Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pcURIDCkhPKQeGUZPFy83xZAFuo.roa
File: pcURIDCkhPKQeGUZPFy83xZAFuo.roa (raw, json)
Hash identifier: jptaSAE5pdj9nXZrt/9TtITED2fCl8Ma8PE5XzcxrM8=
Subject key identifier: A5:C5:11:20:30:A4:84:F2:90:78:65:19:3C:5C:BC:DF:16:40:16:EA
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B7E
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pcURIDCkhPKQeGUZPFy83xZAFuo.roa
Signing time: Fri 01 Sep 2023 08:56:25 +0000
ROA not before: Fri 01 Sep 2023 08:56:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 103.122.188.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2942 (0xb7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A5C5112030A484F2907865193C5CBCDF164016EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:c0:62:59:65:17:95:d4:80:fd:ab:86:b3:
c5:2d:c1:5e:a6:01:61:45:3a:5f:8b:7b:3b:7a:f2:
20:d9:d3:9a:0d:e7:4c:b1:49:dc:24:69:15:e6:68:
37:00:15:2a:20:87:03:4f:71:f0:8a:ac:15:d7:48:
98:22:22:a1:46:b4:cd:24:9c:d5:52:0a:b0:9d:ef:
84:b5:6e:02:35:44:4d:f8:80:48:f5:b7:45:6e:7e:
c0:96:df:3f:ee:92:a1:23:a9:3f:2b:e5:a4:32:0e:
4c:a6:63:d9:c5:bf:47:b3:ce:4c:b6:7c:c1:e2:05:
bb:3b:0b:c9:35:37:92:54:89:c7:8d:7b:d9:8f:8f:
f0:68:d2:b3:90:41:b5:e5:c3:8e:bc:97:46:22:42:
cf:b9:cc:64:2a:13:2d:3e:da:cc:ed:54:e7:e4:32:
3b:60:39:1c:0e:9a:34:d0:00:df:65:24:0c:b8:d6:
20:62:d2:0d:42:8e:ab:ba:e9:2c:a6:93:e1:53:58:
33:9c:70:d7:f2:52:e9:f8:fd:21:1d:c7:0d:c3:73:
e3:56:6c:f3:0a:95:ef:6c:81:7c:60:97:1f:b1:83:
b0:a0:bf:61:b3:a9:86:3e:2f:09:b0:3d:7d:56:c0:
e6:06:e0:e7:2a:91:e7:a8:cf:cd:02:0f:7d:d0:c1:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C5:11:20:30:A4:84:F2:90:78:65:19:3C:5C:BC:DF:16:40:16:EA
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pcURIDCkhPKQeGUZPFy83xZAFuo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b0:2f:4c:4c:7c:d1:45:1b:00:97:3a:11:85:92:c9:ad:01:
bb:25:2c:e8:6e:ea:d4:b8:95:fa:11:85:3e:ef:cb:23:fb:c9:
e9:1e:22:3f:9d:ad:0d:f5:9b:01:4d:e4:f4:54:95:c7:d3:9f:
b5:25:24:8d:1d:11:d8:9b:c6:97:5f:b3:d1:09:d0:31:12:f1:
b9:a5:6e:0e:c7:f4:ea:e4:1b:30:66:52:00:13:15:61:e3:88:
39:cf:57:e3:6a:19:7a:b9:4a:31:28:95:b5:20:ec:86:ba:e3:
14:52:3d:ca:cf:4f:ea:82:c6:d0:80:55:e1:a7:37:a2:2a:a0:
3b:fd:d5:f8:35:c1:4e:17:14:1e:ef:2d:75:23:c2:5e:45:ce:
8b:38:98:90:11:3a:7e:57:55:b5:63:cb:f6:26:db:5d:58:a4:
24:f4:b1:e7:32:9b:52:40:92:df:3c:fa:6d:2b:7c:aa:43:bb:
90:59:62:91:4a:c5:4f:35:f3:e2:2b:dc:be:ab:b6:60:05:1a:
4c:c4:5a:fe:3c:46:49:6d:c7:4c:e1:a2:c8:68:a3:09:5e:77:
ac:c6:eb:7c:22:88:9c:7f:75:34:f9:7a:89:00:11:82:b2:4a:
bb:a1:df:cf:96:96:2d:0e:d9:f2:62:34:0b:30:6c:75:f7:cb:
3b:85:ad:0b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE1QzUxMTIwMzBBNDg0
RjI5MDc4NjUxOTNDNUNCQ0RGMTY0MDE2RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9wsBiWWUXldSA/auGs8UtwV6mAWFFOl+Lezt68iDZ05oN50yx
SdwkaRXmaDcAFSoghwNPcfCKrBXXSJgiIqFGtM0knNVSCrCd74S1bgI1RE34gEj1
t0VufsCW3z/ukqEjqT8r5aQyDkymY9nFv0ezzky2fMHiBbs7C8k1N5JUiceNe9mP
j/Bo0rOQQbXlw468l0YiQs+5zGQqEy0+2sztVOfkMjtgORwOmjTQAN9lJAy41iBi
0g1Cjqu66Symk+FTWDOccNfyUun4/SEdxw3Dc+NWbPMKle9sgXxglx+xg7Cgv2Gz
qYY+LwmwPX1WwOYG4Ocqkeeoz80CD33QwQ8tAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUpcURIDCkhPKQeGUZPFy83xZAFuowHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9wY1VSSURDa2hQS1Fl
R1VaUEZ5ODN4WkFGdW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQATsC9MTHzRRRsAlzoRhZLJrQG7JSzo
burUuJX6EYU+78sj+8npHiI/na0N9ZsBTeT0VJXH05+1JSSNHRHYm8aXX7PRCdAx
EvG5pW4Ox/Tq5BswZlIAExVh44g5z1fjahl6uUoxKJW1IOyGuuMUUj3Kz0/qgsbQ
gFXhpzeiKqA7/dX4NcFOFxQe7y11I8JeRc6LOJiQETp+V1W1Y8v2JttdWKQk9LHn
MptSQJLfPPptK3yqQ7uQWWKRSsVPNfPiK9y+q7ZgBRpMxFr+PEZJbcdM4aLIaKMJ
Xnesxut8Ioicf3U0+XqJABGCskq7od/PlpYtDtnyYjQLMGx198s7ha0L
-----END CERTIFICATE-----
Generated at Thu Oct 12 08:45:26 2023 by rpki-client on console-ams.rpki-client.org