Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FBVsBYERylfcwLO9jCt9LdK_9zk.roa
File: FBVsBYERylfcwLO9jCt9LdK_9zk.roa (raw, json)
Hash identifier: mYwmHJs6MwpZvavKmONxaBNP1/OmtN3ew2/us6/O+ZU=
Subject key identifier: 14:15:6C:05:81:11:CA:57:DC:C0:B3:BD:8C:2B:7D:2D:D2:BF:F7:39
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08BB
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FBVsBYERylfcwLO9jCt9LdK_9zk.roa
Signing time: Sun 07 Feb 2021 06:02:46 +0000
ROA not before: Sun 07 Feb 2021 06:02:46 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131657
IP address blocks: 103.122.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2235 (0x8bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 06:02:46 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=14156C058111CA57DCC0B3BD8C2B7D2DD2BFF739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:97:45:38:2c:09:9c:f9:d2:96:25:8f:36:
d1:67:6c:92:78:ce:f3:9a:65:90:4e:22:7a:80:7c:
3c:50:ac:f5:dd:11:42:01:a8:5b:3b:9d:5e:1c:eb:
db:68:62:ef:65:5b:12:e4:be:a6:ed:a0:79:a0:ef:
dc:97:24:7a:32:7c:a5:11:44:e5:ca:fd:c8:af:fc:
ab:65:6b:ea:1c:9d:fa:4c:a6:fc:c2:01:ca:31:45:
b2:bf:a3:fb:22:b3:7d:e2:54:1a:69:a8:bc:ec:bd:
70:8a:50:08:d0:b3:3e:08:07:67:46:57:5b:86:cf:
15:21:cb:68:37:93:e4:c5:7c:67:3a:bf:d0:93:27:
88:49:f8:05:89:39:eb:06:64:ee:7a:a6:53:ee:53:
84:cc:f0:93:96:a2:a9:a2:ad:36:22:3b:6c:f3:91:
b7:c9:36:6b:79:d3:2e:55:e4:aa:57:c8:8e:7b:77:
ca:8c:85:d7:4a:68:37:bd:b2:4b:9a:5b:26:c7:93:
3a:57:47:fc:d6:ce:10:54:b4:c9:74:00:87:5c:3b:
04:51:d0:be:17:1b:b7:b7:cb:9d:bc:18:6e:ff:03:
4b:3c:82:5a:eb:ee:83:44:78:d9:9a:da:07:4c:36:
15:1e:ce:df:40:f8:f7:e0:6e:ab:c9:ff:10:0c:f5:
17:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:15:6C:05:81:11:CA:57:DC:C0:B3:BD:8C:2B:7D:2D:D2:BF:F7:39
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FBVsBYERylfcwLO9jCt9LdK_9zk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.189.0/24
Signature Algorithm: sha256WithRSAEncryption
36:77:c6:af:35:94:9e:eb:bd:a2:bf:a0:6c:56:f3:aa:0f:e4:
d9:23:6b:1d:35:11:ad:ca:2e:3d:30:8f:fa:65:75:cb:7b:8f:
94:27:ff:fd:a4:73:eb:eb:d7:be:28:73:08:99:3c:ec:fc:68:
78:55:4b:ba:1a:f4:9e:3a:8b:75:02:57:f8:40:2b:dc:65:2a:
3b:be:3a:09:4d:c4:66:b3:6d:c4:9c:9f:a1:c2:fa:62:61:ac:
13:a0:92:79:90:d4:cf:f8:49:57:21:76:88:ea:40:56:36:ff:
f5:f5:4e:b5:99:f6:39:31:28:20:29:ce:1f:64:32:5e:b2:b1:
00:8f:d4:46:e6:3b:f7:71:e3:e8:c9:5c:a3:39:6d:54:fa:2a:
7e:4c:4a:6b:24:31:da:c5:5b:d6:54:9a:89:43:0d:54:cd:4f:
d6:ff:de:ba:5d:c1:6f:40:f3:cc:cf:14:30:45:c1:4d:13:cc:
c1:58:36:e8:b9:7c:d5:31:c8:f8:48:f4:04:92:7c:f2:56:21:
8a:4f:34:27:94:ce:3d:f0:2f:b7:75:b0:8c:ef:eb:77:30:92:
5c:9a:5f:69:85:f0:3b:39:35:de:48:e2:f4:9b:05:c4:cb:55:
f2:99:33:e0:9f:b7:5a:6a:4c:96:0b:36:56:7d:b2:c5:a6:a7:
a1:83:34:b5
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCLswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcw
NjAyNDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE0MTU2QzA1ODExMUNB
NTdEQ0MwQjNCRDhDMkI3RDJERDJCRkY3MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSi5dFOCwJnPnSliWPNtFnbJJ4zvOaZZBOInqAfDxQrPXdEUIB
qFs7nV4c69toYu9lWxLkvqbtoHmg79yXJHoyfKURROXK/civ/Ktla+ocnfpMpvzC
AcoxRbK/o/sis33iVBppqLzsvXCKUAjQsz4IB2dGV1uGzxUhy2g3k+TFfGc6v9CT
J4hJ+AWJOesGZO56plPuU4TM8JOWoqmirTYiO2zzkbfJNmt50y5V5KpXyI57d8qM
hddKaDe9skuaWybHkzpXR/zWzhBUtMl0AIdcOwRR0L4XG7e3y528GG7/A0s8glrr
7oNEeNma2gdMNhUezt9A+PfgbqvJ/xAM9RddAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUFBVsBYERylfcwLO9jCt9LdK/9zkwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9GQlZzQllFUnlsZmN3
TE85akN0OUxkS185emsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q9MA0GCSqGSIb3DQEBCwUAA4IBAQA2d8avNZSe672iv6BsVvOqD+TZI2sd
NRGtyi49MI/6ZXXLe4+UJ//9pHPr69e+KHMImTzs/Gh4VUu6GvSeOot1Alf4QCvc
ZSo7vjoJTcRms23EnJ+hwvpiYawToJJ5kNTP+ElXIXaI6kBWNv/19U61mfY5MSgg
Kc4fZDJesrEAj9RG5jv3cePoyVyjOW1U+ip+TEprJDHaxVvWVJqJQw1UzU/W/966
XcFvQPPMzxQwRcFNE8zBWDbouXzVMcj4SPQEknzyViGKTzQnlM498C+3dbCM7+t3
MJJcml9phfA7OTXeSOL0mwXEy1XymTPgn7daakyWCzZWfbLFpqehgzS1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org