Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/obL67W1ezkVDv4VWSqGSTko7yYc.roa
File: obL67W1ezkVDv4VWSqGSTko7yYc.roa (raw, json)
Hash identifier: mVBLHeFtofgzZSEXBZnUvE5GC32SIOiJbNbHvr/rS7Y=
Subject key identifier: A1:B2:FA:ED:6D:5E:CE:45:43:BF:85:56:4A:A1:92:4E:4A:3B:C9:87
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/obL67W1ezkVDv4VWSqGSTko7yYc.roa
Signing time: Thu 15 Sep 2022 02:47:51 +0000
ROA not before: Thu 15 Sep 2022 02:47:51 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 103.122.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 15 02:47:51 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=A1B2FAED6D5ECE4543BF85564AA1924E4A3BC987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ec:d6:a6:c0:14:14:29:2e:71:71:f9:cf:2a:
15:78:db:6f:6c:68:a5:a6:c6:37:e7:be:2e:65:c3:
f9:3e:f5:60:20:0e:7b:89:a1:50:ec:ac:49:70:15:
c2:35:f1:c8:ef:44:f8:f2:0f:23:54:5e:bc:ae:b2:
ca:22:28:06:d6:d2:28:5d:ab:1c:54:8c:82:75:32:
7c:b6:c2:1c:c3:7f:fd:46:17:43:20:7d:17:f3:3b:
13:8f:48:a2:71:c7:32:c5:de:88:f6:4c:bd:ad:19:
87:18:27:b1:5d:ea:bc:a6:43:b5:16:c5:fe:e3:44:
4d:27:2b:60:f2:13:c6:97:f3:cd:f1:53:2e:d5:20:
19:d5:8c:d6:00:fe:5d:31:a3:2a:bc:96:f4:24:e1:
5d:f8:11:59:30:0c:d1:62:56:55:51:84:d9:02:83:
4b:f3:45:6b:55:0f:73:21:57:8e:8a:cb:74:41:c9:
2e:f0:62:5b:23:08:19:7f:a5:72:d8:1c:7d:28:81:
db:e4:14:c9:b6:bb:ab:65:64:be:2b:52:eb:94:3d:
49:7d:c3:76:b1:32:8e:bb:20:eb:33:47:8c:ba:d4:
ca:ac:14:1e:5b:e8:ad:9d:0f:20:b2:d8:f2:0d:00:
0a:d5:9b:e5:6a:b5:48:2f:bb:ce:b2:1c:ba:f0:1e:
53:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B2:FA:ED:6D:5E:CE:45:43:BF:85:56:4A:A1:92:4E:4A:3B:C9:87
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/obL67W1ezkVDv4VWSqGSTko7yYc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
75:65:b2:d9:d5:d6:20:97:6f:2c:f9:1e:78:78:5a:4a:95:41:
c8:fd:e5:03:02:fd:cc:4f:92:46:c7:2a:ff:9a:af:93:af:c1:
0c:91:cd:57:56:b2:0d:d5:de:67:fe:b6:9e:d5:49:1c:76:6f:
c8:ee:9c:ed:21:a8:6a:f2:47:76:3d:37:8e:60:33:8b:ab:df:
74:2d:17:56:ba:3d:40:62:a5:dc:36:dd:40:52:da:47:d9:01:
28:fe:61:16:5a:92:f4:b2:e0:4b:3b:3a:91:c1:29:b3:a3:74:
cf:e1:75:a5:72:5e:70:43:52:69:37:9d:96:bd:ab:4a:8e:ff:
42:a9:65:6e:26:bc:25:cd:c2:e0:1b:6f:a6:c0:f6:ab:ed:29:
96:0d:4d:ee:cb:e3:d1:1a:77:6a:e4:f9:1c:cb:1a:a8:d8:06:
3e:54:a8:4c:ef:62:4b:5f:e5:82:b6:ec:6f:b7:c8:60:2d:da:
e4:b5:34:dc:fb:09:3f:98:b8:d0:5a:fb:5c:9f:ab:2c:55:aa:
4c:29:49:25:36:ff:97:86:7a:f9:7a:3d:da:ea:a4:2a:27:b5:
b0:e8:f9:c6:70:86:54:cb:d6:99:41:56:67:6f:a2:91:83:b5:
b5:9d:60:25:6a:d2:e7:d7:ec:8a:a8:86:ca:a6:a3:d5:a3:80:
ea:61:c9:1c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEExQjJGQUVENkQ1RUNF
NDU0M0JGODU1NjRBQTE5MjRFNEEzQkM5ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB7NamwBQUKS5xcfnPKhV4229saKWmxjfnvi5lw/k+9WAgDnuJ
oVDsrElwFcI18cjvRPjyDyNUXryussoiKAbW0ihdqxxUjIJ1Mny2whzDf/1GF0Mg
fRfzOxOPSKJxxzLF3oj2TL2tGYcYJ7Fd6rymQ7UWxf7jRE0nK2DyE8aX883xUy7V
IBnVjNYA/l0xoyq8lvQk4V34EVkwDNFiVlVRhNkCg0vzRWtVD3MhV46Ky3RByS7w
YlsjCBl/pXLYHH0ogdvkFMm2u6tlZL4rUuuUPUl9w3axMo67IOszR4y61MqsFB5b
6K2dDyCy2PINAArVm+VqtUgvu86yHLrwHlMhAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUobL67W1ezkVDv4VWSqGSTko7yYcwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9vYkw2N1cxZXprVkR2
NFZXU3FHU1Rrbzd5WWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQB1ZbLZ1dYgl28s+R54eFpKlUHI/eUD
Av3MT5JGxyr/mq+Tr8EMkc1XVrIN1d5n/rae1Ukcdm/I7pztIahq8kd2PTeOYDOL
q990LRdWuj1AYqXcNt1AUtpH2QEo/mEWWpL0suBLOzqRwSmzo3TP4XWlcl5wQ1Jp
N52WvatKjv9CqWVuJrwlzcLgG2+mwPar7SmWDU3uy+PRGndq5Pkcyxqo2AY+VKhM
72JLX+WCtuxvt8hgLdrktTTc+wk/mLjQWvtcn6ssVapMKUklNv+Xhnr5ej3a6qQq
J7Ww6PnGcIZUy9aZQVZnb6KRg7W1nWAlatLn1+yKqIbKpqPVo4DqYckc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org