Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/NEWBgAjfGnrpw8ljsOjLBKryidk.roa
File: NEWBgAjfGnrpw8ljsOjLBKryidk.roa (raw, json)
Hash identifier: 1wd17notorvZLt/RU6kLOxVZ6+tVgBVcie3nNacGDwE=
Subject key identifier: 34:45:81:80:08:DF:1A:7A:E9:C3:C9:63:B0:E8:CB:04:AA:F2:89:D9
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B72
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/NEWBgAjfGnrpw8ljsOjLBKryidk.roa
Signing time: Fri 01 Sep 2023 08:56:22 +0000
ROA not before: Fri 01 Sep 2023 08:56:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2403:9340::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2930 (0xb72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3445818008DF1A7AE9C3C963B0E8CB04AAF289D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bd:1f:c0:fe:84:01:bd:c6:09:8a:a1:f3:28:
51:ff:c4:73:6a:e7:43:93:ea:45:6c:ff:05:c8:46:
d7:5c:e3:70:15:0c:ac:74:73:73:d0:f0:72:16:3c:
ca:af:e0:ac:b1:d0:8e:97:e0:84:39:8e:90:b1:90:
55:92:be:6c:df:35:72:3e:b7:8b:04:c9:2e:21:76:
61:b6:bc:5e:bb:ea:9a:6e:49:67:77:4f:90:c6:f9:
fb:ac:7a:b3:26:0e:f8:da:52:10:97:91:18:58:43:
cf:86:8c:6e:cb:94:eb:c9:f7:93:04:7f:f7:28:79:
a2:3d:8a:e3:2b:4a:52:88:91:08:4a:12:59:0a:1e:
34:fa:ff:5c:01:32:26:ee:5d:d4:33:48:0d:bd:d0:
38:e6:9b:8e:9a:f6:11:94:2b:88:70:14:0b:17:ff:
e4:14:c7:af:70:dd:60:31:e4:b7:eb:a3:5a:df:59:
5e:03:a3:e4:43:83:51:44:b1:c6:9e:86:b5:a8:62:
61:79:0c:a7:57:f6:1d:23:84:10:6f:33:0a:3a:53:
32:bc:02:44:6c:ed:68:a2:ec:53:98:16:e1:b4:8b:
7e:06:ee:79:75:d1:ff:23:06:6f:ed:1b:db:14:73:
78:4f:5f:d4:b9:cb:64:1d:cc:9e:32:cd:fb:86:3d:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:45:81:80:08:DF:1A:7A:E9:C3:C9:63:B0:E8:CB:04:AA:F2:89:D9
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/NEWBgAjfGnrpw8ljsOjLBKryidk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/32
Signature Algorithm: sha256WithRSAEncryption
3a:69:1c:5e:f5:ba:e7:82:fa:b1:b4:9e:ed:4e:b3:fd:cc:a5:
d8:b4:ee:14:87:9b:3b:be:19:d6:db:6d:a9:3a:b4:3a:1f:1b:
fd:ff:44:67:37:1d:ab:ed:2b:59:05:c9:10:90:3d:64:d6:64:
59:6f:87:a0:36:ff:0c:6a:d5:6b:42:c2:a7:9c:a3:1c:dc:c2:
f5:03:67:7e:2c:9c:d4:94:5d:ce:82:bc:87:73:92:f4:d1:73:
15:36:99:4c:9c:5d:f4:b7:7e:3d:6a:58:88:21:54:fc:fc:ad:
35:bb:cf:83:d8:97:92:20:63:13:cd:e0:61:22:75:71:8f:d8:
c5:1e:80:dd:06:35:22:12:00:96:b5:0d:92:cb:30:23:b4:cc:
df:bd:db:5e:14:60:5b:87:46:fa:65:d2:51:ed:b8:2a:e0:91:
6b:e5:65:77:f3:8e:11:8f:fe:2c:e0:a2:6f:36:e9:a6:db:5b:
8d:ab:6b:fc:46:6c:50:e9:9f:41:e2:51:eb:97:5e:65:2f:38:
07:bc:45:03:75:d1:72:72:fa:79:88:42:e2:e9:56:b4:e9:21:
9a:43:52:75:6d:47:af:73:3b:2e:0a:48:ac:51:46:d6:ea:a8:
56:9f:01:15:80:dd:8d:a5:7f:ea:28:41:f6:14:bd:19:d1:cf:
01:be:41:32
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICC3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM0NDU4MTgwMDhERjFB
N0FFOUMzQzk2M0IwRThDQjA0QUFGMjg5RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcvR/A/oQBvcYJiqHzKFH/xHNq50OT6kVs/wXIRtdc43AVDKx0
c3PQ8HIWPMqv4Kyx0I6X4IQ5jpCxkFWSvmzfNXI+t4sEyS4hdmG2vF676ppuSWd3
T5DG+fuserMmDvjaUhCXkRhYQ8+GjG7LlOvJ95MEf/coeaI9iuMrSlKIkQhKElkK
HjT6/1wBMibuXdQzSA290Djmm46a9hGUK4hwFAsX/+QUx69w3WAx5Lfro1rfWV4D
o+RDg1FEscaehrWoYmF5DKdX9h0jhBBvMwo6UzK8AkRs7Wii7FOYFuG0i34G7nl1
0f8jBm/tG9sUc3hPX9S5y2QdzJ4yzfuGPToBAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUNEWBgAjfGnrpw8ljsOjLBKryidkwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9ORVdCZ0FqZkducnB3
OGxqc09qTEJLcnlpZGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAOTQDANBgkqhkiG9w0BAQsFAAOCAQEAOmkcXvW654L6sbSe7U6z/cyl2LTu
FIebO74Z1tttqTq0Oh8b/f9EZzcdq+0rWQXJEJA9ZNZkWW+HoDb/DGrVa0LCp5yj
HNzC9QNnfiyc1JRdzoK8h3OS9NFzFTaZTJxd9Ld+PWpYiCFU/PytNbvPg9iXkiBj
E83gYSJ1cY/YxR6A3QY1IhIAlrUNksswI7TM373bXhRgW4dG+mXSUe24KuCRa+Vl
d/OOEY/+LOCibzbppttbjatr/EZsUOmfQeJR65deZS84B7xFA3XRcnL6eYhC4ulW
tOkhmkNSdW1Hr3M7LgpIrFFG1uqoVp8BFYDdjaV/6ihB9hS9GdHPAb5BMg==
-----END CERTIFICATE-----
Generated at Thu Oct 12 08:45:26 2023 by rpki-client on console-ams.rpki-client.org