Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
File: itMRX-WNJayMAXi4XYp9Nw5JxGg.roa (raw, json)
Hash identifier: 3ao1kXTKCT5TkDjDVKj1RNtal2aNKmKM16DSgzXDz2s=
Subject key identifier: 8A:D3:11:5F:E5:8D:25:AC:8C:01:78:B8:5D:8A:7D:37:0E:49:C4:68
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
Signing time: Thu 15 Sep 2022 02:47:52 +0000
ROA not before: Thu 15 Sep 2022 02:47:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 20473
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 15 02:47:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=8AD3115FE58D25AC8C0178B85D8A7D370E49C468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:10:7a:2e:fd:96:9b:b9:b8:2c:b9:00:73:
10:31:66:9e:7f:5e:57:6c:cf:d8:9d:22:a9:9e:3c:
11:d5:d8:d9:fa:7f:6f:7f:8c:d4:44:94:aa:af:1d:
ab:87:54:01:85:06:ef:31:7f:e7:df:85:7d:e9:b2:
a6:b0:04:45:13:ca:fa:4f:04:cd:fe:68:02:7d:40:
93:71:44:d6:2c:4b:10:0a:b6:f5:b8:7c:11:9f:a3:
90:52:d2:ad:19:9a:a4:f9:e5:e2:04:93:02:0a:c3:
3d:fe:b1:1b:d0:e0:26:80:42:53:9e:4e:94:e8:75:
ba:11:71:be:20:8b:16:5f:85:4d:18:33:64:b6:2f:
5c:a4:07:ed:f1:ed:0a:b2:05:46:71:63:95:ea:3e:
38:2b:fc:bd:33:82:63:a2:07:c2:ee:51:92:72:2d:
57:c5:1a:45:d1:fe:1b:8e:4b:4c:7a:40:f6:6a:17:
9b:2d:7b:67:b5:18:7c:8d:e6:0d:40:51:aa:2f:02:
3f:80:b6:3c:f4:26:28:d7:b2:ef:17:ab:46:c5:06:
6c:8b:06:bf:e8:81:b8:37:3c:94:c0:08:1f:7e:e4:
df:76:44:50:e2:92:35:6a:d3:25:e8:48:10:b4:76:
a0:98:27:bf:80:37:cb:67:95:91:e2:e2:a8:7f:fe:
e9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D3:11:5F:E5:8D:25:AC:8C:01:78:B8:5D:8A:7D:37:0E:49:C4:68
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2f:3a:96:fe:67:81:72:96:d7:66:80:82:2f:df:68:70:4e:
a3:c3:16:6f:dc:61:e7:93:ec:80:04:79:fd:2b:67:70:a0:3f:
2f:20:b3:91:a7:49:18:2a:d7:72:42:2f:20:5e:c4:4c:be:01:
f7:74:d1:dd:94:09:61:f1:d5:c9:d2:31:48:b4:39:dd:3d:97:
af:b9:65:e5:72:05:56:6f:3f:70:81:a4:27:f7:49:d3:5b:53:
91:f2:e5:4b:84:24:85:85:88:52:f3:87:26:a5:cf:81:c0:a4:
70:16:b1:15:46:cc:00:3f:5e:3e:72:9f:44:a4:47:8e:e0:58:
1c:a6:ed:33:8f:c4:e0:19:bd:b6:fd:9a:e2:ef:dc:8c:2e:1c:
3b:68:65:a2:97:f0:1b:30:b5:d6:74:f5:09:b5:e1:c4:80:6b:
a3:ae:4a:48:03:49:17:b2:8a:f0:95:bb:cb:22:7f:69:04:9e:
cb:19:31:3e:12:f8:40:b0:5b:03:3a:31:5c:45:bb:f1:ab:66:
e2:9f:ca:cc:c6:f3:ee:5f:30:4e:09:90:d9:d9:37:6b:88:82:
ad:c4:9f:af:e9:8e:7a:44:61:36:f0:bb:b5:47:ce:c4:49:5a:
fa:80:70:38:67:7f:dd:6b:6b:08:ba:6b:c9:c5:9b:ee:54:05:
57:42:9a:76
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhBRDMxMTVGRTU4RDI1
QUM4QzAxNzhCODVEOEE3RDM3MEU0OUM0NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChkhB6Lv2Wm7m4LLkAcxAxZp5/Xldsz9idIqmePBHV2Nn6f29/
jNRElKqvHauHVAGFBu8xf+ffhX3psqawBEUTyvpPBM3+aAJ9QJNxRNYsSxAKtvW4
fBGfo5BS0q0ZmqT55eIEkwIKwz3+sRvQ4CaAQlOeTpTodboRcb4gixZfhU0YM2S2
L1ykB+3x7QqyBUZxY5XqPjgr/L0zgmOiB8LuUZJyLVfFGkXR/huOS0x6QPZqF5st
e2e1GHyN5g1AUaovAj+Atjz0JijXsu8Xq0bFBmyLBr/ogbg3PJTACB9+5N92RFDi
kjVq0yXoSBC0dqCYJ7+AN8tnlZHi4qh//unHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUitMRX+WNJayMAXi4XYp9Nw5JxGgwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9pdE1SWC1XTkpheU1B
WGk0WFlwOU53NUp4R2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAiLzqW/meBcpbXZoCCL99ocE6jwxZv
3GHnk+yABHn9K2dwoD8vILORp0kYKtdyQi8gXsRMvgH3dNHdlAlh8dXJ0jFItDnd
PZevuWXlcgVWbz9wgaQn90nTW1OR8uVLhCSFhYhS84cmpc+BwKRwFrEVRswAP14+
cp9EpEeO4Fgcpu0zj8TgGb22/Zri79yMLhw7aGWil/AbMLXWdPUJteHEgGujrkpI
A0kXsorwlbvLIn9pBJ7LGTE+EvhAsFsDOjFcRbvxq2bin8rMxvPuXzBOCZDZ2Tdr
iIKtxJ+v6Y56RGE28Lu1R87ESVr6gHA4Z3/da2sIumvJxZvuVAVXQpp2
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:24 2025 by rpki-client