Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/Oh_zSEYkO2u3obCFeiy4LREhc_8.roa
File: Oh_zSEYkO2u3obCFeiy4LREhc_8.roa (raw, json)
Hash identifier: 2Q+cOIsqj1pikWKaNigrwMGF9LxzgPRixGY0jx1rsvI=
Subject key identifier: 3A:1F:F3:48:46:24:3B:6B:B7:A1:B0:85:7A:2C:B8:2D:11:21:73:FF
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 05B5
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/Oh_zSEYkO2u3obCFeiy4LREhc_8.roa
Signing time: Thu 12 Oct 2023 08:27:31 +0000
ROA not before: Thu 12 Oct 2023 08:27:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2403:9340::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1461 (0x5b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Oct 12 08:27:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3A1FF34846243B6BB7A1B0857A2CB82D112173FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:45:f0:06:df:75:11:f8:86:fb:74:8e:a1:
e9:48:c5:fe:ef:7e:b5:a1:4e:7b:9a:95:c5:b3:2f:
69:1a:ad:3b:be:4d:3e:68:f6:f8:b7:0b:1c:06:68:
2e:77:e5:d5:16:89:f1:94:4b:4d:06:f4:06:14:e3:
21:b6:f8:0d:f2:5b:05:92:04:9a:d0:14:49:9f:ef:
38:02:b7:da:65:df:44:04:88:3b:06:5a:63:48:af:
35:a7:45:2c:70:1c:67:62:16:59:83:23:02:4a:e5:
72:d2:40:36:de:a7:d7:0c:63:87:23:f8:45:ee:0b:
ab:64:44:11:d9:f7:5e:e4:35:a2:f5:ed:06:97:35:
7f:aa:e0:6e:bf:c1:63:0b:94:94:09:24:1a:7a:c7:
d2:a1:81:a7:ac:f9:31:9d:b0:00:c0:59:8c:cb:bc:
e0:75:75:72:59:4b:05:eb:0b:82:dd:0d:ef:31:66:
d2:43:59:4d:f2:af:49:0d:cf:6c:8c:2e:73:2e:7b:
d1:52:23:ad:78:36:1b:10:4a:9f:1f:b0:00:0e:74:
93:1e:2b:e3:72:6f:10:9a:3b:f1:7f:e6:be:01:f2:
6a:94:2e:82:8c:e2:35:73:70:da:14:05:bb:f4:02:
80:84:a8:82:1e:43:f2:3d:c7:4f:d2:8a:f9:98:6a:
d2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1F:F3:48:46:24:3B:6B:B7:A1:B0:85:7A:2C:B8:2D:11:21:73:FF
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/Oh_zSEYkO2u3obCFeiy4LREhc_8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/32
Signature Algorithm: sha256WithRSAEncryption
2a:3b:b1:e5:db:68:09:ca:aa:64:ce:76:f7:97:35:c9:d7:87:
53:b7:00:87:fc:54:c0:fe:4d:be:7a:03:af:32:74:4c:29:81:
d0:7b:5e:1c:f3:48:1e:2e:99:f4:c7:bc:b0:99:75:ad:4a:89:
e1:2b:63:19:bc:7a:09:64:bd:78:29:30:ed:52:23:41:27:29:
36:d6:58:4a:4d:aa:cf:33:fe:b6:fd:df:04:15:cf:a3:55:04:
35:f1:37:80:1b:65:d0:6a:26:d8:fe:6f:91:57:36:09:2d:e5:
aa:f1:14:6c:c1:1a:d9:d2:90:dd:62:6e:3b:bf:0e:9c:f0:a0:
45:73:05:a0:cf:19:3e:f8:0e:fc:4b:56:77:a7:b0:1b:8f:66:
84:02:e7:b8:42:b1:4b:75:b8:a4:94:5e:6f:2f:da:cf:93:c7:
cd:8b:9c:61:57:7f:5c:bd:7f:54:6d:e2:1e:e5:3d:4b:b5:30:
ce:00:c6:fd:9f:6a:f1:57:30:74:23:ce:0e:94:32:b3:a4:98:
80:c1:fd:1c:49:70:da:9d:41:2c:26:d4:45:7c:36:23:2b:9a:
61:6a:fa:4d:a1:1b:73:4a:7c:ab:ab:3d:ce:f3:0c:3a:c3:c4:
17:0d:90:af:9f:ea:50:b4:5e:78:25:5c:8a:33:ae:b7:b7:cf:
dd:83:6c:e0
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBbUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzEwMTIw
ODI3MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNBMUZGMzQ4NDYyNDNC
NkJCN0ExQjA4NTdBMkNCODJEMTEyMTczRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEtkXwBt91EfiG+3SOoelIxf7vfrWhTnualcWzL2karTu+TT5o
9vi3CxwGaC535dUWifGUS00G9AYU4yG2+A3yWwWSBJrQFEmf7zgCt9pl30QEiDsG
WmNIrzWnRSxwHGdiFlmDIwJK5XLSQDbep9cMY4cj+EXuC6tkRBHZ917kNaL17QaX
NX+q4G6/wWMLlJQJJBp6x9Khgaes+TGdsADAWYzLvOB1dXJZSwXrC4LdDe8xZtJD
WU3yr0kNz2yMLnMue9FSI614NhsQSp8fsAAOdJMeK+NybxCaO/F/5r4B8mqULoKM
4jVzcNoUBbv0AoCEqIIeQ/I9x0/SivmYatK7AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUOh/zSEYkO2u3obCFeiy4LREhc/8wHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL09oX3pTRVlrTzJ1M29iQ0Zl
aXk0TFJFaGNfOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
A5NAMA0GCSqGSIb3DQEBCwUAA4IBAQAqO7Hl22gJyqpkznb3lzXJ14dTtwCH/FTA
/k2+egOvMnRMKYHQe14c80geLpn0x7ywmXWtSonhK2MZvHoJZL14KTDtUiNBJyk2
1lhKTarPM/62/d8EFc+jVQQ18TeAG2XQaibY/m+RVzYJLeWq8RRswRrZ0pDdYm47
vw6c8KBFcwWgzxk++A78S1Z3p7Abj2aEAue4QrFLdbiklF5vL9rPk8fNi5xhV39c
vX9UbeIe5T1LtTDOAMb9n2rxVzB0I84OlDKzpJiAwf0cSXDanUEsJtRFfDYjK5ph
avpNoRtzSnyrqz3O8ww6w8QXDZCvn+pQtF54JVyKM663t8/dg2zg
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org