Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Fp4u1lCy-jQ0qJjV0LeZx76zHxQ.roa
File: Fp4u1lCy-jQ0qJjV0LeZx76zHxQ.roa (raw, json)
Hash identifier: 94AxKhFvURbCKTxPCPWh1X6eXB0Jff2iNLA8X3DKMwk=
Subject key identifier: 16:9E:2E:D6:50:B2:FA:34:34:A8:98:D5:D0:B7:99:C7:BE:B3:1F:14
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 39
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Fp4u1lCy-jQ0qJjV0LeZx76zHxQ.roa
Signing time: Fri 29 Oct 2021 17:51:59 +0000
ROA not before: Fri 29 Oct 2021 17:51:59 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 210707
IP address blocks: 103.172.124.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Oct 29 17:51:59 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=169E2ED650B2FA3434A898D5D0B799C7BEB31F14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:87:d1:67:43:d4:5d:57:d4:98:22:38:4c:ea:
5f:6d:3e:99:f7:68:57:b0:61:3f:43:e4:c9:00:00:
7e:47:32:e4:37:02:ad:b9:60:4a:59:e0:9d:ef:f6:
10:90:75:e4:cc:ca:8f:82:fc:57:e1:7b:1b:69:91:
93:7e:0f:ce:f7:e6:29:07:a3:73:15:54:18:9f:46:
17:ab:a2:60:63:a7:b4:09:bb:42:fe:47:0e:a8:7e:
cd:52:c7:c8:c6:96:7c:e2:3d:df:31:f7:d8:6f:97:
6e:7d:a6:f3:9c:ec:54:c7:d2:23:90:d9:f2:52:86:
77:a0:21:4a:d6:f3:b9:87:35:7a:80:55:b3:a2:7d:
11:0e:16:d6:a7:e1:cd:5e:98:41:41:39:8f:00:75:
42:5d:90:02:a8:20:2d:9d:7a:b7:9e:a4:6c:cf:c2:
f7:c1:70:09:d3:fe:eb:fb:8d:ee:68:f9:f2:5b:7b:
d5:88:83:f3:83:00:e0:df:33:a5:0c:c9:dd:aa:46:
66:c9:fb:81:e9:24:70:e5:a5:69:8b:eb:cf:e2:9f:
ea:c4:2d:91:5e:3f:23:cc:9f:c7:7e:5f:2a:f2:00:
26:2f:7c:5b:32:71:c8:bf:af:a7:a0:52:ff:51:0a:
a5:fe:72:91:df:1a:5a:2a:6b:53:d5:b6:72:76:bd:
3e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9E:2E:D6:50:B2:FA:34:34:A8:98:D5:D0:B7:99:C7:BE:B3:1F:14
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/Fp4u1lCy-jQ0qJjV0LeZx76zHxQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:94:00:f4:27:98:11:6e:41:4c:59:7a:61:31:d5:93:9f:a7:
f6:ea:ff:97:ec:d4:e4:e3:90:ac:d2:f5:ab:6a:8d:a8:21:e7:
91:8f:01:07:c2:fd:8b:f6:b8:3c:c7:92:48:6e:cd:d3:25:ed:
3f:c9:01:2b:18:e0:40:57:42:4c:b5:74:ac:7d:45:9f:be:93:
39:83:d5:f8:20:76:ea:e3:82:6c:6e:ad:dc:3d:3e:e8:a2:f8:
4f:84:78:4e:be:72:f4:a3:df:9c:2f:d9:cb:9e:33:09:bf:08:
8d:f8:c2:c4:e4:92:70:7c:6c:f9:65:e4:43:e6:12:a2:57:8f:
0f:df:33:99:1f:2d:36:3d:47:70:c1:27:1e:f3:2d:9a:eb:a9:
e5:ff:44:e3:4f:6b:c1:82:98:b7:c0:75:d5:46:36:93:c7:c5:
6f:80:ff:2d:36:17:4e:3e:99:94:53:f1:8e:99:e7:79:84:27:
37:d2:42:32:e0:4c:8d:22:99:77:d9:07:cb:5e:32:5e:ca:30:
ec:ff:8b:03:62:fd:f5:e4:a5:dc:c9:27:c0:08:0c:a8:52:2b:
cf:b6:c3:d7:a1:b6:bb:48:df:35:62:32:5e:ff:5f:69:fc:33:
b4:bd:eb:07:39:3d:5d:de:d8:6d:9c:ed:d2:d7:fa:4b:f5:a3:
f1:d9:16:58
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMTAyOTE3
NTE1OVoXDTIyMDkyOTAyMzYyMlowMzExMC8GA1UEAxMoMTY5RTJFRDY1MEIyRkEz
NDM0QTg5OEQ1RDBCNzk5QzdCRUIzMUYxNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMGH0WdD1F1X1JgiOEzqX20+mfdoV7BhP0PkyQAAfkcy5DcCrblg
Slngne/2EJB15MzKj4L8V+F7G2mRk34PzvfmKQejcxVUGJ9GF6uiYGOntAm7Qv5H
Dqh+zVLHyMaWfOI93zH32G+Xbn2m85zsVMfSI5DZ8lKGd6AhStbzuYc1eoBVs6J9
EQ4W1qfhzV6YQUE5jwB1Ql2QAqggLZ16t56kbM/C98FwCdP+6/uN7mj58lt71YiD
84MA4N8zpQzJ3apGZsn7gekkcOWlaYvrz+Kf6sQtkV4/I8yfx35fKvIAJi98WzJx
yL+vp6BS/1EKpf5ykd8aWiprU9W2cna9PlcCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBQWni7WULL6NDSomNXQt5nHvrMfFDAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9GcDR1MWxDeS1qUTBxSmpW
MExlWng3NnpIeFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQC6lAD0J5gRbkFMWXphMdWTn6f26v+X7NTk
45Cs0vWrao2oIeeRjwEHwv2L9rg8x5JIbs3TJe0/yQErGOBAV0JMtXSsfUWfvpM5
g9X4IHbq44Jsbq3cPT7oovhPhHhOvnL0o9+cL9nLnjMJvwiN+MLE5JJwfGz5ZeRD
5hKiV48P3zOZHy02PUdwwSce8y2a66nl/0TjT2vBgpi3wHXVRjaTx8VvgP8tNhdO
PpmUU/GOmed5hCc30kIy4EyNIpl32QfLXjJeyjDs/4sDYv315KXcySfACAyoUivP
tsPXoba7SN81YjJe/19p/DO0vesHOT1d3thtnO3S1/pL9aPx2RZY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org