Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/msa2Az2rZsIEeLkTXJHqJ8Nog6g.roa
File: msa2Az2rZsIEeLkTXJHqJ8Nog6g.roa (raw, json)
Hash identifier: rLhZLHp3e1IasKfTQ4QGM3Dl3T37qZpGTrQY6pUW/m8=
Subject key identifier: 9A:C6:B6:03:3D:AB:66:C2:04:78:B9:13:5C:91:EA:27:C3:68:83:A8
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B6D
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/msa2Az2rZsIEeLkTXJHqJ8Nog6g.roa
Signing time: Fri 01 Sep 2023 08:56:20 +0000
ROA not before: Fri 01 Sep 2023 08:56:20 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 20473
IP address blocks: 2403:9340::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2925 (0xb6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:20 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9AC6B6033DAB66C20478B9135C91EA27C36883A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:87:e9:4a:ba:ef:35:0e:35:0a:93:a0:98:98:
7f:68:f2:ea:2d:2b:de:c5:a7:e2:88:ca:1d:c0:e1:
76:19:4e:0f:8d:d9:7b:70:b4:dd:14:dc:09:92:76:
45:7b:1b:70:63:7f:83:6f:10:58:b6:b9:1d:8e:a7:
43:da:99:67:26:04:bd:6e:cf:5f:c9:45:9a:22:61:
d2:35:ca:8f:70:aa:32:f0:77:da:c5:8b:27:71:60:
75:9b:c8:d7:14:ef:29:72:5a:a6:38:45:15:88:b4:
8e:83:36:ca:0c:3b:ec:4c:0f:6f:f1:a2:f3:4f:27:
78:b8:05:92:bf:07:b4:0e:0d:81:22:a7:fe:80:f6:
2d:00:5d:f0:9d:80:d4:dc:e7:64:24:7b:ea:13:db:
ff:e7:96:10:83:18:aa:15:10:a4:c2:85:b4:f5:7a:
60:97:a5:05:7a:8d:32:0b:aa:a8:54:35:62:b1:fa:
2c:e1:26:4d:2a:13:1d:06:85:67:f2:8a:94:e1:4e:
2e:d2:d1:6a:3e:5b:55:d4:84:2b:9e:27:db:22:00:
1a:13:74:f3:e9:ee:8c:63:01:57:32:62:bb:ec:1f:
2b:d5:3b:01:32:4c:92:5a:6f:91:b8:f9:7e:49:7e:
ff:15:27:8f:36:a8:44:35:47:1b:c3:52:81:89:67:
9e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C6:B6:03:3D:AB:66:C2:04:78:B9:13:5C:91:EA:27:C3:68:83:A8
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/msa2Az2rZsIEeLkTXJHqJ8Nog6g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/32
Signature Algorithm: sha256WithRSAEncryption
2e:5b:bc:8c:bc:f8:56:a7:2d:e1:f4:7b:8b:2a:7d:51:e5:7b:
0e:2c:4f:42:a3:ca:1e:22:80:65:93:97:d2:c5:b3:f1:a6:ec:
aa:e6:02:32:ae:43:fd:ba:9e:45:2a:0d:e8:56:ac:fa:f2:cc:
73:62:aa:98:4b:79:ea:f5:1b:22:86:81:3b:b0:67:96:51:7c:
24:eb:ab:3f:da:48:ec:34:4b:fe:dd:e4:78:7a:a9:ff:35:9e:
7f:7c:ce:ae:c4:68:3d:bd:9e:ab:68:08:f4:b3:9f:4a:b9:72:
a7:39:a4:85:c7:93:13:e2:97:e8:c2:1c:9e:27:34:02:dd:ca:
26:5a:98:0c:2c:22:02:03:12:4a:e3:9a:3c:2f:55:8e:82:f3:
27:3a:1a:89:ad:38:74:ca:0a:ae:d1:48:01:10:c6:d2:2e:dc:
e0:75:4b:4a:86:28:54:3b:f0:d0:c6:95:08:07:d5:3e:83:96:
95:f6:d7:ee:30:d1:cc:1a:dc:51:98:01:b5:d3:a9:6f:70:4a:
55:6b:10:69:d3:31:cf:1e:a3:14:4b:9f:9e:dd:d9:d9:bd:38:
c9:b1:12:f4:36:da:cf:51:78:ad:21:e9:5b:16:9c:36:94:d8:
3f:4c:b8:89:59:45:5f:d8:3e:e7:01:30:c3:c6:d8:d3:12:00:
54:49:bd:75
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICC20wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlBQzZCNjAzM0RBQjY2
QzIwNDc4QjkxMzVDOTFFQTI3QzM2ODgzQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOh+lKuu81DjUKk6CYmH9o8uotK97Fp+KIyh3A4XYZTg+N2Xtw
tN0U3AmSdkV7G3Bjf4NvEFi2uR2Op0PamWcmBL1uz1/JRZoiYdI1yo9wqjLwd9rF
iydxYHWbyNcU7ylyWqY4RRWItI6DNsoMO+xMD2/xovNPJ3i4BZK/B7QODYEip/6A
9i0AXfCdgNTc52Qke+oT2//nlhCDGKoVEKTChbT1emCXpQV6jTILqqhUNWKx+izh
Jk0qEx0GhWfyipThTi7S0Wo+W1XUhCueJ9siABoTdPPp7oxjAVcyYrvsHyvVOwEy
TJJab5G4+X5Jfv8VJ482qEQ1RxvDUoGJZ54BAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUmsa2Az2rZsIEeLkTXJHqJ8Nog6gwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9tc2EyQXoyclpzSUVl
TGtUWEpIcUo4Tm9nNmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAOTQDANBgkqhkiG9w0BAQsFAAOCAQEALlu8jLz4Vqct4fR7iyp9UeV7DixP
QqPKHiKAZZOX0sWz8absquYCMq5D/bqeRSoN6Fas+vLMc2KqmEt56vUbIoaBO7Bn
llF8JOurP9pI7DRL/t3keHqp/zWef3zOrsRoPb2eq2gI9LOfSrlypzmkhceTE+KX
6MIcnic0At3KJlqYDCwiAgMSSuOaPC9VjoLzJzoaia04dMoKrtFIARDG0i7c4HVL
SoYoVDvw0MaVCAfVPoOWlfbX7jDRzBrcUZgBtdOpb3BKVWsQadMxzx6jFEufnt3Z
2b04ybES9Dbaz1F4rSHpWxacNpTYP0y4iVlFX9g+5wEww8bY0xIAVEm9dQ==
-----END CERTIFICATE-----
Generated at Thu Oct 12 08:45:26 2023 by rpki-client on console-ams.rpki-client.org