMfK+J6ik7f3aDA8cZJ6O8gpCqwvEJnUNTV3tC18=
Subject key identifier: FC:FD:B2:2A:48:BB:73:2E:51:8D:E7:85:5D:62:56:0D:01:CF:65:A8
Certificate issuer: /CN=FD6A604FD79AF3477008E71EA4ED5CDF588CA664
Certificate serial: 11EB
Authority key identifier: FD:6A:60:4F:D7:9A:F3:47:70:08:E7:1E:A4:ED:5C:DF:58:8C:A6:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_WpgT9ea80dwCOcepO1c31iMpmQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GU/_P2yKki7cy5RjeeFXWJWDQHPZag.roa
Signing time: Fri 01 Sep 2023 08:55:41 +0000
ROA not before: Fri 01 Sep 2023 08:55:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18046
IP address blocks: 103.130.32.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4587 (0x11eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FD6A604FD79AF3477008E71EA4ED5CDF588CA664
Validity
Not Before: Sep 1 08:55:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FCFDB22A48BB732E518DE7855D62560D01CF65A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:12:a9:0d:6b:fb:e0:93:34:7e:3d:6b:92:0d:
64:1e:3b:99:e6:8a:b7:8a:5e:68:84:f0:ce:71:42:
17:4c:65:5a:dc:16:82:96:0c:22:ca:68:b8:ed:c2:
88:53:4e:04:a9:d0:4c:30:7a:90:3c:6f:31:9e:58:
87:d4:78:c4:f1:ac:57:57:78:62:65:2a:d2:7b:72:
3c:1a:86:3a:19:a3:5d:46:52:2c:88:3d:11:a2:83:
06:e5:0f:11:df:52:bb:a7:2c:11:8b:13:61:21:eb:
d8:20:e1:4f:a5:dd:26:f2:0d:60:84:0f:48:6b:97:
ae:d9:cc:c9:9b:a6:2a:65:4a:35:cc:e1:cd:c7:0e:
f4:3d:65:64:05:75:26:75:92:ed:54:23:f2:f2:12:
52:b0:f9:8e:ad:7f:86:f3:01:92:28:81:10:f3:87:
de:1c:5b:0f:29:a5:7d:65:9d:e3:f5:a1:79:54:f5:
1e:10:08:6e:a5:60:46:f9:56:d4:8f:75:36:69:21:
f7:18:ad:e3:d0:af:6e:1d:5b:a7:99:a5:97:3c:18:
2a:54:b9:cc:06:69:27:c1:a3:05:49:28:6d:8f:e3:
93:b2:fd:98:7c:16:e3:74:1c:94:e5:67:d9:a9:5e:
b5:06:9a:77:e2:86:ff:8f:76:87:89:00:b9:f2:b2:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FD:B2:2A:48:BB:73:2E:51:8D:E7:85:5D:62:56:0D:01:CF:65:A8
X509v3 Authority Key Identifier:
keyid:FD:6A:60:4F:D7:9A:F3:47:70:08:E7:1E:A4:ED:5C:DF:58:8C:A6:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GU/_WpgT9ea80dwCOcepO1c31iMpmQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_WpgT9ea80dwCOcepO1c31iMpmQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GU/_P2yKki7cy5RjeeFXWJWDQHPZag.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.32.0/22
Signature Algorithm: sha256WithRSAEncryption
87:6d:33:82:80:11:92:5c:0b:a8:0b:50:61:d3:01:a7:99:ca:
6f:66:e6:39:7f:90:fa:a9:5a:3d:59:d6:70:b6:82:48:09:6e:
fb:8b:05:1f:77:cd:35:80:33:c1:1e:33:2a:c1:97:04:82:3b:
