Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ZLfh_F1NzsBCh-Xwch8JEYyCZEA.roa
File: ZLfh_F1NzsBCh-Xwch8JEYyCZEA.roa (raw, json)
Hash identifier: YVgRaDKUmBSSa16sdHjDYGvXHrUVmr2EtaHMDOKqRgM=
Subject key identifier: 64:B7:E1:FC:5D:4D:CE:C0:42:87:E5:F0:72:1F:09:11:8C:82:64:40
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ZLfh_F1NzsBCh-Xwch8JEYyCZEA.roa
Signing time: Thu 15 Sep 2022 02:47:54 +0000
ROA not before: Thu 15 Sep 2022 02:47:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 103.122.189.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 15 02:47:54 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=64B7E1FC5D4DCEC04287E5F0721F09118C826440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c1:8a:87:39:bf:ee:d5:d6:fc:85:bf:20:38:
b3:88:49:80:67:23:52:29:d9:6b:45:4a:b5:fc:4d:
cc:e8:cc:7d:33:2b:57:bf:c5:2c:3b:96:b8:17:4e:
60:40:d9:a5:83:94:a1:81:d8:7e:27:c1:25:26:90:
b8:af:7b:92:38:d5:9d:03:6f:a2:d6:59:13:01:b1:
ed:12:99:61:2c:44:42:e4:17:7e:ce:8c:48:da:0e:
1a:3f:3f:d7:b7:78:6c:3e:b5:f2:ac:fc:99:8d:37:
85:a9:7c:39:62:b2:d8:c1:3b:6d:2d:ca:17:50:91:
21:ae:c8:65:dc:cb:e9:2e:4d:f5:57:44:37:4a:82:
ab:03:a6:65:11:91:02:0c:08:38:f2:4f:d5:25:3d:
9f:64:d4:65:07:9e:86:af:0e:01:15:7f:8b:7f:53:
2f:60:fe:4d:9e:a9:d0:3b:9e:b1:c3:88:54:81:81:
a1:54:36:06:09:62:d2:49:6e:ad:f5:8c:25:5b:00:
c3:29:90:6c:a8:68:c1:00:98:4d:f3:29:85:99:9b:
0f:52:9a:48:62:f4:a4:22:7e:d8:8d:3c:a6:14:1c:
eb:e3:f4:a4:23:b4:3f:e4:60:00:96:ef:e8:a0:78:
61:1c:d5:a0:90:ee:fb:d0:79:c2:b4:c7:eb:d9:c2:
0c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B7:E1:FC:5D:4D:CE:C0:42:87:E5:F0:72:1F:09:11:8C:82:64:40
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ZLfh_F1NzsBCh-Xwch8JEYyCZEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:5e:ed:c8:1f:66:87:31:31:62:d3:51:56:d5:bb:9d:37:f4:
25:7c:ac:2f:e6:ec:6a:dd:9a:d3:14:7d:2d:26:4d:78:fd:82:
20:8f:60:4a:e1:d1:b3:f5:3d:6e:7b:6c:95:fc:3f:bb:22:ba:
c8:78:63:3e:16:39:2e:b6:8c:87:70:5a:54:4a:f7:13:c9:eb:
55:b7:70:91:2e:1d:89:b6:fd:bc:87:df:77:9b:0c:b9:52:f6:
b1:59:a1:4a:4f:44:df:59:a9:a1:4d:cb:2d:25:4e:df:75:ad:
ab:a7:eb:64:ff:3b:19:51:28:f0:07:da:f2:c0:1e:e9:50:f9:
04:59:02:1d:00:cc:a2:a5:aa:b2:44:b6:ef:1e:56:80:6f:ba:
63:66:5d:e6:3d:96:aa:a7:1a:1c:1d:4e:7e:54:4a:e7:b0:0d:
77:23:90:65:b3:63:17:94:08:a0:b9:b2:08:19:18:bb:35:db:
9c:16:ce:51:cf:77:cd:7c:25:cf:b1:06:ab:7e:0f:d3:1c:2b:
b3:00:0f:2c:f3:87:73:d6:5a:4a:6e:a4:00:41:2d:d4:e9:24:
c4:b8:cf:35:d9:0a:ed:f0:68:d9:18:38:47:0e:3e:4e:5c:e4:
7d:2c:7f:35:f3:b3:54:1c:20:fa:4b:25:3f:0e:84:32:17:a1:
0e:16:d6:02
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY0QjdFMUZDNUQ0RENF
QzA0Mjg3RTVGMDcyMUYwOTExOEM4MjY0NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmwYqHOb/u1db8hb8gOLOISYBnI1Ip2WtFSrX8TczozH0zK1e/
xSw7lrgXTmBA2aWDlKGB2H4nwSUmkLive5I41Z0Db6LWWRMBse0SmWEsRELkF37O
jEjaDho/P9e3eGw+tfKs/JmNN4WpfDlistjBO20tyhdQkSGuyGXcy+kuTfVXRDdK
gqsDpmURkQIMCDjyT9UlPZ9k1GUHnoavDgEVf4t/Uy9g/k2eqdA7nrHDiFSBgaFU
NgYJYtJJbq31jCVbAMMpkGyoaMEAmE3zKYWZmw9Smkhi9KQiftiNPKYUHOvj9KQj
tD/kYACW7+igeGEc1aCQ7vvQecK0x+vZwgwlAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUZLfh/F1NzsBCh+Xwch8JEYyCZEAwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9aTGZoX0YxTnpzQkNo
LVh3Y2g4SkVZeUNaRUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q9MA0GCSqGSIb3DQEBCwUAA4IBAQBcXu3IH2aHMTFi01FW1budN/QlfKwv
5uxq3ZrTFH0tJk14/YIgj2BK4dGz9T1ue2yV/D+7IrrIeGM+FjkutoyHcFpUSvcT
yetVt3CRLh2Jtv28h993mwy5UvaxWaFKT0TfWamhTcstJU7fda2rp+tk/zsZUSjw
B9rywB7pUPkEWQIdAMyipaqyRLbvHlaAb7pjZl3mPZaqpxocHU5+VErnsA13I5Bl
s2MXlAigubIIGRi7NducFs5Rz3fNfCXPsQarfg/THCuzAA8s84dz1lpKbqQAQS3U
6STEuM812Qrt8GjZGDhHDj5OXOR9LH8187NUHCD6SyU/DoQyF6EOFtYC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:57 2025 by rpki-client