Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/HeDNchYFxRLAVkOTcJKY9muulHc.roa
File: HeDNchYFxRLAVkOTcJKY9muulHc.roa (raw, json)
Hash identifier: jYdIM4f51FXZ5StXZOINz5XCSsvyNza+LosjWS87iw8=
Subject key identifier: 1D:E0:CD:72:16:05:C5:12:C0:56:43:93:70:92:98:F6:6B:AE:94:77
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/HeDNchYFxRLAVkOTcJKY9muulHc.roa
Signing time: Thu 15 Sep 2022 02:41:54 +0000
ROA not before: Thu 15 Sep 2022 02:41:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 212279
IP address blocks: 103.172.124.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:54 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1DE0CD721605C512C0564393709298F66BAE9477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8f:be:46:0e:c1:5f:18:16:46:0d:1b:03:a0:
76:4c:61:d7:ee:55:0e:19:d3:8f:f7:f4:8e:fd:c9:
2b:06:cc:77:c1:b7:78:d9:e3:fe:52:c9:79:68:c2:
cf:1d:38:10:b1:d3:75:43:5a:32:1b:ce:b8:0b:7d:
8a:c5:4b:cc:c8:69:96:a6:10:9c:1a:90:75:a7:ec:
1d:dc:7e:3f:03:f8:d2:d3:54:8f:df:1e:31:3b:3c:
42:ef:9b:99:41:0f:67:da:31:5e:3a:8c:80:a2:70:
24:39:ad:6c:47:85:8b:bb:30:b2:39:fd:c4:92:2f:
60:e2:fd:c0:d2:74:64:b9:93:81:47:77:70:80:39:
41:61:42:b1:f3:e7:66:bd:92:96:63:1a:75:37:6c:
1e:2e:23:0e:c4:a8:64:dc:73:f8:88:c4:97:ca:f5:
f4:be:f3:42:4a:81:7a:8a:f5:9b:9c:fa:fa:5b:64:
92:2e:90:8c:36:2a:a2:ee:7e:7f:2a:99:ae:c9:17:
04:c5:52:34:78:41:31:84:d1:e4:74:96:87:1c:bb:
e1:d6:81:56:9e:05:90:60:ae:e0:56:75:23:85:7f:
d4:a9:09:14:ed:7b:6c:73:c0:60:23:ac:71:30:ab:
15:23:8d:f0:c2:a6:d3:fd:af:54:81:3e:52:c4:c3:
66:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E0:CD:72:16:05:C5:12:C0:56:43:93:70:92:98:F6:6B:AE:94:77
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/HeDNchYFxRLAVkOTcJKY9muulHc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
78:94:db:e8:bc:20:7d:39:f0:e4:a6:97:e9:3a:25:6e:2b:8e:
4c:03:c4:6c:8c:87:b6:cc:4e:ce:92:5d:a0:f0:98:a2:5c:bd:
e1:34:87:3a:ef:a9:78:5b:a0:68:d8:d4:e7:48:3a:34:f4:5d:
45:06:de:a8:7a:3a:29:24:83:f3:c4:4d:67:1b:a6:a6:6f:97:
ed:73:ca:96:32:5e:86:1d:42:9a:7b:af:c5:67:03:6d:47:3b:
25:11:49:bc:42:a1:f5:0b:ea:fe:dd:5a:ee:e5:bd:43:95:79:
33:71:ee:15:cc:b7:e2:87:35:26:af:c7:bf:64:bb:0a:54:fb:
d4:27:54:79:0b:84:c1:a1:12:8d:72:3f:ce:bd:a7:cc:72:60:
c5:2a:40:c0:57:7e:29:d3:02:42:89:7c:ec:97:e4:84:4d:55:
e5:13:44:b1:d6:7d:20:00:d1:64:85:6d:e7:2a:58:2c:d2:7a:
8c:c2:21:c1:90:5c:b3:b5:ab:51:c6:9d:10:4e:98:87:a8:87:
b9:7a:94:e1:38:af:2c:e1:27:92:34:f8:89:0e:5e:a8:6f:88:
2f:dc:25:7d:52:ae:ca:e2:ed:30:25:3e:7a:ef:ce:83:df:60:
38:2e:c3:4d:c9:ee:cc:21:8d:77:e0:23:ee:1a:fa:96:8e:21:
40:2b:1a:ea
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFERTBDRDcyMTYwNUM1
MTJDMDU2NDM5MzcwOTI5OEY2NkJBRTk0NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMj75GDsFfGBZGDRsDoHZMYdfuVQ4Z04/39I79ySsGzHfBt3jZ
4/5SyXlows8dOBCx03VDWjIbzrgLfYrFS8zIaZamEJwakHWn7B3cfj8D+NLTVI/f
HjE7PELvm5lBD2faMV46jICicCQ5rWxHhYu7MLI5/cSSL2Di/cDSdGS5k4FHd3CA
OUFhQrHz52a9kpZjGnU3bB4uIw7EqGTcc/iIxJfK9fS+80JKgXqK9Zuc+vpbZJIu
kIw2KqLufn8qma7JFwTFUjR4QTGE0eR0loccu+HWgVaeBZBgruBWdSOFf9SpCRTt
e2xzwGAjrHEwqxUjjfDCptP9r1SBPlLEw2b1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHeDNchYFxRLAVkOTcJKY9muulHcwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvSGVETmNoWUZ4UkxBVmtP
VGNKS1k5bXV1bEhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGesfDANBgkqhkiG9w0BAQsFAAOCAQEAeJTb6LwgfTnw5KaX6TolbiuOTAPEbIyH
tsxOzpJdoPCYoly94TSHOu+peFugaNjU50g6NPRdRQbeqHo6KSSD88RNZxumpm+X
7XPKljJehh1CmnuvxWcDbUc7JRFJvEKh9Qvq/t1a7uW9Q5V5M3HuFcy34oc1Jq/H
v2S7ClT71CdUeQuEwaESjXI/zr2nzHJgxSpAwFd+KdMCQol87JfkhE1V5RNEsdZ9
IADRZIVt5ypYLNJ6jMIhwZBcs7WrUcadEE6Yh6iHuXqU4TivLOEnkjT4iQ5eqG+I
L9wlfVKuyuLtMCU+eu/Og99gOC7DTcnuzCGNd+Aj7hr6lo4hQCsa6g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org