Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5PRax-zXwEadME3m0tVx97x-lYE.roa
File: 5PRax-zXwEadME3m0tVx97x-lYE.roa (raw, json)
Hash identifier: FNyd5jtW5LOByGokl0dNH1oUkUA4IV59t+BLyElbUIA=
Subject key identifier: E4:F4:5A:C7:EC:D7:C0:46:9D:30:4D:E6:D2:D5:71:F7:BC:7E:95:81
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 3B
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5PRax-zXwEadME3m0tVx97x-lYE.roa
Signing time: Fri 29 Oct 2021 17:52:17 +0000
ROA not before: Fri 29 Oct 2021 17:52:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 210707
IP address blocks: 103.172.124.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Oct 29 17:52:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=E4F45AC7ECD7C0469D304DE6D2D571F7BC7E9581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:06:d8:7f:0c:6f:12:e0:9e:89:73:52:6c:73:
16:2f:b8:63:2a:7c:f4:bf:be:18:95:d3:94:aa:f1:
ea:b2:06:c4:0b:bb:48:ca:8f:14:3c:c5:f3:e2:c9:
65:d9:45:fd:7a:12:8b:ac:57:8e:29:9b:9b:2d:18:
5d:f9:12:07:02:47:0a:6c:60:b1:c4:97:2d:98:a4:
0a:6e:27:65:2d:4f:ad:39:5b:2c:07:02:89:f2:64:
77:1c:0f:c9:ed:0a:af:63:11:87:0c:8c:a6:ed:e9:
fc:eb:ca:91:ec:0d:0f:ae:e0:40:4f:de:a4:47:1e:
18:95:b6:50:9b:01:a0:6f:01:bb:76:52:36:22:87:
a7:38:0e:52:9c:09:06:94:8d:38:0a:01:ad:1b:b0:
1e:83:d4:34:88:9a:d2:d8:f0:df:83:ba:95:e1:c7:
bf:f0:f1:38:87:43:37:e6:af:93:99:fd:28:d9:62:
4f:41:3b:75:1f:2a:12:d2:de:4c:e8:12:1c:f7:10:
f1:96:3c:5a:5e:c6:01:06:75:bd:e1:54:12:1b:31:
96:4e:16:df:f6:a2:04:32:6d:99:40:c7:24:22:53:
cc:14:be:32:04:93:e8:92:0d:97:97:c9:48:11:de:
3f:1d:06:a3:9b:7d:76:eb:70:f4:53:ca:11:e7:0a:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F4:5A:C7:EC:D7:C0:46:9D:30:4D:E6:D2:D5:71:F7:BC:7E:95:81
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/5PRax-zXwEadME3m0tVx97x-lYE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b7:81:c9:98:b5:57:67:5f:b0:fe:0f:18:18:66:e7:82:e9:
c6:74:28:ba:db:49:6a:c6:58:a9:24:4a:9e:62:13:18:6e:85:
f5:7c:78:d1:69:7e:c6:73:6c:c8:3c:3b:32:a0:59:2a:7e:cc:
bb:aa:b9:86:5c:0a:b6:18:85:35:fc:0b:49:92:f3:49:05:4e:
b6:29:9f:c8:d7:60:88:70:b2:5d:8f:35:ce:d4:1b:70:40:9d:
96:c7:85:c5:9f:cd:f8:69:d4:a6:dc:f1:71:1b:da:f5:91:1b:
1d:e2:a0:67:be:d9:11:9b:6d:7a:29:91:a8:a8:a9:c4:95:68:
bd:63:20:73:7c:84:3b:fe:51:ea:20:76:55:e3:a2:e1:6f:7e:
2c:c1:22:05:17:94:e1:1f:7b:18:ee:13:8e:3e:47:2c:9f:e5:
5e:fd:7a:f2:0b:ff:02:e7:03:96:df:60:78:8d:78:b3:9a:b0:
ba:17:e4:ce:5a:7c:6a:7b:a8:a9:40:c0:26:af:3f:a6:3c:a3:
35:57:0f:b5:fa:0a:ed:b5:c2:ce:98:ac:9c:2e:3b:f7:ba:aa:
8b:26:a3:bd:cc:aa:58:8e:1a:2a:81:e8:5a:3f:ea:7e:e8:c1:
db:45:74:e4:6c:5b:c3:9d:99:3e:2b:81:e4:9a:19:40:3a:8c:
42:b6:52:16
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMTAyOTE3
NTIxN1oXDTIyMDkyOTAyMzYyMlowMzExMC8GA1UEAxMoRTRGNDVBQzdFQ0Q3QzA0
NjlEMzA0REU2RDJENTcxRjdCQzdFOTU4MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALUG2H8MbxLgnolzUmxzFi+4Yyp89L++GJXTlKrx6rIGxAu7SMqP
FDzF8+LJZdlF/XoSi6xXjimbmy0YXfkSBwJHCmxgscSXLZikCm4nZS1PrTlbLAcC
ifJkdxwPye0Kr2MRhwyMpu3p/OvKkewND67gQE/epEceGJW2UJsBoG8Bu3ZSNiKH
pzgOUpwJBpSNOAoBrRuwHoPUNIia0tjw34O6leHHv/DxOIdDN+avk5n9KNliT0E7
dR8qEtLeTOgSHPcQ8ZY8Wl7GAQZ1veFUEhsxlk4W3/aiBDJtmUDHJCJTzBS+MgST
6JINl5fJSBHePx0Go5t9dutw9FPKEecKqM0CAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBTk9FrH7NfARp0wTebS1XH3vH6VgTAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS81UFJheC16WHdFYWRNRTNt
MHRWeDk3eC1sWUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQClt4HJmLVXZ1+w/g8YGGbngunGdCi620lq
xlipJEqeYhMYboX1fHjRaX7Gc2zIPDsyoFkqfsy7qrmGXAq2GIU1/AtJkvNJBU62
KZ/I12CIcLJdjzXO1BtwQJ2Wx4XFn834adSm3PFxG9r1kRsd4qBnvtkRm216KZGo
qKnElWi9YyBzfIQ7/lHqIHZV46Lhb34swSIFF5ThH3sY7hOOPkcsn+Ve/XryC/8C
5wOW32B4jXizmrC6F+TOWnxqe6ipQMAmrz+mPKM1Vw+1+grttcLOmKycLjv3uqqL
JqO9zKpYjhoqgehaP+p+6MHbRXTkbFvDnZk+K4HkmhlAOoxCtlIW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org