Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/AOrovcUkMxVNzDTXgttwXrnGurk.roa
File: AOrovcUkMxVNzDTXgttwXrnGurk.roa (raw, json)
Hash identifier: MCSvZTI/fj8wFzVY81axByGDE7fw+kwEyA9vlZPykU4=
Subject key identifier: 00:EA:E8:BD:C5:24:33:15:4D:CC:34:D7:82:DB:70:5E:B9:C6:BA:B9
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B7B
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/AOrovcUkMxVNzDTXgttwXrnGurk.roa
Signing time: Fri 01 Sep 2023 08:56:25 +0000
ROA not before: Fri 01 Sep 2023 08:56:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 20473
IP address blocks: 103.122.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2939 (0xb7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=00EAE8BDC52433154DCC34D782DB705EB9C6BAB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:25:6b:72:95:f7:49:3d:f2:c3:ca:27:1e:12:
60:3b:e6:95:cd:db:0e:7b:dd:f5:2c:29:8c:dd:78:
10:50:7b:ab:37:a5:ef:53:d5:ff:f7:32:9e:42:4e:
64:1f:cd:9a:f9:27:62:1e:00:57:71:6e:dd:8a:9d:
03:16:f3:8d:51:cc:9c:87:71:39:d6:63:12:6d:68:
2f:18:ad:a4:ea:d7:26:b9:40:81:55:54:b4:2b:c9:
0b:de:6c:98:ff:50:77:c1:f3:a9:eb:ad:cd:8d:b4:
41:76:8d:cc:57:17:53:83:71:7c:a0:3b:bc:db:01:
c2:80:5d:67:3a:bc:b7:34:6c:39:cb:0b:33:0d:62:
3b:93:a0:e7:ac:ed:e5:33:8a:ab:c7:c6:e0:44:5a:
1a:c1:58:9a:be:3f:1f:42:64:13:11:7d:0b:8e:4b:
e1:67:94:ea:e7:ad:49:62:3a:94:25:9d:81:e7:19:
0e:47:da:09:30:d6:84:d5:5c:88:8c:c6:72:0d:be:
06:6b:e9:d6:c4:82:38:35:3c:22:b8:b7:59:73:e4:
99:5a:38:eb:0d:d3:98:05:86:90:68:e4:8e:a5:22:
b8:4b:45:48:2c:50:0f:ac:f1:14:5d:15:50:fa:f9:
79:b0:fa:49:ce:fc:68:41:ed:c4:fd:67:ad:d5:59:
1f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EA:E8:BD:C5:24:33:15:4D:CC:34:D7:82:DB:70:5E:B9:C6:BA:B9
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/AOrovcUkMxVNzDTXgttwXrnGurk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
37:8d:cf:82:02:02:23:36:17:0e:79:e1:d5:5e:32:ea:5d:45:
d2:be:37:11:a9:15:01:37:7a:7e:25:d2:83:65:a0:5c:1b:3e:
b2:83:d7:24:64:6e:24:01:99:7c:b8:77:a6:fe:f3:f2:e0:b1:
1d:eb:80:7e:95:86:f7:4a:97:d2:9f:19:3a:7e:e9:77:14:e2:
d8:ba:5e:63:3b:5d:fe:87:78:85:6b:7d:d7:3f:01:1b:99:15:
97:d5:01:f6:3c:81:a6:f2:c7:32:5c:3e:a6:20:11:11:ea:7f:
72:16:c5:d4:10:e8:bf:cb:02:f3:29:24:95:62:c5:18:7d:79:
35:ce:64:90:64:d6:8a:dd:da:1e:b4:ce:85:53:28:04:bc:cf:
e3:9e:28:16:3c:9c:b7:f5:73:50:40:3a:86:22:c8:6b:fc:bf:
18:a5:04:04:9c:67:df:b7:4a:43:39:69:f1:fe:eb:10:13:64:
96:84:f4:ec:db:47:41:61:18:c1:bb:3b:39:ed:b0:a0:a0:8b:
15:52:13:fa:ec:5e:22:c8:5c:b4:5c:c7:31:76:4b:70:85:9a:
2f:67:76:c2:90:98:72:49:60:7e:d8:13:3a:ce:40:7b:62:8c:
61:33:19:bc:2b:b4:0e:10:0a:a0:e6:cb:01:4c:a5:2c:5d:d0:
cd:6e:82:37
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAwRUFFOEJEQzUyNDMz
MTU0RENDMzRENzgyREI3MDVFQjlDNkJBQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVJWtylfdJPfLDyiceEmA75pXN2w573fUsKYzdeBBQe6s3pe9T
1f/3Mp5CTmQfzZr5J2IeAFdxbt2KnQMW841RzJyHcTnWYxJtaC8YraTq1ya5QIFV
VLQryQvebJj/UHfB86nrrc2NtEF2jcxXF1ODcXygO7zbAcKAXWc6vLc0bDnLCzMN
YjuToOes7eUziqvHxuBEWhrBWJq+Px9CZBMRfQuOS+FnlOrnrUliOpQlnYHnGQ5H
2gkw1oTVXIiMxnINvgZr6dbEgjg1PCK4t1lz5JlaOOsN05gFhpBo5I6lIrhLRUgs
UA+s8RRdFVD6+Xmw+knO/GhB7cT9Z63VWR8dAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUAOrovcUkMxVNzDTXgttwXrnGurkwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9BT3JvdmNVa014Vk56
RFRYZ3R0d1hybkd1cmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQA3jc+CAgIjNhcOeeHVXjLqXUXSvjcR
qRUBN3p+JdKDZaBcGz6yg9ckZG4kAZl8uHem/vPy4LEd64B+lYb3SpfSnxk6ful3
FOLYul5jO13+h3iFa33XPwEbmRWX1QH2PIGm8scyXD6mIBER6n9yFsXUEOi/ywLz
KSSVYsUYfXk1zmSQZNaK3doetM6FUygEvM/jnigWPJy39XNQQDqGIshr/L8YpQQE
nGfft0pDOWnx/usQE2SWhPTs20dBYRjBuzs57bCgoIsVUhP67F4iyFy0XMcxdktw
hZovZ3bCkJhySWB+2BM6zkB7YoxhMxm8K7QOEAqg5ssBTKUsXdDNboI3
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:36 2025 by rpki-client