Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/1RRiwkkUQBwyaUNumZbJq6I3TvE.roa
File: 1RRiwkkUQBwyaUNumZbJq6I3TvE.roa (raw, json)
Hash identifier: W0xctDaCMQp0Z4mPJdkcR8nvdzGDUeWqfqR+nR0CgDY=
Subject key identifier: D5:14:62:C2:49:14:40:1C:32:69:43:6E:99:96:C9:AB:A2:37:4E:F1
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A8C
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/1RRiwkkUQBwyaUNumZbJq6I3TvE.roa
Signing time: Sun 06 Nov 2022 13:13:31 +0000
ROA not before: Sun 06 Nov 2022 13:13:31 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131657
IP address blocks: 103.122.188.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2700 (0xa8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Nov 6 13:13:31 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D51462C24914401C3269436E9996C9ABA2374EF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:ce:d3:2d:b6:6e:31:5c:99:42:c0:7f:4b:
ef:f8:56:81:e3:cb:99:bc:c3:60:a7:a2:f5:4e:4e:
77:21:cb:0b:b7:46:f3:d1:f2:98:01:32:cb:c0:bb:
2c:2e:cc:68:18:20:28:68:c7:21:63:28:cc:42:d2:
7b:2d:81:36:20:b0:38:c3:12:dd:84:4c:11:87:5f:
e9:43:1a:90:29:14:6c:50:fb:9f:87:80:73:8f:59:
7c:bc:07:3e:bb:25:3f:75:ac:0e:94:15:fe:9c:76:
3d:d2:b8:55:1e:88:4d:64:f5:2e:94:22:8a:78:de:
86:9e:70:99:d0:aa:27:01:58:c3:18:a0:62:ea:7e:
3a:b9:bb:af:ff:13:13:d1:87:2e:e5:5e:fc:8c:ac:
7c:40:6e:8d:ad:b6:3b:2b:02:28:1b:25:95:31:fc:
e3:eb:c5:b3:3b:51:85:c2:eb:25:57:b2:fd:62:79:
89:08:4c:49:87:17:c4:bf:3c:e0:f6:2b:91:e1:2e:
41:c4:e7:d1:74:53:d1:f6:18:db:41:49:3f:c5:be:
15:72:70:28:b4:60:27:67:8b:89:2f:30:c0:8e:3e:
23:c4:13:d7:b0:1e:cb:01:71:da:88:a8:60:5b:50:
c5:e1:1f:59:57:12:72:59:90:e6:6f:3f:d9:d2:2c:
ee:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:14:62:C2:49:14:40:1C:32:69:43:6E:99:96:C9:AB:A2:37:4E:F1
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/1RRiwkkUQBwyaUNumZbJq6I3TvE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:51:20:df:69:b6:70:3c:cd:d3:a2:6b:8b:14:35:49:83:e9:
20:de:ab:5b:63:07:f6:c9:c8:da:a4:b3:41:6e:13:9d:cd:43:
34:21:1d:dc:83:4c:27:10:49:21:12:9c:cd:f2:62:77:3f:70:
79:ce:ec:63:a9:30:c6:3a:ec:48:25:9d:9a:0e:7b:d0:82:c6:
ca:49:f5:a0:36:ac:46:26:d4:39:70:72:d8:50:ea:d3:e4:11:
31:54:42:eb:a1:77:37:65:20:f5:99:dd:05:e8:cd:b4:ca:de:
4e:c7:51:52:99:23:ce:c3:d9:ea:08:84:57:f1:d1:8f:33:13:
67:66:60:4a:3d:e5:be:02:92:2a:48:cf:2a:35:a0:9e:50:dc:
ef:a4:40:50:16:53:6d:44:97:0b:b2:a0:03:31:e4:64:48:9f:
16:2f:a9:3a:48:81:9d:99:b4:03:47:b5:b0:05:b9:7b:e3:02:
75:ae:4c:c1:1b:15:8e:34:66:e8:08:46:88:ba:d8:e0:92:b3:
fe:d3:6b:e8:ae:1d:85:b5:cc:6e:fc:44:73:85:b1:1f:58:f3:
aa:e4:59:db:8b:f5:51:53:c6:7a:fb:71:fd:b2:f6:5c:3c:d1:
71:24:95:6b:0b:1c:73:ca:72:83:4b:d2:ec:e1:de:86:82:64:
bb:c0:9b:f2
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjExMDYx
MzEzMzFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ1MTQ2MkMyNDkxNDQw
MUMzMjY5NDM2RTk5OTZDOUFCQTIzNzRFRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiKM7TLbZuMVyZQsB/S+/4VoHjy5m8w2CnovVOTnchywu3RvPR
8pgBMsvAuywuzGgYIChoxyFjKMxC0nstgTYgsDjDEt2ETBGHX+lDGpApFGxQ+5+H
gHOPWXy8Bz67JT91rA6UFf6cdj3SuFUeiE1k9S6UIop43oaecJnQqicBWMMYoGLq
fjq5u6//ExPRhy7lXvyMrHxAbo2ttjsrAigbJZUx/OPrxbM7UYXC6yVXsv1ieYkI
TEmHF8S/POD2K5HhLkHE59F0U9H2GNtBST/FvhVycCi0YCdni4kvMMCOPiPEE9ew
HssBcdqIqGBbUMXhH1lXEnJZkOZvP9nSLO6bAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU1RRiwkkUQBwyaUNumZbJq6I3TvEwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC8xUlJpd2trVVFCd3lh
VU51bVpiSnE2STNUdkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQAuUSDfabZwPM3TomuLFDVJg+kg3qtb
Ywf2ycjapLNBbhOdzUM0IR3cg0wnEEkhEpzN8mJ3P3B5zuxjqTDGOuxIJZ2aDnvQ
gsbKSfWgNqxGJtQ5cHLYUOrT5BExVELroXc3ZSD1md0F6M20yt5Ox1FSmSPOw9nq
CIRX8dGPMxNnZmBKPeW+ApIqSM8qNaCeUNzvpEBQFlNtRJcLsqADMeRkSJ8WL6k6
SIGdmbQDR7WwBbl74wJ1rkzBGxWONGboCEaIutjgkrP+02vorh2Ftcxu/ERzhbEf
WPOq5Fnbi/VRU8Z6+3H9svZcPNFxJJVrCxxzynKDS9Ls4d6GgmS7wJvy
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org