42:f1:21:ff:76:2a:d5:37:33:d4:65:27:0a:4a:a1:e6:03:5a:
83:96:88:7d:3e:11:c0:e2:68:ed:31:6f:bc:98:c5:c4:24:f7:
7a:89:13:fd:fb:b1:d7:a3:ad:2f:15:6f:69:e9:ad:98:9d:eb:
ce:8e:3b:bc:88:a7:2b:ce:b3:3d:7b:05:2e:9c:a3:7e:02:a2:
86:08:6e:58:bb:09:87:41:7b:71:3f:00:e8:de:1f:37:a0:42:
0f:22:45:ca:b6:c4:51:a5:46:b9:78:b7:45:03:b5:2f:0c:d6:
a1:0d:ee:d0:9e:24:f6:19:48:60:f0:f0:2a:1b:12:ca:80:b5:
6f:f5:2f:8a:2a:54:17:54:24:59:c6:37:da:da:47:f3:e3:e2:
e9:18:63:30:58:ea:92:ca:62:08:ba:dc:79:68:8f:74:ff:83:
5b:42:87:69:13:c7:b3:14:30:e1:18:e3:a6:1c:ed:9d:44:6c:
70:c1:38:b8:52:3d:f7:cd:51:e4:fb:2d:8c:5c:5c:70:f9:a2:
c0:dd:fb:26
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgICEeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkQ2
QTYwNEZENzlBRjM0NzcwMDhFNzFFQTRFRDVDREY1ODhDQTY2NDAeFw0yMzA5MDEw
ODU1NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZDRkRCMjJBNDhCQjcz
MkU1MThERTc4NTVENjI1NjBEMDFDRjY1QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTEqkNa/vgkzR+PWuSDWQeO5nmireKXmiE8M5xQhdMZVrcFoKW
DCLKaLjtwohTTgSp0EwwepA8bzGeWIfUeMTxrFdXeGJlKtJ7cjwahjoZo11GUiyI
PRGigwblDxHfUrunLBGLE2Eh69gg4U+l3SbyDWCED0hrl67ZzMmbpiplSjXM4c3H
DvQ9ZWQFdSZ1ku1UI/LyElKw+Y6tf4bzAZIogRDzh94cWw8ppX1lneP1oXlU9R4Q
CG6lYEb5VtSPdTZpIfcYrePQr24dW6eZpZc8GCpUucwGaSfBowVJKG2P45Oy/Zh8
FuN0HJTlZ9mpXrUGmnfihv+PdoeJALnyskCJAgMBAAGjggHmMIIB4jAdBgNVHQ4E
FgQU/P2yKki7cy5RjeeFXWJWDQHPZagwHwYDVR0jBBgwFoAU/WpgT9ea80dwCOce
pO1c31iMpmQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBYBgNVHR8EUTBPME2g
S6BJhkdyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1UvX1dw
Z1Q5ZWE4MGR3Q09jZXBPMWMzMWlNcG1RLmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9f
V3BnVDllYTgwZHdDT2NlcE8xYzMxaU1wbVEuY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mAYIKwYBBQUHAQsEgYswgYgwUwYIKwYBBQUHMAuGR3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9HVS9fUDJ5S2tpN2N5NVJqZWVGWFdKV0RRSFBa
YWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJkcC9u
b3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ4IgMA0GCSqG
SIb3DQEBCwUAA4IBAQCHbTOCgBGSXAuoC1Bh0wGnmcpvZuY5f5D6qVo9WdZwtoJI
CW77iwUfd801gDPBHjMqwZcEgjtC8SH/dirVNzPUZScKSqHmA1qDloh9PhHA4mjt
MW+8mMXEJPd6iRP9+7HXo60vFW9p6a2YnevOjju8iKcrzrM9ewUunKN+AqKGCG5Y
uwmHQXtxPwDo3h83oEIPIkXKtsRRpUa5eLdFA7UvDNahDe7QniT2GUhg8PAqGxLK
gLVv9S+KKlQXVCRZxjfa2kfz4+LpGGMwWOqSymIIutx5aI90/4NbQodpE8ezFDDh
GOOmHO2dRGxwwTi4Uj33zVHk+y2MXFxw+aLA3fsm
-----END CERTIFICATE-----
Generated at Tue Oct 31 07:49:10 2023 by rpki-client on console-fra.rpki-client.org