Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iW6qmujAXfFwhT0KrMUCX3YuhSM.roa
File: iW6qmujAXfFwhT0KrMUCX3YuhSM.roa (raw, json)
Hash identifier: R8gVBUW4dGkQgWef6YKYk4DMr79XuaSGDr0s89gpMy4=
Subject key identifier: 89:6E:AA:9A:E8:C0:5D:F1:70:85:3D:0A:AC:C5:02:5F:76:2E:85:23
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0973
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iW6qmujAXfFwhT0KrMUCX3YuhSM.roa
Signing time: Wed 29 Sep 2021 02:50:30 +0000
ROA not before: Wed 29 Sep 2021 02:50:30 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 134823
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2419 (0x973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:30 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=896EAA9AE8C05DF170853D0AACC5025F762E8523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fa:54:db:36:f2:a6:82:a5:d0:9f:9e:1f:bd:
9e:a6:22:ea:92:73:4a:f9:0b:10:aa:37:5a:c5:9f:
f3:8c:2f:36:98:e3:05:d2:cb:fb:9b:ba:9a:e1:bb:
e6:c1:2e:c6:85:1f:a3:65:3b:e0:4f:77:14:a8:00:
93:f5:d0:e1:e3:ec:47:97:c1:06:15:c2:d6:ea:60:
ae:99:98:9d:1f:52:4d:f7:cc:96:1a:8c:9f:81:c7:
33:6a:6e:a0:fa:8f:c4:36:84:9f:cd:8f:d1:56:fc:
12:10:87:ee:05:10:36:9b:3d:f3:83:05:e6:2d:d1:
d1:83:1b:01:92:9e:7c:61:ef:65:2e:ed:32:c0:63:
e0:54:ef:e9:68:b3:8f:bf:5e:f4:68:05:f4:bb:54:
1b:4f:00:ec:de:f3:e6:e8:95:5d:0e:9e:cb:4b:d6:
e4:20:2b:d4:5c:d7:53:46:6f:c4:d3:b5:a9:0f:23:
35:5f:ca:d8:38:13:20:19:ba:23:30:d0:16:26:76:
c9:ee:81:5f:fe:2f:70:f3:e3:d8:5f:2e:ff:ca:e4:
4f:01:c9:28:a6:d5:08:69:e5:0a:b8:7c:aa:3c:65:
0e:88:1f:fb:99:6e:15:16:cc:c7:47:14:89:a4:7e:
15:a1:63:6e:11:78:67:05:b9:62:ec:58:a5:72:7a:
e7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6E:AA:9A:E8:C0:5D:F1:70:85:3D:0A:AC:C5:02:5F:76:2E:85:23
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/iW6qmujAXfFwhT0KrMUCX3YuhSM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:7d:fe:bf:79:4e:5d:49:d1:a3:3a:e6:9e:97:25:a3:a5:8b:
a9:89:ce:d2:4d:0f:91:bf:1a:76:87:82:57:c1:59:c7:86:c9:
fe:fc:ca:3d:fe:a8:c7:63:d2:96:db:f9:85:08:3e:7e:8f:02:
d8:99:75:3b:97:eb:50:a6:51:c0:a4:17:ed:54:e3:dd:f9:82:
71:7e:96:f8:d6:83:d1:8f:7d:dd:3e:37:fd:52:79:ad:a5:e6:
45:5f:b2:3f:d3:b4:aa:73:1c:58:05:ce:9d:21:4e:4b:22:c9:
02:0f:36:4e:20:eb:07:6a:20:53:08:e4:ca:9c:3b:f5:c3:f0:
c5:12:39:bd:8f:d2:36:65:d0:d8:83:1f:c4:be:27:7e:a2:d1:
1c:15:65:7f:62:8a:dd:85:f3:3f:0c:27:6d:6d:5e:8a:a5:7d:
0d:1b:54:07:77:5f:b7:82:2a:bd:c3:fa:d6:f7:3a:ae:d0:a6:
d2:c2:34:38:6f:57:a4:12:bd:ae:8c:aa:48:6f:53:57:df:0c:
87:10:2e:16:5a:8a:7d:73:b4:a3:ee:69:6f:e4:d5:d0:42:e1:
59:52:3c:b0:f5:a8:be:b3:e5:6d:71:ca:04:51:c8:b5:a8:b2:
d7:f1:41:91:70:f8:23:13:ac:1c:7c:40:83:e2:33:30:62:1c:
53:2b:5b:97
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMzBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg5NkVBQTlBRThDMDVE
RjE3MDg1M0QwQUFDQzUwMjVGNzYyRTg1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs+lTbNvKmgqXQn54fvZ6mIuqSc0r5CxCqN1rFn/OMLzaY4wXS
y/ubuprhu+bBLsaFH6NlO+BPdxSoAJP10OHj7EeXwQYVwtbqYK6ZmJ0fUk33zJYa
jJ+BxzNqbqD6j8Q2hJ/Nj9FW/BIQh+4FEDabPfODBeYt0dGDGwGSnnxh72Uu7TLA
Y+BU7+los4+/XvRoBfS7VBtPAOze8+bolV0OnstL1uQgK9Rc11NGb8TTtakPIzVf
ytg4EyAZuiMw0BYmdsnugV/+L3Dz49hfLv/K5E8BySim1Qhp5Qq4fKo8ZQ6IH/uZ
bhUWzMdHFImkfhWhY24ReGcFuWLsWKVyeuflAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUiW6qmujAXfFwhT0KrMUCX3YuhSMwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9pVzZxbXVqQVhmRndo
VDBLck1VQ1gzWXVoU00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAKff6/eU5dSdGjOuaelyWjpYupic7S
TQ+Rvxp2h4JXwVnHhsn+/Mo9/qjHY9KW2/mFCD5+jwLYmXU7l+tQplHApBftVOPd
+YJxfpb41oPRj33dPjf9UnmtpeZFX7I/07SqcxxYBc6dIU5LIskCDzZOIOsHaiBT
COTKnDv1w/DFEjm9j9I2ZdDYgx/Evid+otEcFWV/YordhfM/DCdtbV6KpX0NG1QH
d1+3giq9w/rW9zqu0KbSwjQ4b1ekEr2ujKpIb1NX3wyHEC4WWop9c7Sj7mlv5NXQ
QuFZUjyw9ai+s+VtccoEUci1qLLX8UGRcPgjE6wcfECD4jMwYhxTK1uX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org