Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/rk897BQHXG01jGuOLCI4iVAtuo8.roa
File: rk897BQHXG01jGuOLCI4iVAtuo8.roa (raw, json)
Hash identifier: JURf18rO3mXcRmi0EX4uIGGYNT1+OwRrr9H5rwe+cuc=
Subject key identifier: AE:4F:3D:EC:14:07:5C:6D:35:8C:6B:8E:2C:22:38:89:50:2D:BA:8F
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0B7C
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/rk897BQHXG01jGuOLCI4iVAtuo8.roa
Signing time: Fri 01 Sep 2023 08:56:25 +0000
ROA not before: Fri 01 Sep 2023 08:56:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 103.122.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2940 (0xb7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 1 08:56:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AE4F3DEC14075C6D358C6B8E2C223889502DBA8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:93:1d:25:1d:e7:23:26:d5:6b:a7:89:56:84:
fa:6a:b7:94:e0:c4:32:9a:de:cc:bf:8f:12:d1:57:
0f:ac:d7:11:43:da:de:0b:ba:96:97:f8:35:97:5f:
a1:9b:41:19:3d:00:89:74:0b:e5:0a:13:2a:ee:8f:
9c:61:6c:46:69:50:58:5d:c3:ad:39:53:e3:03:db:
60:33:c6:9d:fe:c3:2d:63:99:05:61:d4:db:f2:dd:
d1:07:7b:04:0a:90:c6:85:60:ad:9f:d7:59:db:64:
34:de:73:7b:c1:d6:df:ac:14:fc:6c:78:7c:85:3b:
d7:78:ae:38:c1:8f:e2:33:5d:84:9f:47:57:54:b7:
b6:07:4c:e0:63:81:1d:c2:c2:3e:5c:2b:4a:f2:1d:
bf:e8:eb:47:b6:67:f9:e6:78:65:0f:db:eb:c3:15:
a8:fe:a3:a1:fd:c0:cb:04:fc:6e:bb:62:c7:c4:b4:
03:3f:4e:75:93:82:f3:c9:ab:aa:7b:31:43:8e:3b:
24:46:81:78:35:f2:e1:11:37:dd:ee:83:33:ec:2c:
11:6b:f2:66:2d:f4:bf:54:5a:cf:fc:b9:36:14:71:
3f:c8:b1:08:a5:51:7c:2d:fc:7d:2e:80:72:86:7e:
f9:da:52:60:b8:5a:ac:7d:f0:6f:e6:e0:1a:db:38:
2e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4F:3D:EC:14:07:5C:6D:35:8C:6B:8E:2C:22:38:89:50:2D:BA:8F
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/rk897BQHXG01jGuOLCI4iVAtuo8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
63:e6:b1:40:fb:8d:2e:74:06:0f:05:8e:ae:d9:2a:4f:cb:a9:
b3:d6:d8:0d:90:ce:aa:18:6a:4b:35:af:7c:55:46:3b:99:4e:
14:bd:22:ef:5c:6c:38:7e:82:80:38:d1:ec:0b:73:26:17:fb:
fb:c6:1c:8e:f8:38:b8:c6:81:ab:b3:47:a5:bd:ef:3d:c8:f0:
38:45:b8:68:65:71:a3:7d:d1:85:f3:e0:51:f1:0a:80:60:aa:
40:36:ae:91:d8:e0:cd:3c:8c:eb:d5:74:20:e0:43:ca:9c:69:
bf:2b:58:ea:81:62:08:62:be:d0:48:41:03:76:18:4a:a9:eb:
15:6a:bc:c8:7f:7e:bc:77:8c:0a:6f:7c:f4:4c:3f:16:47:62:
a9:bd:0c:19:f3:a0:94:38:14:19:fa:58:a4:0c:1f:2e:64:5f:
70:61:56:44:4a:1e:eb:d8:89:de:5f:e6:aa:bd:1e:9d:6b:cd:
46:3b:66:64:31:39:df:a2:18:fb:a0:72:33:de:cb:93:c4:e6:
67:1b:f7:7e:d5:2a:22:35:1f:42:65:03:c5:06:13:35:d7:ab:
96:34:4a:1c:a1:fd:92:99:8f:ad:69:1a:ae:63:90:34:84:0b:
8b:a0:31:f6:84:2f:65:86:b9:d7:de:86:37:76:bb:32:12:25:
9d:e9:e0:4d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC3wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMzA5MDEw
ODU2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFFNEYzREVDMTQwNzVD
NkQzNThDNkI4RTJDMjIzODg5NTAyREJBOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCkx0lHecjJtVrp4lWhPpqt5TgxDKa3sy/jxLRVw+s1xFD2t4L
upaX+DWXX6GbQRk9AIl0C+UKEyruj5xhbEZpUFhdw605U+MD22Azxp3+wy1jmQVh
1Nvy3dEHewQKkMaFYK2f11nbZDTec3vB1t+sFPxseHyFO9d4rjjBj+IzXYSfR1dU
t7YHTOBjgR3Cwj5cK0ryHb/o60e2Z/nmeGUP2+vDFaj+o6H9wMsE/G67YsfEtAM/
TnWTgvPJq6p7MUOOOyRGgXg18uERN93ugzPsLBFr8mYt9L9UWs/8uTYUcT/IsQil
UXwt/H0ugHKGfvnaUmC4Wqx98G/m4BrbOC5rAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUrk897BQHXG01jGuOLCI4iVAtuo8wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9yazg5N0JRSFhHMDFq
R3VPTENJNGlWQXR1bzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQBj5rFA+40udAYPBY6u2SpPy6mz1tgN
kM6qGGpLNa98VUY7mU4UvSLvXGw4foKAONHsC3MmF/v7xhyO+Di4xoGrs0elve89
yPA4RbhoZXGjfdGF8+BR8QqAYKpANq6R2ODNPIzr1XQg4EPKnGm/K1jqgWIIYr7Q
SEEDdhhKqesVarzIf368d4wKb3z0TD8WR2KpvQwZ86CUOBQZ+likDB8uZF9wYVZE
Sh7r2IneX+aqvR6da81GO2ZkMTnfohj7oHIz3suTxOZnG/d+1SoiNR9CZQPFBhM1
16uWNEocof2SmY+taRquY5A0hAuLoDH2hC9lhrnX3oY3drsyEiWd6eBN
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org