Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/U-L3hafyTAe5Gvgk43x1etdF1ZQ.roa
File: U-L3hafyTAe5Gvgk43x1etdF1ZQ.roa (raw, json)
Hash identifier: 28jowRuen6RXHLZfaHEMHWHG8PeLkd74bvDsGsMSqwE=
Subject key identifier: 53:E2:F7:85:A7:F2:4C:07:B9:1A:F8:24:E3:7C:75:7A:D7:45:D5:94
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/U-L3hafyTAe5Gvgk43x1etdF1ZQ.roa
Signing time: Thu 15 Sep 2022 02:47:52 +0000
ROA not before: Thu 15 Sep 2022 02:47:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 103.122.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 15 02:47:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=53E2F785A7F24C07B91AF824E37C757AD745D594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f6:c2:e7:0c:8d:de:fc:91:ef:5f:f7:e1:66:
4f:1a:13:d6:2a:93:f5:5d:30:97:c3:b2:4b:e2:8a:
cb:7b:1c:75:09:1b:70:4b:a1:b6:af:33:60:b5:8b:
ec:f8:fd:1a:dd:8a:e4:c1:cf:3d:03:d2:49:e6:c3:
84:b8:78:c2:85:b5:eb:af:95:23:89:6c:01:09:e8:
6d:e3:cf:44:13:93:8f:23:e2:42:65:b0:83:35:42:
87:7a:0c:cd:66:4c:f5:f1:d4:df:10:59:5f:b6:a9:
c8:3e:b2:dd:b9:0c:2e:0f:b7:0b:ef:f4:21:a4:61:
86:18:0e:11:8f:b5:61:75:cb:86:06:5d:59:4a:f5:
f1:e7:53:0c:73:94:73:4d:42:33:be:33:92:47:cf:
8d:21:51:55:cc:c6:51:10:01:57:c8:f7:5f:34:0a:
8d:16:88:8c:5c:95:09:55:95:eb:3b:2b:11:e8:f5:
c4:8e:bd:5a:71:87:d6:1a:31:22:d3:a3:b3:db:73:
32:18:e1:65:70:ec:52:4e:97:1b:69:27:1d:1f:44:
b6:45:8f:a2:c9:93:06:87:c5:6c:78:20:97:cd:3c:
07:68:a9:72:97:ed:0b:8e:e4:cd:86:13:aa:3f:fb:
7c:d1:67:c1:8c:db:7a:d3:fc:d5:fd:4d:14:9e:b2:
a1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E2:F7:85:A7:F2:4C:07:B9:1A:F8:24:E3:7C:75:7A:D7:45:D5:94
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/U-L3hafyTAe5Gvgk43x1etdF1ZQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
25:62:1f:81:2d:86:47:4c:a3:72:b7:35:c7:78:b0:ad:71:ea:
55:29:1f:fc:54:f8:f2:5f:02:57:7f:58:3c:da:ba:9c:db:47:
6a:02:1d:23:a5:56:8b:94:5c:71:67:e1:0a:4a:bf:16:54:ab:
fb:56:33:08:70:75:74:0c:30:d1:8c:a0:ed:85:4f:d5:8e:13:
e7:d3:ec:e3:50:07:da:0f:ec:59:1c:8d:aa:57:b9:92:7e:ec:
d0:33:a9:3c:e9:fc:22:3b:0d:aa:6d:81:2f:0f:61:5d:2e:56:
60:f0:df:b3:3d:b9:b8:3f:e6:cd:b1:1a:89:a8:5b:15:0b:8d:
53:ae:2f:02:dd:e7:45:f5:f4:43:48:1e:31:60:42:b3:fd:70:
0d:87:30:26:3f:17:72:fc:46:81:23:2e:b2:78:25:b9:a8:79:
78:c0:54:10:3a:e4:b4:c7:9f:7d:a9:6f:cc:64:d2:40:33:c9:
e4:01:56:23:86:da:4f:7a:4f:58:0c:fa:57:dd:e1:2f:f4:ad:
44:8a:66:6a:66:ae:1d:89:7d:6a:69:f3:48:2f:ac:8a:12:a1:
b2:ed:58:a2:2d:8a:a2:7c:35:c8:ff:eb:86:75:02:44:c3:5f:
fa:b3:58:d0:47:66:41:ac:5e:37:85:2b:b5:07:41:81:03:1b:
1d:4c:34:7c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUzRTJGNzg1QTdGMjRD
MDdCOTFBRjgyNEUzN0M3NTdBRDc0NUQ1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB9sLnDI3e/JHvX/fhZk8aE9Yqk/VdMJfDskviist7HHUJG3BL
obavM2C1i+z4/RrdiuTBzz0D0knmw4S4eMKFteuvlSOJbAEJ6G3jz0QTk48j4kJl
sIM1Qod6DM1mTPXx1N8QWV+2qcg+st25DC4Ptwvv9CGkYYYYDhGPtWF1y4YGXVlK
9fHnUwxzlHNNQjO+M5JHz40hUVXMxlEQAVfI9180Co0WiIxclQlVles7KxHo9cSO
vVpxh9YaMSLTo7PbczIY4WVw7FJOlxtpJx0fRLZFj6LJkwaHxWx4IJfNPAdoqXKX
7QuO5M2GE6o/+3zRZ8GM23rT/NX9TRSesqHpAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUU+L3hafyTAe5Gvgk43x1etdF1ZQwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9VLUwzaGFmeVRBZTVH
dmdrNDN4MWV0ZEYxWlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQAlYh+BLYZHTKNytzXHeLCtcepVKR/8
VPjyXwJXf1g82rqc20dqAh0jpVaLlFxxZ+EKSr8WVKv7VjMIcHV0DDDRjKDthU/V
jhPn0+zjUAfaD+xZHI2qV7mSfuzQM6k86fwiOw2qbYEvD2FdLlZg8N+zPbm4P+bN
sRqJqFsVC41Tri8C3edF9fRDSB4xYEKz/XANhzAmPxdy/EaBIy6yeCW5qHl4wFQQ
OuS0x599qW/MZNJAM8nkAVYjhtpPek9YDPpX3eEv9K1EimZqZq4diX1qafNIL6yK
EqGy7ViiLYqifDXI/+uGdQJEw1/6s1jQR2ZBrF43hSu1B0GBAxsdTDR8
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org