Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
File: 8RAJqBf48JlJ0pwepl4bEfGBRJU.roa (raw, json)
Hash identifier: PbvrHLYZcnXg37a+g2Q7bqUIhXiyUi7rpJ4kXz8sUEc=
Subject key identifier: F1:10:09:A8:17:F8:F0:99:49:D2:9C:1E:A6:5E:1B:11:F1:81:44:95
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
Signing time: Thu 15 Sep 2022 02:41:53 +0000
ROA not before: Thu 15 Sep 2022 02:41:53 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24162
IP address blocks: 103.172.124.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:53 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F11009A817F8F09949D29C1EA65E1B11F1814495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8f:86:85:33:e5:5c:b1:78:7d:e1:39:d5:3e:
ce:21:45:a8:ef:3f:f8:1c:2a:ba:6e:b3:8b:aa:89:
ff:42:0e:0a:28:ec:5a:ba:1a:80:66:42:72:72:82:
83:40:b6:4a:6b:9f:b0:63:e1:29:e2:a5:5b:4a:22:
41:1d:2c:65:f1:ce:e3:70:71:35:14:89:38:45:c9:
b0:01:b6:1e:28:47:7a:80:39:31:a2:c8:b6:88:d9:
e8:c7:e7:82:71:55:16:d8:56:6b:b2:1b:ba:52:f2:
18:5c:de:55:91:cc:34:43:1f:8b:04:48:77:46:f1:
11:c7:ee:f0:a9:1d:de:28:a1:ac:10:65:d6:63:d7:
86:c7:13:75:6e:29:44:18:41:03:b6:ea:41:58:b2:
91:3d:6c:86:18:22:78:d8:76:98:4c:81:e2:05:cf:
14:c0:47:30:e0:b8:79:32:7a:2e:dd:60:15:77:60:
46:f1:d3:1a:5e:bf:bf:ea:41:64:06:6a:f8:b3:ef:
ba:c7:94:43:df:f2:13:6e:2e:ff:d6:76:66:a7:4a:
9b:db:13:d2:f5:bf:1e:ce:0a:b2:bd:af:7b:29:1f:
a5:ac:ca:6f:97:ae:7f:0c:db:8f:16:f1:3a:ee:a0:
31:08:22:58:c9:bc:9e:b9:98:12:08:e5:f3:91:e7:
ae:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:10:09:A8:17:F8:F0:99:49:D2:9C:1E:A6:5E:1B:11:F1:81:44:95
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/8RAJqBf48JlJ0pwepl4bEfGBRJU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/23
Signature Algorithm: sha256WithRSAEncryption
25:2b:b6:87:f6:c2:8c:f2:79:6f:e5:25:0f:e0:09:42:59:5c:
8c:f2:6c:e1:b2:46:d4:be:d3:dc:e3:72:07:4b:27:b6:d2:13:
e2:23:87:3a:30:6e:07:1a:41:96:7d:1b:a8:af:c5:f9:c4:8e:
13:4e:0e:7f:36:7e:b5:5f:30:78:f3:3c:de:53:58:ae:5e:9d:
1c:9d:84:3b:e5:63:1a:fa:11:41:d8:9e:3e:6d:7e:71:55:28:
87:9f:71:df:db:89:77:a6:1a:32:4b:65:ab:7e:bc:54:1d:19:
f6:1e:34:ad:40:0a:d8:a8:06:03:90:c8:15:17:31:14:b5:58:
1e:fe:c3:ef:d2:1c:8d:84:8c:58:69:ad:3a:42:bf:20:2b:db:
e7:85:22:d4:79:65:b1:b8:ae:fa:ba:44:4a:fc:9c:8f:35:c7:
e5:1b:59:15:6e:33:de:c2:1d:23:c9:05:f6:18:65:ab:12:7c:
33:64:a7:f4:d9:c8:99:14:7e:f9:bd:c0:42:c6:11:4a:7b:40:
3a:c1:ef:3a:66:7c:b6:63:58:8d:b3:b9:54:be:fb:c2:ea:d8:
5f:7a:39:a6:d8:c4:46:b9:fb:5c:54:0d:5a:cf:75:ce:f8:4e:
28:78:6b:d0:6d:79:c2:93:41:81:87:ba:ce:fe:9c:47:28:21:
a7:10:4b:f0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEYxMTAwOUE4MTdGOEYw
OTk0OUQyOUMxRUE2NUUxQjExRjE4MTQ0OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNj4aFM+VcsXh94TnVPs4hRajvP/gcKrpus4uqif9CDgoo7Fq6
GoBmQnJygoNAtkprn7Bj4SnipVtKIkEdLGXxzuNwcTUUiThFybABth4oR3qAOTGi
yLaI2ejH54JxVRbYVmuyG7pS8hhc3lWRzDRDH4sESHdG8RHH7vCpHd4ooawQZdZj
14bHE3VuKUQYQQO26kFYspE9bIYYInjYdphMgeIFzxTARzDguHkyei7dYBV3YEbx
0xpev7/qQWQGaviz77rHlEPf8hNuLv/WdmanSpvbE9L1vx7OCrK9r3spH6Wsym+X
rn8M248W8TruoDEIIljJvJ65mBII5fOR567dAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8RAJqBf48JlJ0pwepl4bEfGBRJUwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvOFJBSnFCZjQ4SmxKMHB3
ZXBsNGJFZkdCUkpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWesfDANBgkqhkiG9w0BAQsFAAOCAQEAJSu2h/bCjPJ5b+UlD+AJQllcjPJs4bJG
1L7T3ONyB0snttIT4iOHOjBuBxpBln0bqK/F+cSOE04OfzZ+tV8wePM83lNYrl6d
HJ2EO+VjGvoRQdiePm1+cVUoh59x39uJd6YaMktlq368VB0Z9h40rUAK2KgGA5DI
FRcxFLVYHv7D79IcjYSMWGmtOkK/ICvb54Ui1Hllsbiu+rpESvycjzXH5RtZFW4z
3sIdI8kF9hhlqxJ8M2Sn9NnImRR++b3AQsYRSntAOsHvOmZ8tmNYjbO5VL77wurY
X3o5ptjERrn7XFQNWs91zvhOKHhr0G15wpNBgYe6zv6cRyghpxBL8A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org