Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/9kj_ZZv_0I1cqBb-tiDY62wuJgs.roa
File: 9kj_ZZv_0I1cqBb-tiDY62wuJgs.roa (raw, json)
Hash identifier: EJNSmCiroESX80HPAGKUVDoeJtQkDVyA/QhDtEGJ+kE=
Subject key identifier: F6:48:FF:65:9B:FF:D0:8D:5C:A8:16:FE:B6:20:D8:EB:6C:2E:26:0B
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08C9
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/9kj_ZZv_0I1cqBb-tiDY62wuJgs.roa
Signing time: Sun 07 Feb 2021 12:58:31 +0000
ROA not before: Sun 07 Feb 2021 12:58:31 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 134823
IP address blocks: 103.122.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2249 (0x8c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 12:58:31 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F648FF659BFFD08D5CA816FEB620D8EB6C2E260B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2b:07:81:25:5e:7b:62:e0:21:fb:41:09:9b:
e2:a9:bf:4f:72:b3:97:f8:7a:d9:96:4e:25:ca:c8:
f8:0a:19:07:f1:35:07:f1:cb:46:c9:50:e2:7f:a1:
dc:86:4e:51:6a:8a:89:90:d8:23:21:05:f9:4b:0a:
2d:6b:fa:b6:96:0b:97:84:f1:de:39:0e:fa:e2:17:
64:7e:db:b9:c0:45:00:b3:a8:8a:ae:eb:06:2c:75:
10:78:70:29:2f:22:8e:29:22:fc:92:c0:d6:40:f4:
c5:40:2c:2c:fe:13:d5:0d:de:54:5e:67:1a:ea:b7:
d8:7b:4f:1d:b2:04:6b:91:fc:75:ac:af:3c:87:39:
22:41:a8:43:8d:f4:e9:ad:70:39:83:7f:52:4e:87:
1a:20:9e:3a:34:da:b4:f3:55:4e:4a:23:f5:98:45:
84:60:77:2f:9d:fc:a0:25:2d:95:34:95:80:64:e8:
d1:8b:78:c7:c3:4b:73:e8:d6:7f:34:bc:17:07:65:
8c:c4:e5:36:f5:0a:43:eb:34:04:b2:be:17:22:df:
d5:df:69:44:10:3f:1c:a5:c9:ff:c4:49:92:f8:6c:
e9:e6:c3:c0:27:f2:4f:51:df:6e:d2:6e:83:28:fb:
71:ba:03:4c:02:8b:8b:ca:40:cf:a9:25:9e:c9:25:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:48:FF:65:9B:FF:D0:8D:5C:A8:16:FE:B6:20:D8:EB:6C:2E:26:0B
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/9kj_ZZv_0I1cqBb-tiDY62wuJgs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.190.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:65:42:d1:ec:07:f3:0d:56:ea:99:89:9d:39:7e:e1:34:8f:
fa:6e:da:42:91:64:35:d0:93:2f:2c:75:ac:99:1f:91:f0:df:
eb:6b:73:5f:84:db:09:44:39:28:47:31:ac:cf:dd:f2:bd:8c:
34:f9:bb:5d:ce:72:ea:f2:bf:2b:13:60:e1:85:3e:8b:3b:32:
98:63:bd:a5:f6:26:b7:ab:f7:7e:ef:f5:73:88:e4:70:a9:bf:
63:df:b7:36:5a:6b:df:10:b4:c6:8d:35:fe:73:45:f7:bf:1e:
1f:2a:35:0a:cb:af:38:46:5d:4f:23:c7:d4:3d:bf:b0:67:3f:
4e:26:af:84:aa:6a:eb:08:3b:5d:b7:26:07:a2:62:d1:ca:53:
d9:21:ad:dd:52:b4:da:84:72:dc:c2:68:cf:88:7e:d3:ee:99:
98:2f:d9:12:dc:79:8b:8e:fb:3b:3b:b4:fc:29:bf:33:42:23:
34:05:16:b0:b9:2c:76:17:84:10:ea:dc:66:e8:b6:db:82:0c:
3d:2d:25:aa:b0:e0:6a:eb:39:c1:50:bb:9d:f7:4c:e8:f6:3e:
f2:90:8f:84:91:e2:87:d3:7f:f8:0a:b5:18:ab:92:29:03:b3:
97:95:b3:1c:3e:9c:08:3b:02:14:16:86:e3:3b:e6:ab:32:36:
78:ab:6d:33
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcx
MjU4MzFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY2NDhGRjY1OUJGRkQw
OEQ1Q0E4MTZGRUI2MjBEOEVCNkMyRTI2MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEKweBJV57YuAh+0EJm+Kpv09ys5f4etmWTiXKyPgKGQfxNQfx
y0bJUOJ/odyGTlFqiomQ2CMhBflLCi1r+raWC5eE8d45DvriF2R+27nARQCzqIqu
6wYsdRB4cCkvIo4pIvySwNZA9MVALCz+E9UN3lReZxrqt9h7Tx2yBGuR/HWsrzyH
OSJBqEON9OmtcDmDf1JOhxognjo02rTzVU5KI/WYRYRgdy+d/KAlLZU0lYBk6NGL
eMfDS3Po1n80vBcHZYzE5Tb1CkPrNASyvhci39XfaUQQPxylyf/ESZL4bOnmw8An
8k9R327SboMo+3G6A0wCi4vKQM+pJZ7JJTznAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU9kj/ZZv/0I1cqBb+tiDY62wuJgswHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC85a2pfWlp2XzBJMWNx
QmItdGlEWTYyd3VKZ3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q+MA0GCSqGSIb3DQEBCwUAA4IBAQBqZULR7AfzDVbqmYmdOX7hNI/6btpC
kWQ10JMvLHWsmR+R8N/ra3NfhNsJRDkoRzGsz93yvYw0+btdznLq8r8rE2DhhT6L
OzKYY72l9ia3q/d+7/VziORwqb9j37c2WmvfELTGjTX+c0X3vx4fKjUKy684Rl1P
I8fUPb+wZz9OJq+EqmrrCDtdtyYHomLRylPZIa3dUrTahHLcwmjPiH7T7pmYL9kS
3HmLjvs7O7T8Kb8zQiM0BRawuSx2F4QQ6txm6Lbbggw9LSWqsOBq6znBULud90zo
9j7ykI+EkeKH03/4CrUYq5IpA7OXlbMcPpwIOwIUFobjO+arMjZ4q20z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:21:53 2025 by rpki-client