Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zusfHU2uz41NAGItUQs2LiPnauw.roa
File: zusfHU2uz41NAGItUQs2LiPnauw.roa (raw, json)
Hash identifier: dDni4PkLB1umUeXdlSzxTZTPIk2Yr5N2nxJYWzOs/O4=
Subject key identifier: CE:EB:1F:1D:4D:AE:CF:8D:4D:00:62:2D:51:0B:36:2E:23:E7:6A:EC
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0974
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zusfHU2uz41NAGItUQs2LiPnauw.roa
Signing time: Wed 29 Sep 2021 02:50:30 +0000
ROA not before: Wed 29 Sep 2021 02:50:30 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131657
IP address blocks: 103.122.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2420 (0x974)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:30 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=CEEB1F1D4DAECF8D4D00622D510B362E23E76AEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ed:66:49:be:7b:c6:44:7d:1d:86:13:48:75:
5e:04:24:ac:9b:d1:b0:88:90:7d:0e:ab:90:3c:fd:
b9:2e:5f:fe:a5:cb:8d:dc:43:3b:df:ab:51:b3:25:
ad:00:a0:31:30:ee:4d:b7:8c:89:f0:10:13:28:5f:
36:15:1b:7d:24:cb:57:19:3d:da:0c:fb:3e:bb:de:
6d:bb:43:71:6b:b4:e4:1b:79:ee:e3:dd:b1:de:fc:
79:eb:4b:04:f5:54:cf:89:6c:3d:02:ec:40:23:f5:
9b:f7:3e:e8:72:e0:0b:1b:8e:e3:12:f0:6e:cf:4c:
56:25:bc:81:d9:ac:81:57:b1:de:0a:95:0c:7a:b6:
87:20:2c:9e:4a:1a:5e:bd:f3:d6:a7:0b:9a:2d:b8:
6d:97:16:3d:98:34:e2:16:9b:d8:17:b9:57:ee:ea:
58:df:72:dc:8f:69:82:b2:90:12:ba:62:ca:49:73:
7c:a7:b0:ee:c0:ef:67:08:39:1f:88:63:59:8d:be:
87:79:60:e1:93:0e:5e:2f:d3:3b:eb:ca:a4:e1:36:
48:60:a5:f4:39:3b:59:0b:ee:32:fa:1e:66:02:18:
c2:e4:54:6e:26:a6:af:6f:db:89:f6:d0:74:f9:a8:
b4:8d:7f:ac:01:3d:9f:27:af:1e:ab:80:3f:a9:b2:
7a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EB:1F:1D:4D:AE:CF:8D:4D:00:62:2D:51:0B:36:2E:23:E7:6A:EC
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/zusfHU2uz41NAGItUQs2LiPnauw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:79:2f:08:63:b7:7c:52:88:98:96:49:30:a4:c6:50:f6:92:
bd:4e:56:5b:e4:1d:a2:5e:96:e8:8d:c9:ad:2b:b4:eb:98:42:
86:97:f4:c1:7b:ff:41:89:e2:a9:8f:36:b5:76:0a:48:78:17:
69:85:fb:6e:59:74:88:c2:b5:a3:be:89:7a:96:ef:34:0e:4d:
81:40:fd:00:2f:2c:ee:c7:e2:d0:de:04:96:3e:17:0b:81:48:
92:3b:8f:b9:82:5e:3e:a8:2f:d1:5d:69:3b:47:9c:9d:80:7c:
fa:cd:24:8e:3d:0a:9f:70:5f:a4:03:df:6f:07:e4:c2:04:1a:
93:27:aa:93:0d:2f:08:14:42:af:a1:67:4e:22:f3:17:a9:71:
44:be:b4:45:96:5e:4a:d3:ac:8b:00:5a:05:6b:8e:83:6b:a6:
d1:bd:34:d1:a8:f8:77:95:05:fe:3f:6d:de:96:1c:51:11:5f:
e6:a6:6f:d5:12:12:cc:e4:13:31:02:d4:32:ed:6c:65:6a:ef:
36:54:db:d2:8e:02:99:bd:9d:78:3c:16:77:0b:a3:4c:2d:24:
1e:22:87:4f:98:9c:1b:40:a6:3a:38:d6:e7:75:72:52:18:15:
a5:89:8a:e4:2b:eb:c0:7c:9a:61:db:a9:7b:fe:a2:cd:20:3a:
51:2d:b3:03
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMzBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKENFRUIxRjFENERBRUNG
OEQ0RDAwNjIyRDUxMEIzNjJFMjNFNzZBRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC67WZJvnvGRH0dhhNIdV4EJKyb0bCIkH0Oq5A8/bkuX/6ly43c
Qzvfq1GzJa0AoDEw7k23jInwEBMoXzYVG30ky1cZPdoM+z673m27Q3FrtOQbee7j
3bHe/HnrSwT1VM+JbD0C7EAj9Zv3Puhy4AsbjuMS8G7PTFYlvIHZrIFXsd4KlQx6
tocgLJ5KGl6989anC5otuG2XFj2YNOIWm9gXuVfu6ljfctyPaYKykBK6YspJc3yn
sO7A72cIOR+IY1mNvod5YOGTDl4v0zvryqThNkhgpfQ5O1kL7jL6HmYCGMLkVG4m
pq9v24n20HT5qLSNf6wBPZ8nrx6rgD+psnpFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUzusfHU2uz41NAGItUQs2LiPnauwwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC96dXNmSFUydXo0MU5B
R0l0VVFzMkxpUG5hdXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAceS8IY7d8UoiYlkkwpMZQ9pK9TlZb
5B2iXpbojcmtK7TrmEKGl/TBe/9BieKpjza1dgpIeBdphftuWXSIwrWjvol6lu80
Dk2BQP0ALyzux+LQ3gSWPhcLgUiSO4+5gl4+qC/RXWk7R5ydgHz6zSSOPQqfcF+k
A99vB+TCBBqTJ6qTDS8IFEKvoWdOIvMXqXFEvrRFll5K06yLAFoFa46Da6bRvTTR
qPh3lQX+P23elhxREV/mpm/VEhLM5BMxAtQy7Wxlau82VNvSjgKZvZ14PBZ3C6NM
LSQeIodPmJwbQKY6ONbndXJSGBWliYrkK+vAfJph26l7/qLNIDpRLbMD
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org