Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/gwQ939plMiqqohQ_fYicSMYGNds.roa
File: gwQ939plMiqqohQ_fYicSMYGNds.roa (raw, json)
Hash identifier: oHZD4BV4/JdPKXJXIZtgkinzCNrkh4t9e0zB6C7x4B0=
Subject key identifier: 83:04:3D:DF:DA:65:32:2A:AA:A2:14:3F:7D:88:9C:48:C6:06:35:DB
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B7A
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/gwQ939plMiqqohQ_fYicSMYGNds.roa
Signing time: Fri 01 Sep 2023 08:56:25 +0000
ROA not before: Fri 01 Sep 2023 08:56:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 103.122.188.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2938 (0xb7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=83043DDFDA65322AAAA2143F7D889C48C60635DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2d:b9:d8:21:3f:e6:29:b1:85:9d:78:e4:d5:
6e:cd:9f:77:9b:4b:9b:ee:1d:75:dd:a0:e5:e2:f7:
ab:39:17:bf:f4:f0:dc:82:e2:2f:72:24:c3:af:c8:
32:47:79:a6:7d:32:58:2f:53:1f:25:ab:23:b1:36:
af:12:41:ac:50:6c:65:a0:9f:53:9b:e1:25:77:0c:
9f:f3:ca:8d:9b:c8:0c:aa:cf:51:a5:c8:72:28:92:
88:8d:a1:c7:32:66:61:12:67:91:15:33:6a:34:04:
a5:b0:d8:fd:8a:5c:9d:6c:b6:5a:07:6e:fe:5c:c9:
11:81:68:8e:e6:4e:53:a6:f1:2f:7a:8e:56:2a:4b:
b0:f0:a9:c5:05:6c:cf:90:4c:ed:f2:2d:9e:e5:fc:
35:d1:66:26:5f:81:f5:45:5e:67:61:58:20:a3:8b:
78:49:42:b7:3a:37:c1:0a:c1:da:31:f0:80:d1:a9:
6b:e0:79:4b:aa:67:3c:0f:ba:fb:87:e4:d9:8a:51:
48:e0:7a:50:a0:a6:1c:6f:1e:e3:df:6e:99:78:cf:
c2:da:a3:53:90:8a:1f:fb:37:f1:62:98:73:96:75:
26:2e:3c:5a:61:e2:0b:34:4b:52:90:74:c9:07:d1:
40:8e:27:f0:0c:a7:f4:4e:8f:c9:34:e6:f2:cc:f2:
8b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:04:3D:DF:DA:65:32:2A:AA:A2:14:3F:7D:88:9C:48:C6:06:35:DB
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/gwQ939plMiqqohQ_fYicSMYGNds.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:76:99:6c:57:30:3e:13:a2:35:87:5e:5a:94:90:d2:9b:98:
f3:e1:39:65:77:b0:65:14:22:ae:79:14:73:ad:19:d7:2f:a8:
8c:5c:80:90:40:8c:01:f9:48:a2:32:55:bf:1b:e0:68:ca:55:
89:5d:34:04:d8:40:e4:6a:26:99:7f:98:66:3c:5c:5d:fc:ce:
28:36:71:4d:20:b1:28:cd:50:11:36:fb:36:6c:74:c9:33:51:
8e:d8:6c:e3:51:3e:68:18:ed:4c:68:81:7f:4e:b0:07:26:02:
9e:66:cf:95:52:cd:bf:13:32:29:db:5c:4b:ed:7e:2d:bc:2a:
0b:91:82:2d:68:e4:c1:1f:0d:7b:19:ae:19:ff:dc:82:62:d8:
cf:05:5f:ba:b2:2a:9f:eb:ba:40:bb:31:47:4c:55:9a:ab:18:
54:ba:09:fc:64:3f:74:f2:03:22:44:49:1a:c7:25:ad:25:3e:
a0:73:b4:e7:4f:3d:9a:cc:b0:b9:0a:e1:e8:7c:72:0b:64:b8:
62:1e:a0:21:cd:b3:1d:3e:cd:59:9e:eb:3a:e6:d7:4b:40:02:
42:d6:41:46:5e:45:11:80:bb:6a:43:9b:94:4c:7d:c3:5b:f4:
93:80:c1:89:af:8d:08:6b:8a:48:d9:cd:c9:7d:01:9f:08:5e:
9a:86:68:33
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDgzMDQzRERGREE2NTMy
MkFBQUEyMTQzRjdEODg5QzQ4QzYwNjM1REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLLbnYIT/mKbGFnXjk1W7Nn3ebS5vuHXXdoOXi96s5F7/08NyC
4i9yJMOvyDJHeaZ9MlgvUx8lqyOxNq8SQaxQbGWgn1Ob4SV3DJ/zyo2byAyqz1Gl
yHIokoiNoccyZmESZ5EVM2o0BKWw2P2KXJ1stloHbv5cyRGBaI7mTlOm8S96jlYq
S7DwqcUFbM+QTO3yLZ7l/DXRZiZfgfVFXmdhWCCji3hJQrc6N8EKwdox8IDRqWvg
eUuqZzwPuvuH5NmKUUjgelCgphxvHuPfbpl4z8Lao1OQih/7N/FimHOWdSYuPFph
4gs0S1KQdMkH0UCOJ/AMp/ROj8k05vLM8ovBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUgwQ939plMiqqohQ/fYicSMYGNdswHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9nd1E5MzlwbE1pcXFv
aFFfZllpY1NNWUdOZHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQB+dplsVzA+E6I1h15alJDSm5jz4Tll
d7BlFCKueRRzrRnXL6iMXICQQIwB+UiiMlW/G+BoylWJXTQE2EDkaiaZf5hmPFxd
/M4oNnFNILEozVARNvs2bHTJM1GO2GzjUT5oGO1MaIF/TrAHJgKeZs+VUs2/EzIp
21xL7X4tvCoLkYItaOTBHw17Ga4Z/9yCYtjPBV+6siqf67pAuzFHTFWaqxhUugn8
ZD908gMiREkaxyWtJT6gc7TnTz2azLC5CuHofHILZLhiHqAhzbMdPs1Znus65tdL
QAJC1kFGXkURgLtqQ5uUTH3DW/STgMGJr40Ia4pI2c3JfQGfCF6ahmgz
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:43 2025 by rpki-client