Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/8qB0K1i7B-0seYD-Z3AUJZv_XUw.roa
File: 8qB0K1i7B-0seYD-Z3AUJZv_XUw.roa (raw, json)
Hash identifier: 0OME7GiHKPMh4AQBTVElvWo/gtwHiYDYWe6GGTbjwVQ=
Subject key identifier: F2:A0:74:2B:58:BB:07:ED:2C:79:80:FE:67:70:14:25:9B:FF:5D:4C
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 0265
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/8qB0K1i7B-0seYD-Z3AUJZv_XUw.roa
Signing time: Wed 20 Dec 2023 10:58:39 +0000
ROA not before: Wed 20 Dec 2023 10:58:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18428
IP address blocks: 2407:d241::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 613 (0x265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Dec 20 10:58:39 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F2A0742B58BB07ED2C7980FE677014259BFF5D4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:e8:ed:26:cf:68:c2:c4:79:2f:98:48:e7:
3f:29:5d:b7:9c:c1:e0:5b:c6:e9:a4:e1:83:df:80:
f6:88:bb:94:d4:f6:85:d2:43:8c:32:23:24:5e:0f:
0e:16:ff:aa:ba:40:e9:62:be:72:ef:3f:56:4b:c2:
57:93:93:34:4d:90:2c:b9:bb:55:bf:e0:8a:c9:58:
88:38:79:0e:dd:23:c9:22:2c:1c:d2:ab:97:4a:6c:
99:67:f1:ba:42:e5:d5:fb:91:c0:a5:bb:96:74:fd:
c0:a7:8c:17:dc:4e:8a:dd:73:17:6b:2d:10:c8:e7:
8c:64:03:a6:92:71:8a:8e:b4:02:cd:f6:a5:77:35:
4a:10:a9:4f:32:da:73:d8:a9:eb:c0:80:1e:bb:13:
29:b7:a3:2a:9e:27:48:b6:a0:3b:03:3f:5f:9d:85:
7d:ee:22:a9:d1:03:c2:6e:69:de:70:a3:ac:5e:84:
04:9e:b0:d5:87:ba:31:fb:8d:b2:b4:2b:e6:a0:82:
20:93:f1:78:dd:fa:5c:7b:79:46:ae:d4:1f:a8:cc:
dd:fe:00:f5:96:a8:ac:8d:03:98:4f:a2:d0:51:3c:
80:06:bb:0d:e6:ff:aa:ee:11:2c:10:e3:41:77:1d:
18:35:6c:43:18:5d:ee:db:68:7e:82:0a:77:78:3e:
03:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A0:74:2B:58:BB:07:ED:2C:79:80:FE:67:70:14:25:9B:FF:5D:4C
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/8qB0K1i7B-0seYD-Z3AUJZv_XUw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d241::/32
Signature Algorithm: sha256WithRSAEncryption
53:5e:ce:15:c8:5a:fe:5b:35:56:1a:18:96:f3:0f:51:c7:1a:
0f:fd:be:40:fa:46:24:28:0e:c5:97:2b:a6:8b:41:3b:ae:16:
58:a8:2e:9f:88:3a:30:90:92:8a:2b:2a:df:92:8f:68:12:3f:
b4:25:94:c0:80:df:a5:9b:d7:62:4d:09:c4:ff:a6:9a:d5:a1:
ea:e7:c7:0b:b0:e7:0c:29:d7:83:6d:eb:c1:e9:4e:b7:aa:67:
01:a8:1d:36:6f:39:ce:1b:47:59:13:52:2b:1a:1a:47:84:5e:
8d:f6:e6:72:22:01:e7:6e:c1:27:ee:7f:4e:d2:20:2c:15:54:
4a:bb:10:b1:50:0a:a5:e7:18:0f:97:a4:1f:da:5a:9e:1d:a0:
bb:6a:46:8e:31:7d:08:14:25:95:17:d5:8a:88:63:58:b7:22:
77:e6:d0:84:b5:cc:a2:92:d0:09:7c:ca:70:39:49:5f:52:7d:
25:49:36:05:bc:92:41:55:3b:1b:02:8f:4b:63:11:d0:3e:fa:
80:1e:59:c4:e6:7d:88:6d:07:dd:0e:fd:be:c2:fa:93:4a:ed:
30:e6:f7:be:f4:8d:75:77:9e:cb:38:e1:60:29:ca:8c:87:b5:
36:24:4d:60:d9:65:0a:81:0c:85:eb:3f:17:ef:8a:d2:e5:60:
9d:27:00:a9
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAmUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yMzEyMjAx
MDU4MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEYyQTA3NDJCNThCQjA3
RUQyQzc5ODBGRTY3NzAxNDI1OUJGRjVENEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC64ejtJs9owsR5L5hI5z8pXbecweBbxumk4YPfgPaIu5TU9oXS
Q4wyIyReDw4W/6q6QOlivnLvP1ZLwleTkzRNkCy5u1W/4IrJWIg4eQ7dI8kiLBzS
q5dKbJln8bpC5dX7kcClu5Z0/cCnjBfcTordcxdrLRDI54xkA6aScYqOtALN9qV3
NUoQqU8y2nPYqevAgB67Eym3oyqeJ0i2oDsDP1+dhX3uIqnRA8Juad5wo6xehASe
sNWHujH7jbK0K+aggiCT8Xjd+lx7eUau1B+ozN3+APWWqKyNA5hPotBRPIAGuw3m
/6ruESwQ40F3HRg1bEMYXe7baH6CCnd4PgN1AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU8qB0K1i7B+0seYD+Z3AUJZv/XUwwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC84cUIwSzFpN0ItMHNl
WUQtWjNBVUpadl9YVXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAfSQTANBgkqhkiG9w0BAQsFAAOCAQEAU17OFcha/ls1VhoYlvMPUccaD/2+
QPpGJCgOxZcrpotBO64WWKgun4g6MJCSiisq35KPaBI/tCWUwIDfpZvXYk0JxP+m
mtWh6ufHC7DnDCnXg23rwelOt6pnAagdNm85zhtHWRNSKxoaR4RejfbmciIB527B
J+5/TtIgLBVUSrsQsVAKpecYD5ekH9panh2gu2pGjjF9CBQllRfViohjWLcid+bQ
hLXMopLQCXzKcDlJX1J9JUk2BbySQVU7GwKPS2MR0D76gB5ZxOZ9iG0H3Q79vsL6
k0rtMOb3vvSNdXeeyzjhYCnKjIe1NiRNYNllCoEMhes/F++K0uVgnScAqQ==
Generated at Fri Dec 22 06:25:49 2023 by rpki-client on console-ams.rpki-client.org