Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/yok9Y_Oq8JLBf3WuZLUR_1tFsk8.roa
File: yok9Y_Oq8JLBf3WuZLUR_1tFsk8.roa (raw, json)
Hash identifier: 9w/+4RR/Lam07pXu5VeXl+jygS1uhWH2r1VSZABIYL4=
Subject key identifier: CA:89:3D:63:F3:AA:F0:92:C1:7F:75:AE:64:B5:11:FF:5B:45:B2:4F
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 05B7
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/yok9Y_Oq8JLBf3WuZLUR_1tFsk8.roa
Signing time: Thu 12 Oct 2023 08:27:47 +0000
ROA not before: Thu 12 Oct 2023 08:27:47 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 20473
IP address blocks: 2403:9340::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1463 (0x5b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Oct 12 08:27:47 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CA893D63F3AAF092C17F75AE64B511FF5B45B24F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:48:82:cd:70:b8:c5:cc:d5:6b:5b:fd:f3:ef:
f4:8c:91:cb:9c:99:9d:5f:cc:f2:7d:57:f4:de:e2:
42:66:ae:30:4a:23:fb:59:b5:92:94:5b:00:9b:0b:
0b:04:a0:18:da:37:4c:7b:b2:8b:96:c5:b0:90:92:
3a:5f:04:30:2b:57:20:f6:e3:74:b5:39:87:b7:0a:
20:c2:a2:2c:04:84:f0:84:fc:95:6c:91:4d:b8:35:
ff:ee:7d:5b:af:c4:42:d1:ce:7b:74:e2:49:7f:14:
e1:88:5a:74:12:90:46:cb:e9:18:45:ad:12:f3:37:
4d:2b:b1:60:63:5d:04:19:e3:91:b1:33:86:21:98:
09:72:48:6b:8c:10:0c:1c:8b:8e:cc:ac:5d:37:fa:
8b:36:8f:62:c7:f4:6f:63:0e:b9:f3:01:0b:3c:65:
d2:1a:7e:4e:a4:e6:1b:f3:e1:f1:f3:df:71:2b:16:
b9:ff:fd:a8:b4:95:1d:52:e8:c1:64:b3:62:cd:7e:
3c:7c:f6:25:53:7f:76:0c:a0:f9:ae:ef:f8:4a:cd:
c8:e4:61:27:0b:38:0a:76:48:f9:61:bd:03:d3:02:
43:e8:c2:a2:c3:52:70:be:20:71:87:57:5b:6f:bd:
bc:88:33:36:15:dd:f6:0f:dc:1c:52:20:1d:44:0c:
51:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:89:3D:63:F3:AA:F0:92:C1:7F:75:AE:64:B5:11:FF:5B:45:B2:4F
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/yok9Y_Oq8JLBf3WuZLUR_1tFsk8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:9340::/32
Signature Algorithm: sha256WithRSAEncryption
27:8a:39:fa:51:3c:87:d1:ae:f7:77:8a:b9:5c:f6:e7:9f:6d:
9f:e9:f3:cc:05:70:32:4a:58:b1:b0:53:2b:9e:83:fb:60:7c:
4b:87:07:e9:bd:7e:cc:cd:d4:49:18:4c:1b:dc:1a:bd:f0:30:
24:2a:5e:f7:7e:4b:61:a7:f3:ad:6a:78:b9:9a:d0:54:95:51:
45:ba:93:e3:52:2e:8b:db:5c:7b:81:46:3d:48:7f:38:3d:49:
90:48:41:7b:53:3d:2c:b9:23:cc:f1:ad:3f:1c:2c:b0:19:51:
f9:f6:78:92:e6:a1:0c:cf:60:8d:9a:93:15:d1:37:0b:b6:60:
c5:b4:9a:79:4c:1b:68:cc:f6:a5:20:ca:0f:ce:c5:12:e0:f1:
f0:50:31:8a:9f:9a:66:d8:d6:dc:08:8f:c2:60:ed:0d:aa:dd:
2e:32:16:aa:44:bb:fe:f4:ab:0c:4d:19:41:c3:27:70:9c:33:
2f:2f:d4:f2:1a:d9:cd:36:6a:1f:eb:b6:23:56:ef:fb:df:03:
90:64:42:68:5d:23:cd:28:37:7f:6a:e0:0a:57:37:1e:14:ec:
d0:69:f7:64:f7:d0:b6:05:14:05:e0:52:d7:d9:d3:cb:05:cf:
50:83:e5:d0:6a:49:21:9d:cb:e9:a6:82:91:80:80:ce:22:ed:
56:64:e7:81
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBbcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yMzEwMTIw
ODI3NDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENBODkzRDYzRjNBQUYw
OTJDMTdGNzVBRTY0QjUxMUZGNUI0NUIyNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgSILNcLjFzNVrW/3z7/SMkcucmZ1fzPJ9V/Te4kJmrjBKI/tZ
tZKUWwCbCwsEoBjaN0x7souWxbCQkjpfBDArVyD243S1OYe3CiDCoiwEhPCE/JVs
kU24Nf/ufVuvxELRznt04kl/FOGIWnQSkEbL6RhFrRLzN00rsWBjXQQZ45GxM4Yh
mAlySGuMEAwci47MrF03+os2j2LH9G9jDrnzAQs8ZdIafk6k5hvz4fHz33ErFrn/
/ai0lR1S6MFks2LNfjx89iVTf3YMoPmu7/hKzcjkYScLOAp2SPlhvQPTAkPowqLD
UnC+IHGHV1tvvbyIMzYV3fYP3BxSIB1EDFEPAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUyok9Y/Oq8JLBf3WuZLUR/1tFsk8wHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL3lvazlZX09xOEpMQmYzV3Va
TFVSXzF0RnNrOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
A5NAMA0GCSqGSIb3DQEBCwUAA4IBAQAnijn6UTyH0a73d4q5XPbnn22f6fPMBXAy
SlixsFMrnoP7YHxLhwfpvX7MzdRJGEwb3Bq98DAkKl73fkthp/Otani5mtBUlVFF
upPjUi6L21x7gUY9SH84PUmQSEF7Uz0suSPM8a0/HCywGVH59niS5qEMz2CNmpMV
0TcLtmDFtJp5TBtozPalIMoPzsUS4PHwUDGKn5pm2NbcCI/CYO0Nqt0uMhaqRLv+
9KsMTRlBwydwnDMvL9TyGtnNNmof67YjVu/73wOQZEJoXSPNKDd/auAKVzceFOzQ
afdk99C2BRQF4FLX2dPLBc9Qg+XQakkhncvppoKRgIDOIu1WZOeB
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org