Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NRoAoKwNSDB3k3w4aX7J9_1AQkg.roa
File: NRoAoKwNSDB3k3w4aX7J9_1AQkg.roa (raw, json)
Hash identifier: sVPEm8FZxTr4DXhTUL6xwBcMoAWSV8Qnhp1hAnjT+1M=
Subject key identifier: 35:1A:00:A0:AC:0D:48:30:77:93:7C:38:69:7E:C9:F7:FD:40:42:48
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 05BB
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NRoAoKwNSDB3k3w4aX7J9_1AQkg.roa
Signing time: Thu 12 Oct 2023 08:30:06 +0000
ROA not before: Thu 12 Oct 2023 08:30:06 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131657
IP address blocks: 2403:9340::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1467 (0x5bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Oct 12 08:30:06 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=351A00A0AC0D483077937C38697EC9F7FD404248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:d7:ec:ba:b1:d7:fc:04:b0:ac:83:29:e2:
0f:53:d9:dc:23:8c:be:5d:00:bd:a6:1a:c1:8f:83:
83:fe:14:8a:d2:7a:33:45:26:e4:06:ac:e7:50:2c:
8f:25:1a:0c:3a:57:1c:f1:75:46:72:78:e3:d8:c5:
0c:e5:35:af:b9:08:cd:7e:21:05:45:91:9c:a5:39:
b5:aa:d0:46:32:a8:3f:77:16:5c:68:fe:77:31:f1:
23:e3:27:c7:43:a1:d5:f9:69:46:63:90:bf:6b:de:
71:0e:74:a3:cd:35:cd:a7:86:41:2d:bc:43:08:28:
32:a9:80:83:42:a8:af:8e:62:06:16:5a:ff:91:38:
a0:48:9d:6b:aa:da:49:11:ac:4e:33:28:99:8e:ce:
7f:46:bd:a7:06:f1:04:a4:3d:97:d6:e7:67:73:9b:
d2:14:f9:1f:37:81:a4:71:7e:b9:6d:c3:69:20:55:
35:69:28:76:79:ff:72:83:7c:43:dd:d8:b8:7c:b9:
5f:db:9f:11:e0:10:9f:6e:15:ce:13:20:6b:1e:83:
58:63:cc:b3:aa:d9:dc:a3:e2:11:6e:01:f5:51:8c:
3e:c7:96:07:a2:24:51:a2:c5:b7:2d:e1:ed:bd:7f:
1c:36:a0:fc:f7:28:a3:87:2f:cb:b1:b6:d8:12:33:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:00:A0:AC:0D:48:30:77:93:7C:38:69:7E:C9:F7:FD:40:42:48
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/NRoAoKwNSDB3k3w4aX7J9_1AQkg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/48
Signature Algorithm: sha256WithRSAEncryption
13:70:e5:98:92:b4:6a:24:08:62:b8:4b:9d:67:17:35:c7:7e:
2a:d5:9d:8c:c7:b8:67:f8:89:bf:44:34:df:76:7f:17:5d:bd:
44:08:2c:a5:94:1d:0e:4a:03:f0:92:1a:8a:0d:85:4e:9c:79:
c8:b5:4b:03:93:ed:5f:e3:af:a9:4c:94:5e:60:7a:a6:a2:7e:
26:58:7f:d5:7d:b4:e5:1d:2e:9e:7b:19:c3:de:ff:20:ec:88:
a5:8d:94:c3:57:c9:25:fd:3a:71:c6:f5:f0:ac:fa:01:85:26:
27:59:94:9a:be:aa:fa:c2:a4:be:6f:04:8e:0d:17:8e:c2:2f:
7b:e4:92:eb:69:55:96:48:23:0c:3a:d3:a9:32:83:c1:2b:60:
ea:ae:dd:b6:30:67:db:00:f9:e6:f7:d1:ab:f4:8c:bd:54:23:
a4:56:39:39:77:62:4c:39:51:be:47:30:6a:1d:34:81:ce:2e:
cd:7d:b3:e9:33:b0:ef:eb:f2:c1:08:44:34:24:34:3d:2b:d3:
e4:cb:43:9b:61:60:b0:ea:3c:d0:4a:0c:9c:62:ea:fe:e7:64:
b3:b6:fa:76:b3:9c:03:1a:59:0f:cb:3e:31:69:ba:05:9c:e5:
23:5c:36:18:41:1b:30:44:d4:5e:ad:18:07:f8:80:d6:7c:c8:
cf:7f:b1:95
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzEwMTIw
ODMwMDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM1MUEwMEEwQUMwRDQ4
MzA3NzkzN0MzODY5N0VDOUY3RkQ0MDQyNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCppNfsurHX/ASwrIMp4g9T2dwjjL5dAL2mGsGPg4P+FIrSejNF
JuQGrOdQLI8lGgw6VxzxdUZyeOPYxQzlNa+5CM1+IQVFkZylObWq0EYyqD93Flxo
/ncx8SPjJ8dDodX5aUZjkL9r3nEOdKPNNc2nhkEtvEMIKDKpgINCqK+OYgYWWv+R
OKBInWuq2kkRrE4zKJmOzn9GvacG8QSkPZfW52dzm9IU+R83gaRxfrltw2kgVTVp
KHZ5/3KDfEPd2Lh8uV/bnxHgEJ9uFc4TIGseg1hjzLOq2dyj4hFuAfVRjD7Hlgei
JFGixbct4e29fxw2oPz3KKOHL8uxttgSM5olAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNRoAoKwNSDB3k3w4aX7J9/1AQkgwHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL05Sb0FvS3dOU0RCM2szdzRh
WDdKOV8xQVFrZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
A5NAAAAwDQYJKoZIhvcNAQELBQADggEBABNw5ZiStGokCGK4S51nFzXHfirVnYzH
uGf4ib9ENN92fxddvUQILKWUHQ5KA/CSGooNhU6ceci1SwOT7V/jr6lMlF5geqai
fiZYf9V9tOUdLp57GcPe/yDsiKWNlMNXySX9OnHG9fCs+gGFJidZlJq+qvrCpL5v
BI4NF47CL3vkkutpVZZIIww606kyg8ErYOqu3bYwZ9sA+eb30av0jL1UI6RWOTl3
Ykw5Ub5HMGodNIHOLs19s+kzsO/r8sEIRDQkND0r0+TLQ5thYLDqPNBKDJxi6v7n
ZLO2+naznAMaWQ/LPjFpugWc5SNcNhhBGzBE1F6tGAf4gNZ8yM9/sZU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org