Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/6UfQDQBpKtNmqbJuZQtMTI3P4jE.roa
File: 6UfQDQBpKtNmqbJuZQtMTI3P4jE.roa (raw, json)
Hash identifier: K09UuLDo0ELJjSKl6sHFUd6F/5bzhrqax7U2tK7Bgxo=
Subject key identifier: E9:47:D0:0D:00:69:2A:D3:66:A9:B2:6E:65:0B:4C:4C:8D:CF:E2:31
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 13
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/6UfQDQBpKtNmqbJuZQtMTI3P4jE.roa
Signing time: Sat 11 Sep 2021 17:19:38 +0000
ROA not before: Sat 11 Sep 2021 17:19:38 +0000
ROA not after: Tue 30 Aug 2022 03:11:21 +0000
asID: 24162
IP address blocks: 103.172.124.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 11 17:19:38 2021 GMT
Not After : Aug 30 03:11:21 2022 GMT
Subject: CN=E947D00D00692AD366A9B26E650B4C4C8DCFE231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a2:61:11:56:4d:22:97:f3:11:a2:17:ea:63:
cc:dd:df:f9:85:8f:c0:7f:30:42:46:bf:0c:dc:3a:
c4:08:03:af:78:b0:91:6b:f4:d5:9d:69:01:e4:13:
39:19:f1:82:ce:28:d3:73:88:1e:d0:15:b5:05:29:
bc:e9:c3:72:d5:e0:7e:f6:46:41:4a:a7:6c:10:3b:
19:aa:d4:68:0c:46:9f:ca:bd:bd:eb:61:4b:9f:9d:
f1:0c:bb:b4:c0:3d:d3:31:05:6a:0d:94:43:f1:6b:
5a:69:c1:2e:96:9d:95:8b:77:72:64:0f:a4:ca:21:
c1:58:28:d6:e0:25:df:56:cd:e5:21:b7:4d:22:40:
62:e8:31:49:51:15:d0:59:fa:ba:70:02:d0:6e:4e:
32:5b:92:05:f3:69:13:a1:62:e2:7c:a8:37:33:c4:
ce:5f:7f:07:b2:a1:ec:e6:d7:63:39:87:ad:53:93:
84:4a:fa:9e:6e:6f:85:c0:0a:0d:04:9c:07:0c:dc:
b7:43:5d:43:8c:b6:f1:5b:df:77:87:a3:91:5c:2f:
75:7c:e1:ba:63:03:06:e0:5f:d5:81:3d:3e:67:c6:
5d:4e:6d:7e:fb:aa:75:86:22:9e:1c:08:8b:90:40:
69:4d:45:48:b3:dd:ca:d8:7f:62:31:7a:f0:33:ad:
b9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:47:D0:0D:00:69:2A:D3:66:A9:B2:6E:65:0B:4C:4C:8D:CF:E2:31
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/6UfQDQBpKtNmqbJuZQtMTI3P4jE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
35:f6:5f:97:47:47:11:a9:e1:94:fa:f1:10:ce:7b:0f:9d:67:
26:57:71:58:df:2b:d6:ee:b2:85:24:49:c4:93:b2:4e:79:d2:
7e:e5:07:61:c0:6a:c1:28:52:e4:be:5f:64:32:40:72:58:4a:
08:8c:32:dd:2c:2b:63:5e:3a:5a:0f:55:66:b1:9d:e5:57:6d:
98:a5:c9:04:b9:04:33:75:40:43:b2:69:97:cb:43:79:1d:04:
a2:2f:09:fc:90:4b:bd:db:6c:0f:85:f7:fd:4c:69:db:fa:1a:
c2:34:7a:f0:d2:3e:fa:f2:ff:fb:a8:1a:46:70:93:30:8c:c3:
47:16:0e:e5:66:8a:01:02:58:55:72:6f:46:1a:e0:7f:b5:3d:
27:6e:3d:af:ac:c0:e0:ba:3e:fc:26:7f:e8:5d:f9:93:ce:0a:
18:f7:07:9e:85:91:f8:ee:6a:9e:b4:74:8e:97:56:bc:41:f6:
56:b4:0a:36:15:65:27:f3:59:3e:eb:0c:ca:67:c7:c0:a4:6e:
5a:eb:a8:2c:fc:9a:43:5e:3e:09:51:7a:1b:64:d3:ea:7e:59:
07:1c:86:56:63:52:59:61:7a:c4:99:01:03:fb:d0:c2:cc:07:
cd:f6:21:9a:9f:2a:88:b3:b6:61:35:48:93:ba:4e:7a:f3:06:
ad:b7:ea:82
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMDkxMTE3
MTkzOFoXDTIyMDgzMDAzMTEyMVowMzExMC8GA1UEAxMoRTk0N0QwMEQwMDY5MkFE
MzY2QTlCMjZFNjUwQjRDNEM4RENGRTIzMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOOiYRFWTSKX8xGiF+pjzN3f+YWPwH8wQka/DNw6xAgDr3iwkWv0
1Z1pAeQTORnxgs4o03OIHtAVtQUpvOnDctXgfvZGQUqnbBA7GarUaAxGn8q9veth
S5+d8Qy7tMA90zEFag2UQ/FrWmnBLpadlYt3cmQPpMohwVgo1uAl31bN5SG3TSJA
YugxSVEV0Fn6unAC0G5OMluSBfNpE6Fi4nyoNzPEzl9/B7Kh7ObXYzmHrVOThEr6
nm5vhcAKDQScBwzct0NdQ4y28Vvfd4ejkVwvdXzhumMDBuBf1YE9PmfGXU5tfvuq
dYYinhwIi5BAaU1FSLPdyth/YjF68DOtuesCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBTpR9ANAGkq02apsm5lC0xMjc/iMTAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS82VWZRRFFCcEt0Tm1xYkp1
WlF0TVRJM1A0akUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQA19l+XR0cRqeGU+vEQznsPnWcmV3FY3yvW
7rKFJEnEk7JOedJ+5QdhwGrBKFLkvl9kMkByWEoIjDLdLCtjXjpaD1VmsZ3lV22Y
pckEuQQzdUBDsmmXy0N5HQSiLwn8kEu922wPhff9TGnb+hrCNHrw0j768v/7qBpG
cJMwjMNHFg7lZooBAlhVcm9GGuB/tT0nbj2vrMDguj78Jn/oXfmTzgoY9weehZH4
7mqetHSOl1a8QfZWtAo2FWUn81k+6wzKZ8fApG5a66gs/JpDXj4JUXobZNPqflkH
HIZWY1JZYXrEmQED+9DCzAfN9iGanyqIs7ZhNUiTuk568watt+qC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org