Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Dg1_oOtFiXldCliDDOlGY02NtYQ.roa
File: Dg1_oOtFiXldCliDDOlGY02NtYQ.roa (raw, json)
Hash identifier: yPrASttLIRiERlog/WljW/zOm+yZL9HqMNSxYcSUKPs=
Subject key identifier: 0E:0D:7F:A0:EB:45:89:79:5D:0A:58:83:0C:E9:46:63:4D:8D:B5:84
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08C7
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Dg1_oOtFiXldCliDDOlGY02NtYQ.roa
Signing time: Sun 07 Feb 2021 12:58:30 +0000
ROA not before: Sun 07 Feb 2021 12:58:30 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 134823
IP address blocks: 103.122.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2247 (0x8c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 12:58:30 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=0E0D7FA0EB4589795D0A58830CE946634D8DB584
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:db:0d:05:00:5a:27:b2:e3:68:47:79:b5:
1a:0b:41:6b:d0:8d:61:4e:c1:fd:95:e5:45:28:81:
4d:ac:6b:b8:02:54:97:11:13:7e:5e:40:11:5a:5d:
2f:a8:d8:fe:be:01:0d:c3:dc:37:3d:de:33:c1:3f:
7d:b9:30:a6:b0:1c:1e:8b:0f:2e:4d:f2:9d:28:02:
f3:fc:be:0d:58:95:fe:67:d3:c2:72:a9:27:37:02:
c9:d3:a3:bc:5a:30:4c:42:c2:21:e9:cd:96:5b:94:
e4:a9:ae:c3:a4:50:7b:eb:ec:a4:3d:15:d1:59:bd:
f8:f2:d3:d7:19:33:98:f9:a8:5c:38:9e:50:52:54:
7c:f2:db:24:8b:54:45:ce:a3:45:0a:01:b7:ea:16:
e2:f9:eb:fb:b2:eb:ba:cb:fd:78:41:58:ba:a0:ab:
c6:9a:9d:45:16:20:b7:a4:21:e2:47:67:ed:73:fd:
2e:fc:df:5f:41:4f:01:57:55:0e:92:50:0a:d7:cd:
c7:a7:54:90:0e:0e:70:f0:b1:e0:c4:c4:e6:ad:e0:
17:3d:8b:3d:0b:b4:64:40:1f:e4:88:20:03:7e:c7:
d1:86:85:32:20:a7:a4:ba:a5:ba:9a:2f:f6:19:b1:
0e:ba:18:f0:f4:10:52:f2:0e:41:92:26:e3:39:35:
b1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0D:7F:A0:EB:45:89:79:5D:0A:58:83:0C:E9:46:63:4D:8D:B5:84
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/Dg1_oOtFiXldCliDDOlGY02NtYQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.189.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9d:32:07:b2:1c:79:25:d0:38:57:2d:a4:6e:a5:3f:ba:f3:
0c:8b:ac:22:30:5a:2a:87:8a:2b:34:4b:c2:33:d4:f5:c5:37:
f2:7c:a0:5f:40:28:63:b1:98:d8:ee:6b:ff:30:60:1b:66:fb:
b1:1f:f6:97:80:9c:22:c9:ec:2f:e6:1b:ed:59:db:ef:d0:7f:
c2:16:8e:29:ed:09:2d:77:b0:6c:a2:d6:ba:1b:d4:e3:bf:7e:
46:d4:5b:c2:2b:68:58:45:c7:8f:76:1d:bf:fe:5e:e4:19:d3:
7d:6b:1c:71:49:74:08:9c:ae:2e:10:6a:09:12:63:fd:e6:ab:
67:1c:b8:6e:ec:cc:d4:0d:2a:c5:94:33:ed:60:9e:91:30:36:
cf:03:cf:42:3a:17:08:fd:df:04:9f:a2:2a:1b:d6:c0:fc:8e:
19:1e:af:d5:da:4b:bc:0a:ba:3d:c8:a2:95:2d:51:89:d7:19:
2f:01:01:50:a5:b2:e1:43:b1:8c:f2:12:cf:00:88:ad:8f:e6:
eb:f3:f4:e5:c9:ef:c9:fe:d1:6e:66:57:62:3b:ee:17:50:57:
21:22:8b:24:da:60:3f:b8:f3:5f:63:f3:3d:d2:07:60:05:a2:
71:05:72:97:ca:15:d3:63:8c:1d:b3:fd:93:dd:24:41:23:4d:
6b:15:37:98
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcx
MjU4MzBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDBFMEQ3RkEwRUI0NTg5
Nzk1RDBBNTg4MzBDRTk0NjYzNEQ4REI1ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVkdsNBQBaJ7LjaEd5tRoLQWvQjWFOwf2V5UUogU2sa7gCVJcR
E35eQBFaXS+o2P6+AQ3D3Dc93jPBP325MKawHB6LDy5N8p0oAvP8vg1Ylf5n08Jy
qSc3AsnTo7xaMExCwiHpzZZblOSprsOkUHvr7KQ9FdFZvfjy09cZM5j5qFw4nlBS
VHzy2ySLVEXOo0UKAbfqFuL56/uy67rL/XhBWLqgq8aanUUWILekIeJHZ+1z/S78
319BTwFXVQ6SUArXzcenVJAODnDwseDExOat4Bc9iz0LtGRAH+SIIAN+x9GGhTIg
p6S6pbqaL/YZsQ66GPD0EFLyDkGSJuM5NbFBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUDg1/oOtFiXldCliDDOlGY02NtYQwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9EZzFfb090RmlYbGRD
bGlERE9sR1kwMk50WVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q9MA0GCSqGSIb3DQEBCwUAA4IBAQBxnTIHshx5JdA4Vy2kbqU/uvMMi6wi
MFoqh4orNEvCM9T1xTfyfKBfQChjsZjY7mv/MGAbZvuxH/aXgJwiyewv5hvtWdvv
0H/CFo4p7Qktd7Bsota6G9Tjv35G1FvCK2hYRcePdh2//l7kGdN9axxxSXQInK4u
EGoJEmP95qtnHLhu7MzUDSrFlDPtYJ6RMDbPA89COhcI/d8En6IqG9bA/I4ZHq/V
2ku8Cro9yKKVLVGJ1xkvAQFQpbLhQ7GM8hLPAIitj+br8/Tlye/J/tFuZldiO+4X
UFchIosk2mA/uPNfY/M90gdgBaJxBXKXyhXTY4wds/2T3SRBI01rFTeY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org