Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/jCLH29D6lVJBMEY8AxxOeMP_BTU.roa
File: jCLH29D6lVJBMEY8AxxOeMP_BTU.roa (raw, json)
Hash identifier: S2WhJc2eRtCeVNLk7av3+31uzWlgbK+R/wyIEyiBXEM=
Subject key identifier: 8C:22:C7:DB:D0:FA:95:52:41:30:46:3C:03:1C:4E:78:C3:FF:05:35
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 08BF
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/jCLH29D6lVJBMEY8AxxOeMP_BTU.roa
Signing time: Sun 07 Feb 2021 06:03:13 +0000
ROA not before: Sun 07 Feb 2021 06:03:13 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131657
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2239 (0x8bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Feb 7 06:03:13 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=8C22C7DBD0FA95524130463C031C4E78C3FF0535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bd:71:8b:90:cd:db:31:72:31:83:62:ca:09:
5c:02:b8:8b:aa:28:b8:e5:11:24:48:cd:f8:61:14:
78:ec:5f:7c:b7:d2:99:a8:44:83:a4:8e:02:3d:50:
7c:38:91:0f:8a:a7:6d:6b:4c:28:d1:57:4b:54:c2:
d5:5f:fb:7e:c2:b6:77:26:24:52:77:06:ff:2e:51:
ff:93:2d:27:c7:db:e6:34:da:75:fe:38:4c:96:ad:
40:4f:b9:46:6c:69:20:0f:df:92:20:42:fb:57:21:
c5:df:80:88:f1:e7:78:1a:53:d1:d6:2a:70:3c:26:
b1:35:f9:24:b7:68:85:1e:11:40:74:38:a2:47:90:
4a:38:24:f9:ab:d7:73:4b:3c:d4:4d:60:8b:75:5a:
3b:a7:c9:6a:fc:7a:b3:10:0e:a1:60:0e:6b:c6:47:
ab:a9:ef:43:a0:35:73:e3:74:74:c8:04:ff:1d:9f:
10:58:88:df:28:41:c6:33:a7:9a:7f:40:e5:c2:4e:
a4:42:f9:4a:3a:57:71:b5:eb:69:ee:03:fb:a6:bd:
31:1b:a7:4d:ee:40:18:2d:7b:64:b4:d9:24:3b:50:
8c:fe:3e:37:5d:74:9f:3c:e1:79:8e:6e:be:cd:2c:
69:2e:7c:03:5e:a5:41:ce:cb:4c:71:76:52:29:eb:
be:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:22:C7:DB:D0:FA:95:52:41:30:46:3C:03:1C:4E:78:C3:FF:05:35
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/jCLH29D6lVJBMEY8AxxOeMP_BTU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
16:75:bd:84:89:85:68:45:53:62:a8:d2:5b:42:ea:74:62:a4:
ab:0b:52:81:87:c4:da:6a:ff:77:30:5e:32:23:5f:ce:fd:52:
0e:4a:06:7d:37:68:ab:78:dd:7d:ee:ec:41:e7:20:a6:db:d9:
43:6b:1c:2e:ec:de:28:57:d7:53:88:d0:a3:51:4d:32:00:08:
1f:11:63:ea:3a:62:38:85:3f:7d:fe:17:78:9e:12:f7:39:ba:
58:81:02:a2:45:fb:be:af:8c:a0:0c:f7:53:e7:50:ff:6a:af:
01:81:ac:4a:a3:8c:39:b5:96:32:33:fb:16:e1:b1:1a:7e:42:
2f:a4:4e:e4:d3:e5:0f:b3:ec:0b:eb:d0:ee:09:04:f9:62:0d:
42:85:4c:5a:af:b9:b7:be:1c:b7:f1:9d:2f:2a:1a:ed:31:17:
38:d2:dd:3b:cd:8e:57:19:19:72:53:9f:98:d6:19:b8:1f:53:
98:70:68:d4:16:c6:1c:13:b5:6c:02:98:34:d6:72:c7:11:62:
8f:2c:14:da:c6:5b:20:b7:65:ee:c6:c9:b7:a2:d6:53:9f:95:
32:7b:5c:46:c1:01:7f:ea:3e:02:28:0d:29:dc:3b:d4:99:f3:
f3:be:7f:10:08:ca:20:56:f5:11:01:7e:74:22:aa:3d:d5:ff:
fb:ef:4a:3a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTAyMDcw
NjAzMTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDhDMjJDN0RCRDBGQTk1
NTI0MTMwNDYzQzAzMUM0RTc4QzNGRjA1MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwvXGLkM3bMXIxg2LKCVwCuIuqKLjlESRIzfhhFHjsX3y30pmo
RIOkjgI9UHw4kQ+Kp21rTCjRV0tUwtVf+37CtncmJFJ3Bv8uUf+TLSfH2+Y02nX+
OEyWrUBPuUZsaSAP35IgQvtXIcXfgIjx53gaU9HWKnA8JrE1+SS3aIUeEUB0OKJH
kEo4JPmr13NLPNRNYIt1WjunyWr8erMQDqFgDmvGR6up70OgNXPjdHTIBP8dnxBY
iN8oQcYzp5p/QOXCTqRC+Uo6V3G162nuA/umvTEbp03uQBgte2S02SQ7UIz+Pjdd
dJ884XmObr7NLGkufANepUHOy0xxdlIp675pAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUjCLH29D6lVJBMEY8AxxOeMP/BTUwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9qQ0xIMjlENmxWSkJN
RVk4QXh4T2VNUF9CVFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAWdb2EiYVoRVNiqNJbQup0YqSrC1KB
h8Taav93MF4yI1/O/VIOSgZ9N2ireN197uxB5yCm29lDaxwu7N4oV9dTiNCjUU0y
AAgfEWPqOmI4hT99/hd4nhL3ObpYgQKiRfu+r4ygDPdT51D/aq8BgaxKo4w5tZYy
M/sW4bEafkIvpE7k0+UPs+wL69DuCQT5Yg1ChUxar7m3vhy38Z0vKhrtMRc40t07
zY5XGRlyU5+Y1hm4H1OYcGjUFsYcE7VsApg01nLHEWKPLBTaxlsgt2Xuxsm3otZT
n5Uye1xGwQF/6j4CKA0p3DvUmfPzvn8QCMogVvURAX50Iqo91f/770o6
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:57 2025 by rpki-client