Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pzBUNatmVj02jMz_52l8lU4a0qE.roa
File: pzBUNatmVj02jMz_52l8lU4a0qE.roa (raw, json)
Hash identifier: 4O+WfT1SUmv6xWo4gFt0fvaTTjxwrsqLv4l/ZqOktB0=
Subject key identifier: A7:30:54:35:AB:66:56:3D:36:8C:CC:FF:E7:69:7C:95:4E:1A:D2:A1
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B7D
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pzBUNatmVj02jMz_52l8lU4a0qE.roa
Signing time: Fri 01 Sep 2023 08:56:25 +0000
ROA not before: Fri 01 Sep 2023 08:56:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 2403:9340::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2941 (0xb7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A7305435AB66563D368CCCFFE7697C954E1AD2A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e9:d5:aa:4d:e6:50:a8:47:db:a0:86:00:10:
ae:4a:c4:c3:24:60:bf:5c:e7:c9:32:93:36:1a:e5:
11:d0:a6:c9:db:ee:5a:cb:80:56:04:d5:f9:e4:3a:
67:d4:de:8e:f4:66:07:5e:24:fe:7c:c8:d2:b6:16:
3c:02:ee:5b:1f:ab:ef:f5:23:29:95:52:6f:e7:3f:
1d:d9:5a:d5:61:e3:9c:f4:c6:bd:12:2e:ef:ca:83:
af:43:06:70:d5:ea:a3:34:5c:09:0d:7a:83:3f:0a:
01:c2:f0:4d:13:74:6e:f6:e9:15:90:ba:fb:f1:88:
50:0c:42:b2:16:14:c0:02:91:f8:6e:0a:54:40:5b:
e0:cc:8b:db:58:ed:60:12:82:80:d2:58:d7:b0:63:
4c:4b:3c:0d:c5:ea:c7:66:94:d5:03:31:45:db:5f:
01:a0:ff:1b:0e:55:08:3a:7f:43:0a:c1:58:5c:c2:
44:13:d1:a7:56:3f:6a:17:9e:e0:e2:ad:61:83:37:
64:ee:b6:fe:c2:24:4d:99:f1:e5:38:c0:be:7d:14:
76:b2:39:58:fa:b8:52:be:6c:a8:11:df:36:ca:19:
0d:ee:9c:6a:99:bd:a8:3d:2b:56:66:b2:82:d5:7d:
60:0d:9a:14:d5:98:27:ed:3b:ce:56:86:4c:76:c8:
c2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:30:54:35:AB:66:56:3D:36:8C:CC:FF:E7:69:7C:95:4E:1A:D2:A1
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/pzBUNatmVj02jMz_52l8lU4a0qE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/32
Signature Algorithm: sha256WithRSAEncryption
94:dc:14:7f:52:7a:90:ac:d9:58:68:92:89:03:be:c5:ae:67:
79:aa:c6:a4:a7:7d:06:c7:ef:ee:e9:30:fc:50:13:84:c7:ef:
f2:e9:12:6a:69:a9:10:87:04:33:63:30:b3:7d:57:12:aa:e5:
3a:0e:1f:d1:a8:cc:00:c5:bc:f4:3f:b1:03:10:39:0e:82:79:
3b:e1:2a:57:ec:cb:9f:12:ca:c2:67:8a:1c:43:fe:2b:62:3a:
0d:2f:30:ba:a3:ad:22:90:09:36:8c:e1:7e:e0:37:40:42:c2:
d9:a5:46:02:16:c0:c5:6d:b2:10:54:09:d7:94:a0:5f:b6:ea:
03:b5:5e:a3:f8:08:f5:2a:23:a7:e5:52:84:5c:8f:ca:e3:90:
e4:31:5a:25:71:53:1d:f4:f6:70:77:6d:3f:b3:01:d6:88:de:
c8:e5:ac:66:54:7f:ac:36:bf:73:dc:aa:93:a9:e6:95:f1:2a:
ad:84:06:40:c4:d2:c1:ac:5d:76:fe:14:02:84:2c:fa:97:a7:
c6:26:b4:6b:32:5f:57:ea:e9:5d:67:e1:38:d8:99:65:ec:87:
60:9c:3b:78:de:74:32:5e:0d:ff:76:2a:93:4e:5a:81:c4:c2:
f7:b1:ab:da:10:f4:73:2f:2b:81:0c:13:a1:1f:43:37:7a:24:
90:18:1e:81
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICC30wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE3MzA1NDM1QUI2NjU2
M0QzNjhDQ0NGRkU3Njk3Qzk1NEUxQUQyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDO6dWqTeZQqEfboIYAEK5KxMMkYL9c58kykzYa5RHQpsnb7lrL
gFYE1fnkOmfU3o70ZgdeJP58yNK2FjwC7lsfq+/1IymVUm/nPx3ZWtVh45z0xr0S
Lu/Kg69DBnDV6qM0XAkNeoM/CgHC8E0TdG726RWQuvvxiFAMQrIWFMACkfhuClRA
W+DMi9tY7WASgoDSWNewY0xLPA3F6sdmlNUDMUXbXwGg/xsOVQg6f0MKwVhcwkQT
0adWP2oXnuDirWGDN2Tutv7CJE2Z8eU4wL59FHayOVj6uFK+bKgR3zbKGQ3unGqZ
vag9K1ZmsoLVfWANmhTVmCftO85Whkx2yMJnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUpzBUNatmVj02jMz/52l8lU4a0qEwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9wekJVTmF0bVZqMDJq
TXpfNTJsOGxVNGEwcUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAOTQDANBgkqhkiG9w0BAQsFAAOCAQEAlNwUf1J6kKzZWGiSiQO+xa5nearG
pKd9Bsfv7ukw/FAThMfv8ukSammpEIcEM2Mws31XEqrlOg4f0ajMAMW89D+xAxA5
DoJ5O+EqV+zLnxLKwmeKHEP+K2I6DS8wuqOtIpAJNozhfuA3QELC2aVGAhbAxW2y
EFQJ15SgX7bqA7Veo/gI9Sojp+VShFyPyuOQ5DFaJXFTHfT2cHdtP7MB1ojeyOWs
ZlR/rDa/c9yqk6nmlfEqrYQGQMTSwaxddv4UAoQs+penxia0azJfV+rpXWfhONiZ
ZeyHYJw7eN50Ml4N/3Yqk05agcTC97Gr2hD0cy8rgQwToR9DN3okkBgegQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org