Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/1LavnttWT_YKlAbJ1oUCpPdwhD0.roa
File: 1LavnttWT_YKlAbJ1oUCpPdwhD0.roa (raw, json)
Hash identifier: gh2yrFeW56k8kBuX4iWpyJ3hDUt/RTyRv7Xh+6Bkx74=
Subject key identifier: D4:B6:AF:9E:DB:56:4F:F6:0A:94:06:C9:D6:85:02:A4:F7:70:84:3D
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/1LavnttWT_YKlAbJ1oUCpPdwhD0.roa
Signing time: Thu 15 Sep 2022 02:41:52 +0000
ROA not before: Thu 15 Sep 2022 02:41:52 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24162
IP address blocks: 2407:d1c0::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:52 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=D4B6AF9EDB564FF60A9406C9D68502A4F770843D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:17:be:80:7d:f4:1a:09:ca:91:bb:35:45:
32:3f:b6:7e:17:8f:d7:0e:be:76:de:54:10:c7:4d:
d0:05:06:95:de:cf:86:70:e0:a4:7b:3e:76:0e:f0:
56:52:ff:4e:21:9e:2b:19:37:a4:15:e3:a4:f3:44:
a8:e7:47:af:f2:07:2c:2d:8a:65:1e:a6:c6:69:10:
08:4d:fd:00:25:e3:d7:71:78:2f:a6:96:f0:35:d6:
57:11:67:ba:31:37:08:73:ce:f8:b6:29:f0:c9:38:
60:41:e5:eb:6e:95:06:0a:b5:4e:14:8a:5e:5b:bd:
d9:0c:d1:1d:0a:6e:b0:5e:d0:65:8c:18:5d:af:b8:
ff:d8:81:7d:85:a2:83:84:bb:27:e3:ad:67:78:2b:
aa:67:6c:7e:11:a8:77:f3:ff:8a:43:61:bc:87:f7:
19:17:74:65:7a:00:34:5e:67:11:91:be:63:a7:c3:
64:9e:4f:07:c2:ef:45:40:92:29:1b:5b:ae:02:83:
31:df:62:7f:3c:38:0e:44:76:ca:c2:66:30:ee:9c:
ca:1f:2a:53:85:4b:18:f4:e5:db:14:12:9c:da:38:
2e:d9:40:08:70:1e:31:03:d1:4a:c9:f6:be:48:80:
d6:08:1f:1d:41:94:a7:63:a6:c3:f8:a4:c3:3b:9b:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B6:AF:9E:DB:56:4F:F6:0A:94:06:C9:D6:85:02:A4:F7:70:84:3D
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/1LavnttWT_YKlAbJ1oUCpPdwhD0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
65:67:41:a3:7b:30:18:d4:68:cd:02:82:bf:b5:f7:f7:67:61:
9b:20:99:b2:ff:ed:dc:96:99:ea:f4:8c:07:64:32:98:8d:83:
bd:ea:60:ff:ff:11:ac:bc:78:8b:a8:47:38:61:b7:2d:0b:ca:
94:a6:54:1d:4c:8c:7a:e3:37:80:53:6e:5e:1e:c3:31:e0:06:
72:bd:49:3c:e7:55:b8:5d:96:23:83:5d:bc:b9:96:06:99:06:
43:8f:ed:60:65:5f:ed:85:54:db:ff:a5:ec:b1:fe:e3:9d:85:
3f:f8:6d:4b:7b:d9:03:c6:a7:b0:ba:03:c0:60:41:7a:d3:75:
3e:99:cb:40:1e:0b:02:91:5a:46:ac:67:52:03:81:f4:4f:20:
8f:71:ef:6e:4b:e4:fe:55:bd:c6:e0:7c:07:a8:5d:8c:a2:26:
d7:45:df:fe:10:a1:f5:bd:a7:b0:09:51:93:a7:85:75:01:53:
bd:0a:ca:a0:28:09:7e:90:e7:bc:8b:e8:85:50:d1:06:c0:59:
ef:f4:44:26:2e:aa:e5:ef:56:53:a5:05:c9:da:0a:5f:d6:2c:
9c:e5:ca:34:f2:18:dd:f7:0a:f1:e2:41:bd:b2:d9:58:b8:40:
23:74:55:5b:e6:07:fa:48:e9:36:1c:aa:bf:ea:4d:fa:bb:ac:
ef:ec:7e:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEQ0QjZBRjlFREI1NjRG
RjYwQTk0MDZDOUQ2ODUwMkE0Rjc3MDg0M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC13Be+gH30GgnKkbs1RTI/tn4Xj9cOvnbeVBDHTdAFBpXez4Zw
4KR7PnYO8FZS/04hnisZN6QV46TzRKjnR6/yBywtimUepsZpEAhN/QAl49dxeC+m
lvA11lcRZ7oxNwhzzvi2KfDJOGBB5etulQYKtU4Uil5bvdkM0R0KbrBe0GWMGF2v
uP/YgX2FooOEuyfjrWd4K6pnbH4RqHfz/4pDYbyH9xkXdGV6ADReZxGRvmOnw2Se
TwfC70VAkikbW64CgzHfYn88OA5EdsrCZjDunMofKlOFSxj05dsUEpzaOC7ZQAhw
HjED0UrJ9r5IgNYIHx1BlKdjpsP4pMM7m91dAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1LavnttWT/YKlAbJ1oUCpPdwhD0wHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvMUxhdm50dFdUX1lLbEFi
SjFvVUNwUGR3aEQwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQH0cAwDQYJKoZIhvcNAQELBQADggEBAGVnQaN7MBjUaM0Cgr+19/dnYZsgmbL/
7dyWmer0jAdkMpiNg73qYP//Eay8eIuoRzhhty0LypSmVB1MjHrjN4BTbl4ewzHg
BnK9STznVbhdliODXby5lgaZBkOP7WBlX+2FVNv/peyx/uOdhT/4bUt72QPGp7C6
A8BgQXrTdT6Zy0AeCwKRWkasZ1IDgfRPII9x725L5P5VvcbgfAeoXYyiJtdF3/4Q
ofW9p7AJUZOnhXUBU70KyqAoCX6Q57yL6IVQ0QbAWe/0RCYuquXvVlOlBcnaCl/W
LJzlyjTyGN33CvHiQb2y2Vi4QCN0VVvmB/pI6TYcqr/qTfq7rO/sfo8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org