Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/dcs5GUFav7sBFVFocpcn_geRRB8.roa
File: dcs5GUFav7sBFVFocpcn_geRRB8.roa (raw, json)
Hash identifier: PSRawSYTTq3nwDGNnvyNm/eY941C5nZ87Hlm+GZClCA=
Subject key identifier: 75:CB:39:19:41:5A:BF:BB:01:15:51:68:72:97:27:FE:07:91:44:1F
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B6E
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/dcs5GUFav7sBFVFocpcn_geRRB8.roa
Signing time: Fri 01 Sep 2023 08:56:21 +0000
ROA not before: Fri 01 Sep 2023 08:56:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 103.122.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2926 (0xb6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=75CB3919415ABFBB01155168729727FE0791441F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:47:5f:40:a0:08:b7:dc:79:a8:3f:80:c4:
ec:a8:95:83:f7:f6:3c:c4:b1:bb:c8:2d:25:57:9e:
3d:40:1e:8d:8b:68:a0:56:77:03:0a:00:c7:25:7a:
ae:ee:95:52:b7:67:54:83:6d:5a:ed:6e:ca:d9:29:
fe:d5:d9:ef:68:fb:4c:d6:ab:d2:8b:20:1a:fa:34:
b4:77:51:3c:b3:5e:07:50:21:89:b4:b5:ad:b1:14:
06:c8:73:e1:ec:be:41:58:5b:ca:4f:b2:a0:04:c2:
ae:19:b6:5e:de:c3:13:27:0f:0f:15:47:5d:b6:16:
d8:b7:50:d3:22:a0:e0:42:1e:e8:4c:7b:8b:48:51:
65:58:e6:af:bd:43:f0:ee:84:a4:92:9a:e5:61:c1:
34:c8:7c:16:d6:c1:c2:66:17:24:40:98:68:1b:b0:
7a:ed:24:04:27:b5:8a:17:05:21:de:a5:91:01:eb:
f9:0a:25:94:36:0c:9c:42:99:cd:e8:91:66:cd:b6:
91:7d:f9:4d:e1:66:cf:31:34:f7:b4:c6:81:32:81:
e3:93:8c:39:f9:d9:dd:91:90:fd:43:a6:9b:e3:aa:
60:4d:e3:ab:95:07:59:49:4f:e4:1f:d0:cd:01:bf:
44:07:9d:35:bc:f2:04:75:a2:9d:68:c4:4a:d5:47:
a0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CB:39:19:41:5A:BF:BB:01:15:51:68:72:97:27:FE:07:91:44:1F
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/dcs5GUFav7sBFVFocpcn_geRRB8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.190.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ae:bd:97:73:d3:9d:b2:c3:7c:f1:d1:78:2f:ee:33:ae:53:
23:1d:96:6b:9d:c9:ad:b9:2d:9c:e6:40:db:16:86:22:30:ae:
06:ab:8a:4b:f6:ea:84:a7:0b:a7:7a:5f:ad:9d:67:14:be:5e:
b3:10:a6:59:92:69:69:5f:13:2b:b7:2c:f1:f1:45:d8:e7:35:
80:86:1f:9f:cc:f0:35:d8:c7:24:07:27:61:dc:2a:c6:28:d6:
94:6d:2d:73:c3:07:8e:2a:4f:f5:3e:a4:99:d8:ef:30:a5:3f:
c4:34:d2:6e:79:a1:20:2b:f9:63:6b:30:81:3d:c9:51:34:52:
f1:90:45:e8:32:fd:31:3a:fe:5a:e5:bb:11:45:ca:44:03:df:
cb:64:b2:e4:98:6f:d8:bf:70:a0:e8:5f:3a:5f:78:7d:a1:54:
b7:5a:67:f3:2c:ef:96:3a:e6:b1:b0:a2:2e:ba:6e:ee:cd:4e:
49:11:ef:55:3b:30:80:3c:c7:25:0b:b0:9b:84:10:6d:43:2f:
8a:07:75:55:37:a8:2d:2c:55:2c:cf:aa:9e:11:a8:9b:0a:6e:
07:b1:a1:d0:f8:36:27:a0:fe:61:f0:ce:8d:30:e0:51:a3:ff:
19:81:dc:f2:24:28:a8:9e:44:84:5b:12:f1:d1:35:ca:29:ca:
80:08:8b:aa
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc1Q0IzOTE5NDE1QUJG
QkIwMTE1NTE2ODcyOTcyN0ZFMDc5MTQ0MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqg0dfQKAIt9x5qD+AxOyolYP39jzEsbvILSVXnj1AHo2LaKBW
dwMKAMcleq7ulVK3Z1SDbVrtbsrZKf7V2e9o+0zWq9KLIBr6NLR3UTyzXgdQIYm0
ta2xFAbIc+HsvkFYW8pPsqAEwq4Ztl7ewxMnDw8VR122Fti3UNMioOBCHuhMe4tI
UWVY5q+9Q/DuhKSSmuVhwTTIfBbWwcJmFyRAmGgbsHrtJAQntYoXBSHepZEB6/kK
JZQ2DJxCmc3okWbNtpF9+U3hZs8xNPe0xoEygeOTjDn52d2RkP1DppvjqmBN46uV
B1lJT+Qf0M0Bv0QHnTW88gR1op1oxErVR6CDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUdcs5GUFav7sBFVFocpcn/geRRB8wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9kY3M1R1VGYXY3c0JG
VkZvY3Bjbl9nZVJSQjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q+MA0GCSqGSIb3DQEBCwUAA4IBAQABrr2Xc9OdssN88dF4L+4zrlMjHZZr
ncmtuS2c5kDbFoYiMK4Gq4pL9uqEpwunel+tnWcUvl6zEKZZkmlpXxMrtyzx8UXY
5zWAhh+fzPA12MckBydh3CrGKNaUbS1zwweOKk/1PqSZ2O8wpT/ENNJueaEgK/lj
azCBPclRNFLxkEXoMv0xOv5a5bsRRcpEA9/LZLLkmG/Yv3Cg6F86X3h9oVS3Wmfz
LO+WOuaxsKIuum7uzU5JEe9VOzCAPMclC7CbhBBtQy+KB3VVN6gtLFUsz6qeEaib
Cm4HsaHQ+DYnoP5h8M6NMOBRo/8ZgdzyJCionkSEWxLx0TXKKcqACIuq
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org