Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/RYHXYk7m1fGBq3lys515oZg5kuU.roa
File: RYHXYk7m1fGBq3lys515oZg5kuU.roa (raw, json)
Hash identifier: TJ8c3eo3+zlKvG9bDqO745y+0McrMhX5fZEbdIR6LBA=
Subject key identifier: 45:81:D7:62:4E:E6:D5:F1:81:AB:79:72:B3:9D:79:A1:98:39:92:E5
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0970
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/RYHXYk7m1fGBq3lys515oZg5kuU.roa
Signing time: Wed 29 Sep 2021 02:50:28 +0000
ROA not before: Wed 29 Sep 2021 02:50:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 134823
IP address blocks: 103.122.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2416 (0x970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4581D7624EE6D5F181AB7972B39D79A1983992E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2b:22:f0:0e:97:fb:a9:e8:07:b2:c3:24:a1:
79:72:fb:e8:c1:05:6c:61:40:5d:bb:cc:c6:4e:4a:
4a:16:2a:1b:c0:54:be:bc:30:12:c8:b9:a0:e7:8c:
15:0a:85:8c:b4:63:5c:05:01:0d:7f:32:13:1a:a8:
84:92:e9:78:0b:b6:4d:d5:52:02:59:21:c6:7d:46:
f5:df:f4:5a:94:ad:07:1e:66:d3:f7:e1:25:c3:15:
83:2a:22:03:5a:40:dd:2f:7c:d2:b9:e6:24:7d:48:
dc:ce:78:af:1a:ff:1f:ee:3f:20:3b:9a:0a:5f:aa:
a7:36:9a:63:83:b8:c3:45:28:09:3a:07:38:d8:d0:
5f:af:c9:d3:83:30:83:0e:df:60:30:cb:f0:03:83:
c4:3a:d5:f3:c4:e5:ab:49:bc:9a:23:c7:5d:28:6c:
b5:57:cb:d8:10:96:39:25:3b:e5:ba:65:ce:48:57:
88:3b:bd:8b:26:15:c6:18:94:7a:f8:51:d6:5a:67:
75:99:af:93:74:3c:df:13:8d:c0:53:83:27:07:2d:
42:4b:b1:37:c4:95:da:44:d7:ed:50:32:d6:a1:a0:
04:44:7e:ff:76:4e:d1:21:4c:81:7a:ad:1c:1d:ac:
36:16:f0:62:50:23:9e:6d:44:61:d1:05:42:65:86:
23:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:81:D7:62:4E:E6:D5:F1:81:AB:79:72:B3:9D:79:A1:98:39:92:E5
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/RYHXYk7m1fGBq3lys515oZg5kuU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a4:bd:4a:c9:15:e8:5d:68:ec:8b:11:60:cb:2b:1a:c9:7f:
46:f1:e7:c6:b9:28:11:53:a8:fa:01:e2:47:87:4e:be:c1:9a:
75:4f:a4:4a:77:c9:09:71:5d:92:fe:08:c2:12:ce:0d:56:ec:
a1:f5:a4:25:ae:d6:f5:96:de:cc:ca:d0:1d:e6:cd:75:4a:8f:
88:8c:d1:7e:0c:a1:70:19:c8:30:e6:f2:a1:da:89:f0:d2:f1:
e4:36:91:04:17:77:b0:7e:e4:01:db:74:f6:9d:77:54:c6:cd:
36:51:c2:88:44:99:d1:6e:00:ce:ba:4b:22:59:bf:7d:03:d9:
7e:e6:fd:d9:72:c3:03:b6:10:1c:02:75:fc:cc:77:20:69:f7:
af:6e:26:b2:9b:77:b7:3f:75:df:c5:e9:b8:07:ab:8f:75:2e:
c3:a2:91:53:b8:6b:bc:cd:83:cb:30:c8:89:23:d5:3c:7a:8d:
cc:55:12:81:51:b8:7e:61:f6:6e:6b:f3:f5:d1:67:96:23:7d:
c1:2b:4a:1f:b0:76:2c:c1:25:80:21:23:36:15:48:2e:ef:d8:
6d:37:56:49:62:c2:48:fe:f7:1d:6e:01:1b:24:47:1b:3d:f1:
53:25:c5:20:41:bf:f5:d2:cb:42:2f:b5:e3:bd:4e:25:7b:a5:
10:69:ca:1e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ1ODFENzYyNEVFNkQ1
RjE4MUFCNzk3MkIzOUQ3OUExOTgzOTkyRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/KyLwDpf7qegHssMkoXly++jBBWxhQF27zMZOSkoWKhvAVL68
MBLIuaDnjBUKhYy0Y1wFAQ1/MhMaqISS6XgLtk3VUgJZIcZ9RvXf9FqUrQceZtP3
4SXDFYMqIgNaQN0vfNK55iR9SNzOeK8a/x/uPyA7mgpfqqc2mmODuMNFKAk6BzjY
0F+vydODMIMO32Awy/ADg8Q61fPE5atJvJojx10obLVXy9gQljklO+W6Zc5IV4g7
vYsmFcYYlHr4UdZaZ3WZr5N0PN8TjcBTgycHLUJLsTfEldpE1+1QMtahoAREfv92
TtEhTIF6rRwdrDYW8GJQI55tRGHRBUJlhiMpAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQURYHXYk7m1fGBq3lys515oZg5kuUwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9SWUhYWWs3bTFmR0Jx
M2x5czUxNW9aZzVrdVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q9MA0GCSqGSIb3DQEBCwUAA4IBAQAapL1KyRXoXWjsixFgyysayX9G8efG
uSgRU6j6AeJHh06+wZp1T6RKd8kJcV2S/gjCEs4NVuyh9aQlrtb1lt7MytAd5s11
So+IjNF+DKFwGcgw5vKh2onw0vHkNpEEF3ewfuQB23T2nXdUxs02UcKIRJnRbgDO
uksiWb99A9l+5v3ZcsMDthAcAnX8zHcgafevbiaym3e3P3Xfxem4B6uPdS7DopFT
uGu8zYPLMMiJI9U8eo3MVRKBUbh+YfZua/P10WeWI33BK0ofsHYswSWAISM2FUgu
79htN1ZJYsJI/vcdbgEbJEcbPfFTJcUgQb/10stCL7XjvU4le6UQacoe
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org