Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/_yhcOofMRwSawu_csoU-SE2MJVQ.roa
File: _yhcOofMRwSawu_csoU-SE2MJVQ.roa (raw, json)
Hash identifier: RLWUhu6zn4667obmpzLExCfCIyjBVZJY8pL8mjrYtIg=
Subject key identifier: FF:28:5C:3A:87:CC:47:04:9A:C2:EF:DC:B2:85:3E:48:4D:8C:25:54
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08CB
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/_yhcOofMRwSawu_csoU-SE2MJVQ.roa
Signing time: Sun 07 Feb 2021 13:03:44 +0000
ROA not before: Sun 07 Feb 2021 13:03:44 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 20473
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2251 (0x8cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 13:03:44 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=FF285C3A87CC47049AC2EFDCB2853E484D8C2554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:20:37:74:cd:7e:7c:07:44:9d:fa:b1:e8:85:
b8:f5:9d:98:0c:63:55:53:30:b0:db:d9:bc:37:1d:
5d:7e:4f:90:b0:67:04:a1:7d:4e:e8:5b:a1:b1:9d:
02:53:f2:c2:f6:b4:2b:7b:1a:32:8d:2d:23:38:e8:
ce:46:f4:4c:ee:82:a1:e8:7e:8c:e8:8d:23:94:a9:
df:99:f8:88:ba:a2:24:d8:ae:4c:b8:69:b6:28:48:
46:1f:fc:60:cc:59:76:06:a0:94:18:34:60:43:1d:
1f:59:71:32:c1:dc:cb:69:75:50:16:5c:27:4b:db:
a4:12:59:5c:7b:ff:0c:8d:6f:01:4f:a8:47:e4:8c:
00:c3:02:08:7b:70:95:3e:cd:dc:bc:39:4f:8f:ce:
33:b4:b3:7b:e5:7d:27:13:e0:47:b1:bf:70:d3:7f:
73:37:6f:f2:fb:40:56:00:9e:46:e7:fd:00:e3:ab:
b9:25:9c:2d:ef:d7:1a:cb:0e:ae:86:67:bb:d9:f1:
5b:66:13:c8:ea:de:ec:a5:3d:0a:16:d5:97:3a:0c:
d3:8a:2b:36:df:75:ee:e5:f0:1a:13:40:f0:83:09:
da:f4:b7:31:2a:1c:f7:35:c1:fd:f0:55:70:0e:07:
51:dd:9d:14:53:10:94:28:a4:cf:d0:89:81:f1:ee:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:28:5C:3A:87:CC:47:04:9A:C2:EF:DC:B2:85:3E:48:4D:8C:25:54
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/_yhcOofMRwSawu_csoU-SE2MJVQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
37:1a:80:6c:87:1b:f4:a3:32:8f:7b:66:8e:3b:bf:c2:93:59:
da:b9:2f:72:ce:d2:b6:5a:bb:42:56:21:fd:89:8f:4c:49:1a:
d3:a7:d5:81:63:fb:6c:82:b8:72:e5:37:16:b1:0e:d7:bf:81:
ff:05:6c:a1:02:fd:9c:d5:b5:05:6a:56:6f:5a:7c:05:96:65:
08:33:50:0d:f2:e9:95:62:0d:4b:c3:91:ba:d3:21:06:8b:01:
22:bb:c3:45:0b:53:1b:15:a3:ad:1b:96:20:a6:cb:0b:97:a3:
82:49:62:a5:eb:56:2f:53:9c:e8:1d:93:a9:2c:3c:1b:50:65:
a8:68:da:55:92:35:ac:f1:07:f9:b0:93:47:86:ac:86:69:95:
e7:f2:c7:8e:d4:1e:46:4f:d6:f5:4f:a5:c8:f4:3d:a0:de:1f:
8c:e6:b7:c9:98:e4:7d:ca:45:d0:8e:16:e5:ce:12:3e:32:6e:
81:c9:bd:cb:13:93:0d:71:cf:8f:f2:b0:4d:c2:4f:71:03:1e:
62:c1:6e:c2:cd:b8:22:bc:4c:cc:aa:69:91:ee:9d:db:78:3b:
24:3b:e8:d1:f4:19:61:ba:f5:66:20:41:98:7d:d8:cc:7c:4c:
34:6c:a6:ef:1a:15:7b:5b:de:e6:60:e4:fa:30:1b:c6:a2:a0:
b1:79:6d:e0
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcx
MzAzNDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEZGMjg1QzNBODdDQzQ3
MDQ5QUMyRUZEQ0IyODUzRTQ4NEQ4QzI1NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdIDd0zX58B0Sd+rHohbj1nZgMY1VTMLDb2bw3HV1+T5CwZwSh
fU7oW6GxnQJT8sL2tCt7GjKNLSM46M5G9EzugqHofozojSOUqd+Z+Ii6oiTYrky4
abYoSEYf/GDMWXYGoJQYNGBDHR9ZcTLB3MtpdVAWXCdL26QSWVx7/wyNbwFPqEfk
jADDAgh7cJU+zdy8OU+PzjO0s3vlfScT4Eexv3DTf3M3b/L7QFYAnkbn/QDjq7kl
nC3v1xrLDq6GZ7vZ8VtmE8jq3uylPQoW1Zc6DNOKKzbfde7l8BoTQPCDCdr0tzEq
HPc1wf3wVXAOB1HdnRRTEJQopM/QiYHx7gd/AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU/yhcOofMRwSawu/csoU+SE2MJVQwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9feWhjT29mTVJ3U2F3
dV9jc29VLVNFMk1KVlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQA3GoBshxv0ozKPe2aOO7/Ck1nauS9y
ztK2WrtCViH9iY9MSRrTp9WBY/tsgrhy5TcWsQ7Xv4H/BWyhAv2c1bUFalZvWnwF
lmUIM1AN8umVYg1Lw5G60yEGiwEiu8NFC1MbFaOtG5YgpssLl6OCSWKl61YvU5zo
HZOpLDwbUGWoaNpVkjWs8Qf5sJNHhqyGaZXn8seO1B5GT9b1T6XI9D2g3h+M5rfJ
mOR9ykXQjhblzhI+Mm6Byb3LE5MNcc+P8rBNwk9xAx5iwW7CzbgivEzMqmmR7p3b
eDskO+jR9BlhuvVmIEGYfdjMfEw0bKbvGhV7W97mYOT6MBvGoqCxeW3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org