Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zoQk9-zLUKcG1XUOsWFjoPlVgJo.roa
File: zoQk9-zLUKcG1XUOsWFjoPlVgJo.roa (raw, json)
Hash identifier: tnMIOhyV/WlqzBwnDoxCHkDJL8eUOcPJJUFHgz115Ww=
Subject key identifier: CE:84:24:F7:EC:CB:50:A7:06:D5:75:0E:B1:61:63:A0:F9:55:80:9A
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 096F
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zoQk9-zLUKcG1XUOsWFjoPlVgJo.roa
Signing time: Wed 29 Sep 2021 02:50:28 +0000
ROA not before: Wed 29 Sep 2021 02:50:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 134823
IP address blocks: 103.122.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2415 (0x96f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CE8424F7ECCB50A706D5750EB16163A0F955809A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5b:bd:9b:bc:c9:15:d4:ce:3a:ba:94:2c:a1:
02:3c:e4:a9:20:4e:9f:a8:44:56:2d:66:58:54:fd:
bd:d5:05:94:ef:9a:6f:e1:0c:81:f3:2d:b8:56:c1:
2a:92:e3:44:6d:2c:bf:94:28:41:ff:ea:e4:a5:4f:
6b:dc:c9:41:d2:2c:cb:80:9b:2d:41:63:c8:2d:da:
6b:ca:0a:c1:d7:72:dd:f8:fe:57:1b:db:8c:77:fc:
02:97:bb:56:a8:bb:84:ca:3f:af:85:14:99:7e:1d:
23:c6:5f:5d:51:7e:92:2b:c9:ba:b5:7b:d2:0e:9e:
2c:a7:05:c4:b1:14:29:54:89:85:91:17:2c:fe:75:
aa:cc:79:50:0d:dc:9c:fc:7d:70:32:c0:26:13:c2:
36:a9:7a:20:9f:3c:ad:0a:bd:de:42:26:50:0c:00:
ce:5d:0b:ac:39:e5:5f:3b:f3:6c:a3:75:4e:c1:e7:
fc:96:ba:df:f8:a2:fe:69:f0:b5:e2:0e:58:2e:e8:
d6:b8:48:84:98:da:27:7b:d6:c4:57:e2:4c:f6:d6:
ae:08:16:90:de:c2:03:e6:9e:88:db:89:b7:25:be:
c3:46:a9:f3:85:71:9d:20:a5:38:39:ca:a2:ed:d9:
79:86:dd:cd:ba:07:a6:46:d0:08:19:a8:8a:3c:ff:
11:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:84:24:F7:EC:CB:50:A7:06:D5:75:0E:B1:61:63:A0:F9:55:80:9A
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zoQk9-zLUKcG1XUOsWFjoPlVgJo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0e:b9:6e:cf:b3:9e:1c:64:75:43:9a:a0:12:05:ca:48:45:
bf:44:3a:d3:88:d8:1b:98:69:c0:ef:cd:98:cf:84:26:4c:96:
1d:4f:3c:08:97:3b:07:e8:e7:7d:dc:73:d7:64:62:2e:a4:e1:
25:ed:c4:4a:c7:c2:cd:6d:ec:75:fc:b1:d6:be:c2:4f:92:20:
5c:b7:e7:52:2c:03:87:3c:8f:4f:4f:98:6b:be:9c:6f:7a:0c:
e7:65:95:3d:66:30:ae:62:51:14:2f:7f:63:d6:e6:c0:60:c0:
35:47:db:96:09:99:e1:76:b9:85:cd:54:1d:67:d8:c7:8f:fd:
d2:af:aa:a6:fd:59:49:a4:2d:17:6e:f8:9b:1e:f3:9f:4c:b3:
3d:38:e9:c3:7d:f4:b6:a5:b5:57:00:b8:a9:17:a8:ba:70:14:
e4:c7:bb:37:9a:f7:aa:ce:ac:f1:49:eb:64:f4:12:57:23:56:
86:52:70:9c:9b:a5:ef:15:09:df:ef:de:e0:ad:15:3f:b9:79:
7e:70:28:fc:94:c4:76:41:fd:8f:8e:67:c3:e9:25:ec:77:ca:
10:14:13:72:05:59:40:71:21:f6:52:c0:12:ac:8a:97:52:6d:
32:78:a8:00:27:e9:60:d7:25:83:4a:c1:1b:aa:26:b1:49:38:
9a:23:60:72
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCW8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENFODQyNEY3RUNDQjUw
QTcwNkQ1NzUwRUIxNjE2M0EwRjk1NTgwOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIW72bvMkV1M46upQsoQI85KkgTp+oRFYtZlhU/b3VBZTvmm/h
DIHzLbhWwSqS40RtLL+UKEH/6uSlT2vcyUHSLMuAmy1BY8gt2mvKCsHXct34/lcb
24x3/AKXu1aou4TKP6+FFJl+HSPGX11RfpIrybq1e9IOniynBcSxFClUiYWRFyz+
darMeVAN3Jz8fXAywCYTwjapeiCfPK0Kvd5CJlAMAM5dC6w55V8782yjdU7B5/yW
ut/4ov5p8LXiDlgu6Na4SISY2id71sRX4kz21q4IFpDewgPmnojbibclvsNGqfOF
cZ0gpTg5yqLt2XmG3c26B6ZG0AgZqIo8/xHLAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUzoQk9+zLUKcG1XUOsWFjoPlVgJowHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC96b1FrOS16TFVLY0cx
WFVPc1dGam9QbFZnSm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q+MA0GCSqGSIb3DQEBCwUAA4IBAQBbDrluz7OeHGR1Q5qgEgXKSEW/RDrT
iNgbmGnA782Yz4QmTJYdTzwIlzsH6Od93HPXZGIupOEl7cRKx8LNbex1/LHWvsJP
kiBct+dSLAOHPI9PT5hrvpxvegznZZU9ZjCuYlEUL39j1ubAYMA1R9uWCZnhdrmF
zVQdZ9jHj/3Sr6qm/VlJpC0XbvibHvOfTLM9OOnDffS2pbVXALipF6i6cBTkx7s3
mveqzqzxSetk9BJXI1aGUnCcm6XvFQnf797grRU/uXl+cCj8lMR2Qf2PjmfD6SXs
d8oQFBNyBVlAcSH2UsASrIqXUm0yeKgAJ+lg1yWDSsEbqiaxSTiaI2By
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org