Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/UJFS1-t3nWkJZ4VvVKN7FCbcCJ4.roa
File: UJFS1-t3nWkJZ4VvVKN7FCbcCJ4.roa (raw, json)
Hash identifier: Im0+HAIYbqO2sXbHbpo1nVB+tgHhYEic1cxBe5xGL/A=
Subject key identifier: 50:91:52:D7:EB:77:9D:69:09:67:85:6F:54:A3:7B:14:26:DC:08:9E
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B73
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/UJFS1-t3nWkJZ4VvVKN7FCbcCJ4.roa
Signing time: Fri 01 Sep 2023 08:56:23 +0000
ROA not before: Fri 01 Sep 2023 08:56:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 103.122.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2931 (0xb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=509152D7EB779D690967856F54A37B1426DC089E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:55:d5:34:61:a2:8a:66:9b:d5:79:6c:fc:f8:
f9:8b:09:b0:8e:52:72:82:2c:03:4a:9c:f3:30:ac:
be:e2:29:be:18:e7:e2:c7:36:9a:e0:8c:30:bc:00:
b8:c2:32:9f:8e:64:9d:a3:91:7f:0f:75:5e:86:15:
4e:30:4b:3e:c8:79:2b:28:54:c0:c7:7d:48:35:90:
ba:8e:f2:65:a5:d2:34:1c:05:40:e9:e1:c1:6a:4a:
57:d1:33:e9:88:d6:32:ea:ea:1c:8b:17:d8:d4:7c:
83:96:b3:23:d3:82:69:5b:68:e6:4b:1f:21:e3:f0:
5e:9f:b3:58:4c:e1:88:ba:a7:7c:d7:49:fb:29:07:
09:a5:51:3c:68:e2:0f:aa:73:f4:fb:93:6c:fe:9e:
16:c0:f8:98:00:36:45:bf:b1:06:45:3d:3d:e7:14:
90:03:4a:07:63:76:43:a1:16:8c:cd:7c:2b:df:7e:
c7:0e:18:b2:b2:13:a9:c7:81:dc:00:95:14:21:f2:
61:e0:b4:82:b2:e9:4b:3d:c8:8f:50:18:90:a2:8a:
bd:e4:7b:02:25:63:e7:0c:74:38:63:0d:ca:84:d4:
50:a9:eb:25:e3:36:a5:d0:76:3a:3a:a7:28:d4:31:
12:18:5c:29:a7:04:66:01:65:0e:f6:92:38:dd:c3:
6e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:91:52:D7:EB:77:9D:69:09:67:85:6F:54:A3:7B:14:26:DC:08:9E
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/UJFS1-t3nWkJZ4VvVKN7FCbcCJ4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.190.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f0:29:2e:12:6f:cc:d6:66:f8:5f:dd:71:cf:ed:60:64:ec:
52:aa:19:17:8b:f9:e4:85:cf:ae:66:1f:f5:90:21:36:90:0a:
fb:97:e4:c9:51:fb:d2:5c:95:46:bc:80:8c:98:f4:3a:4f:6d:
e7:b0:ee:5e:b8:25:3d:38:6d:94:4f:6e:1a:d1:74:48:a8:e9:
4f:ec:4b:e4:1e:15:2e:cb:11:0f:40:5a:59:cb:4c:31:aa:08:
73:ac:1d:0f:3f:bc:19:f4:b3:90:00:25:9d:85:a1:9a:ab:da:
f6:b6:3e:17:07:4b:5f:d9:54:63:c0:fb:29:2b:b3:a7:1b:e0:
e1:e0:4e:ca:2c:17:22:07:4a:70:a6:8f:bf:d0:08:fd:05:19:
d7:30:41:a4:9e:48:d5:18:c6:e9:f7:a3:44:31:99:9f:bb:86:
4e:ca:f0:bd:d3:d1:09:fc:6a:12:9c:06:27:0d:af:a0:33:fe:
42:6a:58:47:db:ca:7a:d6:b7:72:af:de:c8:14:7a:2e:36:20:
fd:50:58:e0:82:31:15:4a:3b:2c:c1:11:28:54:db:a1:3e:18:
7a:5c:dd:50:63:71:57:33:e4:ff:24:ed:74:ec:dd:c3:2a:02:
9f:08:e4:29:20:b5:82:2a:0c:29:05:04:51:14:98:50:31:63:
51:a2:e8:4e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUwOTE1MkQ3RUI3NzlE
NjkwOTY3ODU2RjU0QTM3QjE0MjZEQzA4OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdVdU0YaKKZpvVeWz8+PmLCbCOUnKCLANKnPMwrL7iKb4Y5+LH
NprgjDC8ALjCMp+OZJ2jkX8PdV6GFU4wSz7IeSsoVMDHfUg1kLqO8mWl0jQcBUDp
4cFqSlfRM+mI1jLq6hyLF9jUfIOWsyPTgmlbaOZLHyHj8F6fs1hM4Yi6p3zXSfsp
BwmlUTxo4g+qc/T7k2z+nhbA+JgANkW/sQZFPT3nFJADSgdjdkOhFozNfCvffscO
GLKyE6nHgdwAlRQh8mHgtIKy6Us9yI9QGJCiir3kewIlY+cMdDhjDcqE1FCp6yXj
NqXQdjo6pyjUMRIYXCmnBGYBZQ72kjjdw267AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUUJFS1+t3nWkJZ4VvVKN7FCbcCJ4wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9VSkZTMS10M25Xa0pa
NFZ2VktON0ZDYmNDSjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q+MA0GCSqGSIb3DQEBCwUAA4IBAQBB8CkuEm/M1mb4X91xz+1gZOxSqhkX
i/nkhc+uZh/1kCE2kAr7l+TJUfvSXJVGvICMmPQ6T23nsO5euCU9OG2UT24a0XRI
qOlP7EvkHhUuyxEPQFpZy0wxqghzrB0PP7wZ9LOQACWdhaGaq9r2tj4XB0tf2VRj
wPspK7OnG+Dh4E7KLBciB0pwpo+/0Aj9BRnXMEGknkjVGMbp96NEMZmfu4ZOyvC9
09EJ/GoSnAYnDa+gM/5CalhH28p61rdyr97IFHouNiD9UFjggjEVSjsswREoVNuh
Phh6XN1QY3FXM+T/JO107N3DKgKfCOQpILWCKgwpBQRRFJhQMWNRouhO
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org