Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/96ZlaTMwhfsT_qnkQqCR4_MhFPk.roa
File: 96ZlaTMwhfsT_qnkQqCR4_MhFPk.roa (raw, json)
Hash identifier: y2glEUrQ/FEu12vX7EKVCVdm2Uy+Q+bgK/nqegapn0k=
Subject key identifier: F7:A6:65:69:33:30:85:FB:13:FE:A9:E4:42:A0:91:E3:F3:21:14:F9
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/96ZlaTMwhfsT_qnkQqCR4_MhFPk.roa
Signing time: Thu 15 Sep 2022 02:47:49 +0000
ROA not before: Thu 15 Sep 2022 02:47:49 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131657
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 15 02:47:49 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F7A66569333085FB13FEA9E442A091E3F32114F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:fc:14:7d:74:7d:08:f0:39:f3:2d:fd:f3:
01:48:e4:11:e5:b0:e4:24:42:4b:f8:53:0f:b7:b7:
0a:64:f3:38:f9:7a:53:dc:76:de:f5:7a:78:ef:7c:
06:ba:8e:c5:5c:1f:f1:e5:8d:e5:e9:36:56:33:bb:
80:46:ea:33:5b:aa:57:0f:57:b6:00:f8:41:de:a1:
4c:67:58:bf:1d:f8:cf:f4:b4:34:c7:9f:d8:93:df:
f9:61:34:6c:6f:00:4c:09:60:29:3b:8d:2a:d8:5e:
95:e0:1c:1d:c1:47:d2:6a:8e:8f:86:3b:19:cf:f9:
48:7a:d5:f2:de:c3:a9:60:7e:db:91:1c:ac:34:0d:
82:39:fa:c2:0e:d2:71:94:c2:20:5e:e2:93:99:49:
a8:87:86:3d:33:00:9e:fb:28:86:86:97:c2:bd:f7:
c3:5d:98:16:7d:8d:cb:30:41:52:8b:c9:b7:91:c2:
f0:d1:0c:5b:3e:4a:e7:81:f8:bb:b8:a8:1b:ee:ed:
d9:9f:fe:a7:fb:27:d1:c0:e1:49:43:57:5a:05:58:
e9:6d:f2:90:5c:73:80:2c:b8:ef:56:62:0d:e6:60:
53:22:09:d9:e9:60:7b:1b:0c:fd:6e:44:3d:0e:44:
9c:bd:4d:6c:2f:8b:3f:06:b8:18:43:e8:61:df:be:
65:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A6:65:69:33:30:85:FB:13:FE:A9:E4:42:A0:91:E3:F3:21:14:F9
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/96ZlaTMwhfsT_qnkQqCR4_MhFPk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:85:04:44:d1:60:58:ed:82:7c:cb:d6:bc:71:4a:5b:de:75:
47:5e:09:78:48:bb:0a:6e:71:66:c9:a8:3d:fd:82:7d:ef:da:
d7:25:92:80:ce:6b:68:ec:6a:74:4c:ab:19:0b:3d:13:97:ee:
3f:e0:ac:0b:21:10:4c:84:ea:1f:d9:bf:11:49:fc:b0:19:30:
e7:20:f8:cc:5c:33:2e:c8:30:07:20:c3:29:f1:24:c5:fe:b1:
b7:7d:15:66:c4:88:01:46:27:56:07:eb:ff:18:41:bd:96:fe:
99:11:30:75:ff:31:d5:b5:7c:b4:67:94:e3:ce:33:db:57:85:
76:97:c9:e3:bd:89:14:d8:d0:c1:05:d6:4f:32:03:20:d6:c9:
af:bb:5c:2a:26:67:d5:79:33:42:cb:58:d6:49:88:e4:8b:5a:
e8:e4:de:a2:7c:ca:36:fd:81:0b:18:04:a9:eb:70:69:83:a7:
b4:0c:e4:06:37:c7:3b:55:d2:e7:e7:92:f4:3d:54:ec:0e:75:
9b:81:aa:27:c5:ff:07:05:10:56:f2:c8:39:2f:1d:db:ea:7d:
c9:4d:8e:88:53:41:7f:c5:1f:52:28:c5:63:20:0e:cd:4b:b9:
f4:de:30:e4:0f:d6:2a:73:7d:da:05:d6:3e:ef:54:16:97:21:
55:7c:c8:0d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY3QTY2NTY5MzMzMDg1
RkIxM0ZFQTlFNDQyQTA5MUUzRjMyMTE0RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIa/wUfXR9CPA58y398wFI5BHlsOQkQkv4Uw+3twpk8zj5elPc
dt71enjvfAa6jsVcH/HljeXpNlYzu4BG6jNbqlcPV7YA+EHeoUxnWL8d+M/0tDTH
n9iT3/lhNGxvAEwJYCk7jSrYXpXgHB3BR9Jqjo+GOxnP+Uh61fLew6lgftuRHKw0
DYI5+sIO0nGUwiBe4pOZSaiHhj0zAJ77KIaGl8K998NdmBZ9jcswQVKLybeRwvDR
DFs+SueB+Lu4qBvu7dmf/qf7J9HA4UlDV1oFWOlt8pBcc4AsuO9WYg3mYFMiCdnp
YHsbDP1uRD0ORJy9TWwviz8GuBhD6GHfvmVDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU96ZlaTMwhfsT/qnkQqCR4/MhFPkwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC85NlpsYVRNd2hmc1Rf
cW5rUXFDUjRfTWhGUGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQBvhQRE0WBY7YJ8y9a8cUpb3nVHXgl4
SLsKbnFmyag9/YJ979rXJZKAzmto7Gp0TKsZCz0Tl+4/4KwLIRBMhOof2b8RSfyw
GTDnIPjMXDMuyDAHIMMp8STF/rG3fRVmxIgBRidWB+v/GEG9lv6ZETB1/zHVtXy0
Z5TjzjPbV4V2l8njvYkU2NDBBdZPMgMg1smvu1wqJmfVeTNCy1jWSYjki1ro5N6i
fMo2/YELGASp63Bpg6e0DOQGN8c7VdLn55L0PVTsDnWbgaonxf8HBRBW8sg5Lx3b
6n3JTY6IU0F/xR9SKMVjIA7NS7n03jDkD9Yqc33aBdY+71QWlyFVfMgN
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org