Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FraymM0bcqoaBCwvQyGCOws8MEA.roa
File: FraymM0bcqoaBCwvQyGCOws8MEA.roa (raw, json)
Hash identifier: VlkIzq1leH8GWbTXDNMDJylPZJl6frDZ2uvAJgqRElY=
Subject key identifier: 16:B6:B2:98:CD:1B:72:AA:1A:04:2C:2F:43:21:82:3B:0B:3C:30:40
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08B9
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FraymM0bcqoaBCwvQyGCOws8MEA.roa
Signing time: Sun 07 Feb 2021 06:01:54 +0000
ROA not before: Sun 07 Feb 2021 06:01:54 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131657
IP address blocks: 103.122.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2233 (0x8b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 06:01:54 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=16B6B298CD1B72AA1A042C2F4321823B0B3C3040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:58:b7:e5:7d:df:6b:a4:30:ee:17:d4:e2:36:
ff:e4:b1:fa:60:57:f0:b6:e5:61:86:78:7c:dd:4d:
25:ad:b0:08:af:c6:f4:90:00:e4:80:74:f4:05:22:
7d:fc:80:04:e6:a2:5b:6a:39:4d:15:f4:71:dd:28:
fb:0b:5a:0f:a6:35:1c:b7:f7:45:11:9c:e2:75:53:
2d:69:ae:1a:65:3a:b1:11:03:e8:75:42:33:b5:cd:
cb:1f:27:81:f4:28:74:91:ee:41:01:f4:5e:52:70:
62:df:50:bb:7e:59:3d:37:ab:06:56:07:59:77:a5:
76:b1:d2:5a:5c:bc:a9:aa:18:b9:c6:32:d7:d5:0b:
06:d5:79:f1:a8:a8:ef:98:35:f0:e4:b0:f6:c3:d4:
e2:ca:c6:72:3e:78:cc:3b:06:ef:22:ac:7f:d7:4f:
79:a2:3d:57:54:6a:e8:fc:d8:aa:0f:90:6c:25:fb:
47:ec:2d:f4:d3:71:69:5d:9e:ad:f4:bd:dd:fc:7e:
db:a0:6b:d4:4a:d6:bc:85:1c:54:4e:4d:4c:6f:55:
a4:fc:a2:2a:2a:14:f4:47:42:7d:ab:b0:d6:1d:00:
1f:e7:72:68:cb:15:fa:54:1b:ac:c8:0d:44:d1:42:
13:36:98:44:53:0e:30:db:47:5d:b1:e4:80:8e:57:
f1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B6:B2:98:CD:1B:72:AA:1A:04:2C:2F:43:21:82:3B:0B:3C:30:40
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/FraymM0bcqoaBCwvQyGCOws8MEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ed:28:17:75:b3:e6:fe:87:b3:76:97:a4:a7:fe:9e:60:e3:
4d:43:0a:ed:69:38:76:b5:34:17:8b:eb:37:89:f1:3b:ce:24:
54:10:b4:be:d9:49:11:d9:de:31:01:20:3f:21:33:cc:32:1a:
f3:c8:98:0a:7c:66:47:cb:12:97:1c:62:92:cb:c7:43:2b:42:
18:6b:20:0e:a2:90:52:07:61:e0:40:b6:22:17:b1:bb:a1:b3:
84:65:ff:25:c3:ea:21:a1:d2:b3:3e:61:e9:7a:06:e4:a9:19:
a8:2b:9f:f1:72:af:b9:d4:6e:06:83:c9:71:ea:4e:78:87:a5:
d5:7b:36:68:fb:0a:ed:1a:46:f7:1a:36:0c:03:d9:78:10:94:
e0:c4:8b:73:58:d8:6b:41:40:90:40:55:41:93:cc:8b:fc:bb:
74:eb:dd:f0:80:8e:66:ee:a9:a7:b9:bc:82:42:53:b0:e8:73:
7a:30:92:4f:58:22:b8:eb:56:5e:65:f2:54:b1:52:93:90:44:
89:54:60:c5:84:f7:29:21:d2:44:7e:46:9d:e6:67:34:49:39:
9f:8a:2e:10:e2:93:e4:79:d3:35:d3:84:fd:ad:3d:06:12:ba:
32:fd:c9:61:dc:af:e0:c9:c1:1b:22:d3:f4:69:d5:50:51:af:
8c:5f:0b:5e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcw
NjAxNTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDE2QjZCMjk4Q0QxQjcy
QUExQTA0MkMyRjQzMjE4MjNCMEIzQzMwNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVWLflfd9rpDDuF9TiNv/ksfpgV/C25WGGeHzdTSWtsAivxvSQ
AOSAdPQFIn38gATmoltqOU0V9HHdKPsLWg+mNRy390URnOJ1Uy1prhplOrERA+h1
QjO1zcsfJ4H0KHSR7kEB9F5ScGLfULt+WT03qwZWB1l3pXax0lpcvKmqGLnGMtfV
CwbVefGoqO+YNfDksPbD1OLKxnI+eMw7Bu8irH/XT3miPVdUauj82KoPkGwl+0fs
LfTTcWldnq30vd38ftuga9RK1ryFHFROTUxvVaT8oioqFPRHQn2rsNYdAB/ncmjL
FfpUG6zIDUTRQhM2mERTDjDbR12x5ICOV/GLAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUFraymM0bcqoaBCwvQyGCOws8MEAwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9GcmF5bU0wYmNxb2FC
Q3d2UXlHQ093czhNRUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQBW7SgXdbPm/oezdpekp/6eYONNQwrt
aTh2tTQXi+s3ifE7ziRUELS+2UkR2d4xASA/ITPMMhrzyJgKfGZHyxKXHGKSy8dD
K0IYayAOopBSB2HgQLYiF7G7obOEZf8lw+ohodKzPmHpegbkqRmoK5/xcq+51G4G
g8lx6k54h6XVezZo+wrtGkb3GjYMA9l4EJTgxItzWNhrQUCQQFVBk8yL/Lt0693w
gI5m7qmnubyCQlOw6HN6MJJPWCK461ZeZfJUsVKTkESJVGDFhPcpIdJEfkad5mc0
STmfii4Q4pPkedM104T9rT0GEroy/clh3K/gycEbItP0adVQUa+MXwte
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org