Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/nEzeC2y4tAkJAx3NzA5x5F5FjDA.roa
File: nEzeC2y4tAkJAx3NzA5x5F5FjDA.roa (raw, json)
Hash identifier: DFAAmWPKjgjIsACPpecRjaGApYkh+RpKjCfeY5rbVok=
Subject key identifier: 9C:4C:DE:0B:6C:B8:B4:09:09:03:1D:CD:CC:0E:71:E4:5E:45:8C:30
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0975
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/nEzeC2y4tAkJAx3NzA5x5F5FjDA.roa
Signing time: Wed 29 Sep 2021 02:50:30 +0000
ROA not before: Wed 29 Sep 2021 02:50:30 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131657
IP address blocks: 103.122.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2421 (0x975)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:30 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9C4CDE0B6CB8B40909031DCDCC0E71E45E458C30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f5:21:3f:ab:6f:4b:73:eb:11:df:99:ec:48:
a6:be:7e:fe:9d:4f:b8:51:b4:0c:e6:a4:9a:bc:12:
54:6d:04:08:bd:4b:f0:ee:c8:df:f7:80:e2:da:7a:
12:03:b3:a3:0f:46:db:24:39:6f:70:fe:ca:ab:50:
a8:75:ff:08:66:f3:0f:a8:d0:5f:b5:32:1e:25:7f:
d1:94:aa:e0:95:fe:18:76:f9:c5:c6:71:42:3e:8e:
9c:13:6a:44:47:80:68:23:57:7b:96:fc:d1:04:b0:
0e:a9:e9:f4:6f:fa:13:b3:4d:2e:72:d2:ff:f9:fa:
34:ea:5b:fa:f5:55:c9:80:a5:7f:b5:ed:b3:dd:6c:
4b:c9:82:1e:42:4d:3d:a6:be:18:f7:ff:ff:27:3c:
fe:1e:6b:e2:55:75:b3:7f:e2:ec:80:da:cd:1a:d4:
64:8b:c2:68:71:40:08:9e:3f:b9:3b:e0:d8:1b:cd:
03:36:25:01:5c:33:9d:6a:57:f6:81:75:da:dc:a9:
fd:4b:bc:91:44:21:75:b9:18:cb:de:99:8b:e8:05:
8f:6a:44:db:61:85:69:6d:6d:e0:06:ac:96:32:5c:
00:d5:69:7f:76:03:d4:93:14:de:62:90:98:c5:3b:
87:46:3f:4b:f4:cd:8e:e9:91:9b:87:0b:9d:1b:5d:
4c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4C:DE:0B:6C:B8:B4:09:09:03:1D:CD:CC:0E:71:E4:5E:45:8C:30
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/nEzeC2y4tAkJAx3NzA5x5F5FjDA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.190.0/24
Signature Algorithm: sha256WithRSAEncryption
21:06:b7:db:32:57:53:08:e2:f6:f5:b6:25:7e:ee:02:2d:60:
c5:fd:46:b6:2f:55:fe:b0:2b:cd:94:2c:da:e2:dc:f3:6e:1b:
a9:51:34:ca:a5:5c:a5:06:39:89:26:94:d6:ab:8f:9d:9d:79:
01:3b:05:f1:84:85:c0:c1:f8:b1:f4:fd:1c:29:0d:d5:a3:a4:
10:41:b0:b4:52:56:7e:c1:56:b8:13:f4:26:77:5b:db:16:74:
ad:4c:66:4d:4a:cb:01:af:0f:ba:ac:a0:1a:fb:6b:8f:63:e2:
ca:49:53:61:3a:bf:26:51:16:b4:5c:1b:09:f8:a3:22:5a:30:
7c:15:9a:46:1f:a2:34:db:ba:43:a6:dd:69:1e:be:cd:e7:35:
2c:f3:54:f9:76:93:11:07:0b:15:1d:49:9b:a1:e7:dc:64:47:
e6:a6:ad:da:e0:14:7a:6d:34:69:de:c5:4f:ba:c7:95:41:c6:
94:64:1d:58:c9:19:b9:9c:2d:8a:42:62:af:bc:b0:af:b5:81:
c4:0e:f4:2a:72:a3:d2:2c:de:9a:15:b2:90:67:9d:00:44:eb:
9b:72:20:3e:eb:60:b1:bb:c5:21:e0:d4:b9:9e:d5:37:43:39:
da:e1:aa:aa:60:9e:c3:09:0a:7e:0f:2f:ff:f0:ba:aa:b0:8d:
00:6e:16:2c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMzBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlDNENERTBCNkNCOEI0
MDkwOTAzMURDRENDMEU3MUU0NUU0NThDMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU9SE/q29Lc+sR35nsSKa+fv6dT7hRtAzmpJq8ElRtBAi9S/Du
yN/3gOLaehIDs6MPRtskOW9w/sqrUKh1/whm8w+o0F+1Mh4lf9GUquCV/hh2+cXG
cUI+jpwTakRHgGgjV3uW/NEEsA6p6fRv+hOzTS5y0v/5+jTqW/r1VcmApX+17bPd
bEvJgh5CTT2mvhj3//8nPP4ea+JVdbN/4uyA2s0a1GSLwmhxQAieP7k74NgbzQM2
JQFcM51qV/aBddrcqf1LvJFEIXW5GMvemYvoBY9qRNthhWltbeAGrJYyXADVaX92
A9STFN5ikJjFO4dGP0v0zY7pkZuHC50bXUyXAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUnEzeC2y4tAkJAx3NzA5x5F5FjDAwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9uRXplQzJ5NHRBa0pB
eDNOekE1eDVGNUZqREEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q+MA0GCSqGSIb3DQEBCwUAA4IBAQAhBrfbMldTCOL29bYlfu4CLWDF/Ua2
L1X+sCvNlCza4tzzbhupUTTKpVylBjmJJpTWq4+dnXkBOwXxhIXAwfix9P0cKQ3V
o6QQQbC0UlZ+wVa4E/Qmd1vbFnStTGZNSssBrw+6rKAa+2uPY+LKSVNhOr8mURa0
XBsJ+KMiWjB8FZpGH6I027pDpt1pHr7N5zUs81T5dpMRBwsVHUmboefcZEfmpq3a
4BR6bTRp3sVPuseVQcaUZB1YyRm5nC2KQmKvvLCvtYHEDvQqcqPSLN6aFbKQZ50A
ROubciA+62Cxu8Uh4NS5ntU3Qzna4aqqYJ7DCQp+Dy//8LqqsI0AbhYs
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org