Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ha-68PyKvbRbb2QlvdoSCgwc3uU.roa
File: ha-68PyKvbRbb2QlvdoSCgwc3uU.roa (raw, json)
Hash identifier: GqmDGuTv0IP5p7uU7b0E9hcWNbe/bdy+wpgqbxACk3A=
Subject key identifier: 85:AF:BA:F0:FC:8A:BD:B4:5B:6F:64:25:BD:DA:12:0A:0C:1C:DE:E5
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 076B
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ha-68PyKvbRbb2QlvdoSCgwc3uU.roa
Signing time: Tue 29 Sep 2020 09:58:09 +0000
ROA not before: Tue 29 Sep 2020 09:58:09 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 134823
IP address blocks: 103.122.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1899 (0x76b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 09:58:09 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=85AFBAF0FC8ABDB45B6F6425BDDA120A0C1CDEE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8c:30:f0:c9:1e:20:8a:e8:8a:8c:1b:61:b3:
75:9d:91:69:62:fd:ed:69:d4:3b:ff:16:48:d4:8c:
d7:d4:3a:6d:26:e8:66:54:14:e5:12:1b:7f:7b:8a:
f0:70:79:72:ef:01:d5:3b:ea:7a:b6:3d:f6:ab:a6:
67:30:f0:8a:73:45:40:cb:11:48:fe:17:70:6c:a7:
9e:a5:3f:1c:e0:4d:fe:de:4a:bc:9d:e3:d9:ec:47:
c2:2b:2e:6c:d7:98:19:8f:6f:43:cc:22:4f:22:0d:
33:6a:b1:6b:8b:26:7d:2e:ef:b3:65:1b:8a:ba:1e:
ee:43:20:61:7c:f5:f3:9f:90:3d:de:5e:31:43:9d:
2c:72:88:8f:e3:d7:46:8e:c3:64:e2:26:a7:8f:5b:
cf:ab:17:2e:eb:8c:ee:91:ff:6c:c8:64:da:f3:cc:
2f:a8:60:5c:6f:f3:4c:a9:76:a0:a3:15:f0:fa:7c:
d2:ad:05:3a:02:16:42:1b:95:56:bc:44:ab:71:35:
75:c2:bc:8a:ad:54:2f:d7:d0:9b:99:24:02:15:05:
45:c4:c1:72:70:74:1b:28:5c:74:a1:28:62:15:cd:
a6:4f:80:d2:fe:f2:a7:43:66:87:05:d6:38:b6:48:
44:7e:87:a3:e6:33:7a:c9:10:6e:d3:8d:61:af:4c:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AF:BA:F0:FC:8A:BD:B4:5B:6F:64:25:BD:DA:12:0A:0C:1C:DE:E5
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/ha-68PyKvbRbb2QlvdoSCgwc3uU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
52:3d:02:4e:3a:ef:61:b4:32:f5:d0:53:f7:14:12:d6:a6:c4:
25:8f:87:3b:ee:3d:cd:5d:7a:89:5e:b5:05:0e:e8:95:c7:9f:
b6:74:09:15:49:65:a5:3a:f4:22:6b:3f:71:6f:a9:6b:cc:f1:
88:3d:df:88:2c:fe:bf:55:ec:06:2c:92:fe:12:09:0f:c3:c8:
b2:e6:23:3f:7b:f5:b1:0f:42:77:28:6b:53:f5:4f:74:3b:8d:
6d:f3:40:ad:f9:7b:f4:94:96:31:c7:48:69:49:60:bb:ec:83:
3f:eb:39:56:a8:ba:a5:79:34:8c:34:cb:d4:4e:f5:83:03:2c:
eb:8b:3c:81:ac:b9:b5:dc:36:5f:12:f9:dc:9a:b5:7a:3b:74:
af:f4:fc:55:f4:bb:8e:c1:3b:d0:65:63:44:12:b5:08:9c:6e:
e8:4e:41:af:48:53:2e:5e:78:33:cd:fe:eb:7f:fa:c1:18:10:
1b:c1:24:05:fa:0e:ea:a9:a2:d0:53:fb:fc:df:9f:a7:87:c1:
47:c2:bd:f6:f0:76:91:35:8b:bd:8d:dc:ae:5c:fa:45:38:ce:
9d:06:ae:a6:af:35:6b:09:72:b4:65:62:84:d4:11:c0:0c:92:
3e:ee:0d:89:52:8d:53:34:e2:bd:12:ae:1a:98:58:18:e8:49:
c5:b2:7d:13
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMDA5Mjkw
OTU4MDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg1QUZCQUYwRkM4QUJE
QjQ1QjZGNjQyNUJEREExMjBBMEMxQ0RFRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6jDDwyR4giuiKjBths3WdkWli/e1p1Dv/FkjUjNfUOm0m6GZU
FOUSG397ivBweXLvAdU76nq2Pfarpmcw8IpzRUDLEUj+F3Bsp56lPxzgTf7eSryd
49nsR8IrLmzXmBmPb0PMIk8iDTNqsWuLJn0u77NlG4q6Hu5DIGF89fOfkD3eXjFD
nSxyiI/j10aOw2TiJqePW8+rFy7rjO6R/2zIZNrzzC+oYFxv80ypdqCjFfD6fNKt
BToCFkIblVa8RKtxNXXCvIqtVC/X0JuZJAIVBUXEwXJwdBsoXHShKGIVzaZPgNL+
8qdDZocF1ji2SER+h6PmM3rJEG7TjWGvTFo9AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUha+68PyKvbRbb2QlvdoSCgwc3uUwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9oYS02OFB5S3ZiUmJi
MlFsdmRvU0Nnd2MzdVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQBSPQJOOu9htDL10FP3FBLWpsQlj4c7
7j3NXXqJXrUFDuiVx5+2dAkVSWWlOvQiaz9xb6lrzPGIPd+ILP6/VewGLJL+EgkP
w8iy5iM/e/WxD0J3KGtT9U90O41t80Ct+Xv0lJYxx0hpSWC77IM/6zlWqLqleTSM
NMvUTvWDAyzrizyBrLm13DZfEvncmrV6O3Sv9PxV9LuOwTvQZWNEErUInG7oTkGv
SFMuXngzzf7rf/rBGBAbwSQF+g7qqaLQU/v835+nh8FHwr328HaRNYu9jdyuXPpF
OM6dBq6mrzVrCXK0ZWKE1BHADJI+7g2JUo1TNOK9Eq4amFgY6EnFsn0T
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org