Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/LDwjuSVN5oVNtGz91aTho7ZQBdc.roa
File: LDwjuSVN5oVNtGz91aTho7ZQBdc.roa (raw, json)
Hash identifier: e1CMiW/kxye2j2hZxfDtRk4xHFFtb5wieotdLhPgfEE=
Subject key identifier: 2C:3C:23:B9:25:4D:E6:85:4D:B4:6C:FD:D5:A4:E1:A3:B6:50:05:D7
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08C1
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/LDwjuSVN5oVNtGz91aTho7ZQBdc.roa
Signing time: Sun 07 Feb 2021 12:47:46 +0000
ROA not before: Sun 07 Feb 2021 12:47:46 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 134823
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2241 (0x8c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 12:47:46 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2C3C23B9254DE6854DB46CFDD5A4E1A3B65005D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:49:98:a8:e0:0f:bf:f6:49:36:18:33:4f:
f7:58:60:f2:57:86:1d:d0:aa:d2:a6:53:e1:e5:8c:
d2:34:a2:b1:f2:8c:69:75:40:18:bb:74:46:3c:15:
6a:07:60:12:b8:ba:e5:e8:bf:8d:c9:43:50:11:e0:
ac:48:02:a6:89:4a:d7:52:c7:e5:97:39:2f:79:72:
6e:b3:05:63:86:59:0e:a1:6e:15:e6:23:2f:21:cb:
a5:ba:78:5c:08:d8:82:1b:14:5c:4d:0a:9c:a5:1c:
10:ae:cd:fc:a4:32:c6:b9:89:c7:a7:1b:de:e7:3b:
c2:75:96:1d:46:25:0e:96:72:1e:0f:3a:28:42:54:
58:df:d7:51:1d:9f:09:13:b0:8f:7e:5b:22:d0:80:
ee:aa:5f:55:15:b8:83:58:cc:ae:c1:7e:26:e2:59:
0c:a0:de:f0:ce:19:36:d1:6d:0c:12:98:a2:00:52:
da:b1:d6:f0:ca:0d:1b:37:f9:5c:22:73:65:e6:80:
34:db:2f:04:26:56:ca:e8:31:fb:b0:38:96:15:8c:
de:5d:0b:dc:e2:ec:c7:f2:46:72:2c:17:9a:01:e8:
48:40:19:b7:6c:7c:e1:e4:60:20:d9:e0:80:f2:74:
ab:3c:20:ba:e3:be:b5:91:25:c5:35:26:b6:ea:26:
e0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3C:23:B9:25:4D:E6:85:4D:B4:6C:FD:D5:A4:E1:A3:B6:50:05:D7
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/LDwjuSVN5oVNtGz91aTho7ZQBdc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
29:85:18:36:ff:f9:67:d9:e6:91:ab:0f:32:c9:91:01:7f:f6:
d1:cd:f8:4b:b3:f0:d3:22:b3:a8:ed:c1:2e:fe:15:49:c1:48:
cb:3f:69:11:1b:01:64:8b:fd:ed:61:5f:14:96:3c:92:df:3a:
54:1b:59:09:60:dc:3b:de:ac:e6:4c:10:e0:64:20:8b:63:86:
8d:43:0e:4f:51:9b:00:21:5f:8f:ce:f9:79:f4:56:aa:ac:c7:
49:35:ab:dc:32:bc:52:33:6e:16:21:93:bc:8e:17:1e:64:7c:
b5:f4:a1:7b:ba:38:cd:d8:e6:59:90:6b:22:33:34:87:8a:9c:
05:4a:c2:50:14:a2:08:f6:41:2b:5c:97:43:a7:f5:fb:c7:d2:
be:7d:6b:37:cd:60:12:9f:52:42:89:aa:8f:02:f9:1e:16:6a:
02:61:e8:8c:6e:bb:08:d1:11:6f:2d:92:42:1e:cd:37:d1:58:
b0:ee:43:b8:ae:50:85:2f:0c:71:dd:cf:f3:45:d4:e3:6b:f8:
21:7d:c4:c4:67:e6:93:ae:19:25:fa:9f:98:fc:56:a4:1f:a1:
6d:58:35:a0:98:fb:31:7c:39:cc:b4:d6:97:27:ae:e9:f3:e7:
a4:d9:77:7f:de:b7:aa:bc:5c:ed:ac:73:f7:bd:fb:7a:8a:d6:
d3:1a:e3:da
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcx
MjQ3NDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJDM0MyM0I5MjU0REU2
ODU0REI0NkNGREQ1QTRFMUEzQjY1MDA1RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHRkmYqOAPv/ZJNhgzT/dYYPJXhh3QqtKmU+HljNI0orHyjGl1
QBi7dEY8FWoHYBK4uuXov43JQ1AR4KxIAqaJStdSx+WXOS95cm6zBWOGWQ6hbhXm
Iy8hy6W6eFwI2IIbFFxNCpylHBCuzfykMsa5icenG97nO8J1lh1GJQ6Wch4POihC
VFjf11EdnwkTsI9+WyLQgO6qX1UVuINYzK7BfibiWQyg3vDOGTbRbQwSmKIAUtqx
1vDKDRs3+Vwic2XmgDTbLwQmVsroMfuwOJYVjN5dC9zi7MfyRnIsF5oB6EhAGbds
fOHkYCDZ4IDydKs8ILrjvrWRJcU1JrbqJuC3AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQULDwjuSVN5oVNtGz91aTho7ZQBdcwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9MRHdqdVNWTjVvVk50
R3o5MWFUaG83WlFCZGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAphRg2//ln2eaRqw8yyZEBf/bRzfhL
s/DTIrOo7cEu/hVJwUjLP2kRGwFki/3tYV8UljyS3zpUG1kJYNw73qzmTBDgZCCL
Y4aNQw5PUZsAIV+Pzvl59FaqrMdJNavcMrxSM24WIZO8jhceZHy19KF7ujjN2OZZ
kGsiMzSHipwFSsJQFKII9kErXJdDp/X7x9K+fWs3zWASn1JCiaqPAvkeFmoCYeiM
brsI0RFvLZJCHs030Viw7kO4rlCFLwxx3c/zRdTja/ghfcTEZ+aTrhkl+p+Y/Fak
H6FtWDWgmPsxfDnMtNaXJ67p8+ek2Xd/3reqvFztrHP3vft6itbTGuPa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org