Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/j6LL2xUEZEYaRcGwMm-1_3hRBN8.roa
File: j6LL2xUEZEYaRcGwMm-1_3hRBN8.roa (raw, json)
Hash identifier: 7pcycdllEz3OK2jjWPmLIJleb8JrJDvMkFOcWuJ6zbQ=
Subject key identifier: 8F:A2:CB:DB:15:04:64:46:1A:45:C1:B0:32:6F:B5:FF:78:51:04:DF
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B78
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/j6LL2xUEZEYaRcGwMm-1_3hRBN8.roa
Signing time: Fri 01 Sep 2023 08:56:24 +0000
ROA not before: Fri 01 Sep 2023 08:56:24 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 20473
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2936 (0xb78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:24 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8FA2CBDB150464461A45C1B0326FB5FF785104DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f8:25:5e:8d:b5:19:69:81:90:9e:e8:4a:88:
79:16:1b:11:a6:e0:b0:49:36:36:46:05:49:c4:a5:
c1:5a:68:29:6d:f5:df:76:14:98:e2:d6:dc:86:52:
8f:f8:bf:50:66:37:2f:98:67:4d:78:2b:e2:55:1b:
8d:63:09:86:9f:b5:32:28:51:4f:89:41:39:ce:9f:
aa:9b:d6:3c:53:80:4b:d6:3d:d0:ae:5e:37:a8:63:
31:5a:b8:22:29:e0:57:9c:1b:e6:84:12:31:b5:3c:
8c:58:1f:0e:ba:4f:20:17:1a:9d:b5:aa:ea:0c:a0:
a7:a0:77:c5:31:84:41:07:70:d1:b7:79:c0:44:89:
e3:2c:3d:66:92:35:06:50:ee:41:b8:80:a3:20:14:
b1:d5:3a:b5:94:a4:f0:93:46:f8:00:d9:e6:6f:f6:
22:f2:22:1f:34:83:8a:fd:3e:54:93:3d:9f:01:dc:
84:bd:3c:cf:9d:ea:9e:28:59:3d:6a:c6:3f:d6:81:
48:8e:5e:14:48:24:29:21:ac:d3:a9:3a:01:28:20:
a6:92:35:e2:8a:72:0d:c1:5e:fc:bc:32:86:6f:44:
71:fb:92:2b:90:c4:94:c4:38:70:b0:ad:33:ed:ee:
a7:67:a3:3f:7c:7c:b4:ec:17:99:7e:ca:27:65:51:
54:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A2:CB:DB:15:04:64:46:1A:45:C1:B0:32:6F:B5:FF:78:51:04:DF
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/j6LL2xUEZEYaRcGwMm-1_3hRBN8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4f:ca:e8:df:6a:47:73:a0:33:e1:93:63:61:2f:38:f8:a4:
28:2c:6c:b8:d0:27:d2:86:ac:ac:81:09:8e:80:75:b8:f6:8b:
cb:b5:69:d5:61:d7:cf:22:b3:32:d5:38:ba:13:79:3b:bd:0d:
64:59:9e:d1:04:73:42:bf:fd:8e:99:c9:d8:4b:6f:e4:7f:c1:
00:6a:0b:af:04:bc:52:30:4b:e0:ff:97:3c:9b:9e:b1:51:16:
23:d9:c0:c8:e8:de:76:2f:76:2f:ba:16:c3:c6:ce:54:51:aa:
c4:b1:07:42:c8:0b:31:6e:22:0a:06:7f:82:f1:48:2f:6a:2f:
c4:70:b4:a0:33:63:2d:e6:65:97:12:68:be:d1:20:8c:da:7f:
48:79:17:cd:be:af:b2:ba:c3:4a:05:72:15:74:39:d5:f6:9b:
b3:97:bc:5f:21:28:c1:cb:fe:87:8a:89:1d:5c:42:01:bb:57:
db:e0:43:8c:92:84:b5:a4:5a:09:87:8b:e9:85:fb:58:be:08:
ab:3d:06:ff:2a:9d:2b:c4:fe:cc:a9:b4:52:3e:00:52:40:90:
0a:42:77:c3:70:4d:3a:cd:ca:07:63:3e:27:9b:34:a3:54:11:
c1:7a:9f:99:57:7b:c1:49:36:75:9d:fe:a0:35:95:30:fe:25:
ab:bd:4d:39
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhGQTJDQkRCMTUwNDY0
NDYxQTQ1QzFCMDMyNkZCNUZGNzg1MTA0REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn+CVejbUZaYGQnuhKiHkWGxGm4LBJNjZGBUnEpcFaaClt9d92
FJji1tyGUo/4v1BmNy+YZ014K+JVG41jCYaftTIoUU+JQTnOn6qb1jxTgEvWPdCu
XjeoYzFauCIp4FecG+aEEjG1PIxYHw66TyAXGp21quoMoKegd8UxhEEHcNG3ecBE
ieMsPWaSNQZQ7kG4gKMgFLHVOrWUpPCTRvgA2eZv9iLyIh80g4r9PlSTPZ8B3IS9
PM+d6p4oWT1qxj/WgUiOXhRIJCkhrNOpOgEoIKaSNeKKcg3BXvy8MoZvRHH7kiuQ
xJTEOHCwrTPt7qdnoz98fLTsF5l+yidlUVTPAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUj6LL2xUEZEYaRcGwMm+1/3hRBN8wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9qNkxMMnhVRVpFWWFS
Y0d3TW0tMV8zaFJCTjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQBMT8ro32pHc6Az4ZNjYS84+KQoLGy4
0CfShqysgQmOgHW49ovLtWnVYdfPIrMy1Ti6E3k7vQ1kWZ7RBHNCv/2OmcnYS2/k
f8EAaguvBLxSMEvg/5c8m56xURYj2cDI6N52L3YvuhbDxs5UUarEsQdCyAsxbiIK
Bn+C8Ugvai/EcLSgM2Mt5mWXEmi+0SCM2n9IeRfNvq+yusNKBXIVdDnV9puzl7xf
ISjBy/6HiokdXEIBu1fb4EOMkoS1pFoJh4vphftYvgirPQb/Kp0rxP7MqbRSPgBS
QJAKQnfDcE06zcoHYz4nmzSjVBHBep+ZV3vBSTZ1nf6gNZUw/iWrvU05
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org