Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pQF9rE6jW2TCwanwzfSlIpTRVds.roa
File: pQF9rE6jW2TCwanwzfSlIpTRVds.roa (raw, json)
Hash identifier: EgYwX4KMuG/liBp9wsRyNDoJ+IWEweHXR9KVYSqBxKU=
Subject key identifier: A5:01:7D:AC:4E:A3:5B:64:C2:C1:A9:F0:CD:F4:A5:22:94:D1:55:DB
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 075F
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pQF9rE6jW2TCwanwzfSlIpTRVds.roa
Signing time: Tue 29 Sep 2020 09:58:06 +0000
ROA not before: Tue 29 Sep 2020 09:58:06 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 20473
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1887 (0x75f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 09:58:06 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A5017DAC4EA35B64C2C1A9F0CDF4A52294D155DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:af:f7:0a:c9:28:38:f3:73:a2:52:52:b2:3b:
2c:bc:6b:ea:b2:fb:81:53:2a:b6:58:64:81:ea:97:
a2:41:c0:50:ab:4a:9c:1e:9c:ae:49:ab:6b:75:d5:
2f:b1:13:89:64:c3:81:7f:db:00:2f:19:82:6c:29:
56:1c:78:cd:34:7b:ba:58:ba:99:80:31:92:bf:90:
10:20:4d:a1:a7:42:2b:0d:52:bb:ef:9a:ba:c5:79:
b9:19:c8:74:69:70:14:a5:db:b1:ca:0b:4c:d7:e3:
92:d2:60:ca:68:8c:7b:7b:66:07:ba:80:3c:1d:d0:
79:6e:36:d2:df:64:23:07:60:6a:d9:f8:49:64:a4:
06:55:95:fb:a6:fa:2d:f4:68:55:4e:0a:cd:28:a5:
22:7c:e3:82:84:f6:ea:63:db:59:04:14:61:9f:4c:
be:98:25:e5:ac:e6:ac:bd:7a:5e:9e:3a:0b:e2:10:
4d:db:a1:34:b5:39:48:71:4f:ce:9d:d7:58:c0:7f:
cf:2b:bd:07:ed:2b:bd:e9:0b:08:fa:0f:19:90:db:
db:0a:43:e7:fd:42:dc:f3:b2:f7:81:0d:d8:c5:c8:
fd:e6:16:87:c1:29:88:5a:08:02:8c:50:8e:2f:01:
e9:12:65:77:ac:8b:c5:14:7c:ca:ab:55:ba:5c:d6:
9a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:01:7D:AC:4E:A3:5B:64:C2:C1:A9:F0:CD:F4:A5:22:94:D1:55:DB
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pQF9rE6jW2TCwanwzfSlIpTRVds.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
58:80:1a:29:0e:1b:4b:b2:39:1a:7e:62:0c:5c:09:9a:f1:3f:
4f:40:64:5b:21:9a:3f:3c:38:97:76:88:1e:78:10:f3:d9:e6:
6a:37:c2:8a:94:a6:d8:76:b6:ca:5f:6d:a6:ef:47:dd:cf:9d:
ab:57:7c:64:09:75:f4:fc:0d:52:c4:4b:38:b3:2b:7b:2c:1e:
78:aa:cb:80:f4:e1:03:39:45:3a:d8:12:e7:5f:c1:45:fd:64:
8d:23:67:6c:df:47:c0:61:77:c4:5d:1a:2f:e0:27:51:5e:91:
b6:25:bf:90:d1:b4:02:ba:80:41:f3:dc:3b:c8:4d:a4:33:15:
37:f9:e0:18:59:40:1a:d7:1b:fa:6c:f7:7e:ea:c9:b2:e8:85:
70:4a:03:9a:13:5e:92:af:2b:8c:bb:ad:c3:a7:d5:20:a5:24:
75:6d:fb:09:36:2c:0f:a6:99:c2:4b:d4:20:17:1b:fa:ef:6c:
b6:f6:3a:38:a7:aa:8d:21:fa:c6:50:f3:c9:c5:4b:98:fb:ad:
e9:26:59:e4:22:fd:7b:10:3a:aa:e6:d5:63:0c:ff:2d:76:8f:
67:7e:07:4f:90:53:56:64:09:3a:5a:32:70:57:ab:c5:2f:ee:
e2:36:fa:ba:f5:2c:e7:4f:ac:19:a2:6f:5a:ae:af:00:4f:45:
b9:06:36:42
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMDA5Mjkw
OTU4MDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE1MDE3REFDNEVBMzVC
NjRDMkMxQTlGMENERjRBNTIyOTREMTU1REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJr/cKySg483OiUlKyOyy8a+qy+4FTKrZYZIHql6JBwFCrSpwe
nK5Jq2t11S+xE4lkw4F/2wAvGYJsKVYceM00e7pYupmAMZK/kBAgTaGnQisNUrvv
mrrFebkZyHRpcBSl27HKC0zX45LSYMpojHt7Zge6gDwd0HluNtLfZCMHYGrZ+Elk
pAZVlfum+i30aFVOCs0opSJ844KE9upj21kEFGGfTL6YJeWs5qy9el6eOgviEE3b
oTS1OUhxT86d11jAf88rvQftK73pCwj6DxmQ29sKQ+f9QtzzsveBDdjFyP3mFofB
KYhaCAKMUI4vAekSZXesi8UUfMqrVbpc1prXAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUpQF9rE6jW2TCwanwzfSlIpTRVdswHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9wUUY5ckU2alcyVEN3
YW53emZTbElwVFJWZHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQBYgBopDhtLsjkafmIMXAma8T9PQGRb
IZo/PDiXdogeeBDz2eZqN8KKlKbYdrbKX22m70fdz52rV3xkCXX0/A1SxEs4syt7
LB54qsuA9OEDOUU62BLnX8FF/WSNI2ds30fAYXfEXRov4CdRXpG2Jb+Q0bQCuoBB
89w7yE2kMxU3+eAYWUAa1xv6bPd+6smy6IVwSgOaE16SryuMu63Dp9UgpSR1bfsJ
NiwPppnCS9QgFxv672y29jo4p6qNIfrGUPPJxUuY+63pJlnkIv17EDqq5tVjDP8t
do9nfgdPkFNWZAk6WjJwV6vFL+7iNvq69SznT6wZom9arq8AT0W5BjZC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:58 2025 by rpki-client