Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/XS7RLkspvtyTUr7f87yuOAZu354.roa
File: XS7RLkspvtyTUr7f87yuOAZu354.roa (raw, json)
Hash identifier: 8uAuK9zyMtJLov/FLLwvPn5gdFaCbTRQY3RbJ6JbPe0=
Subject key identifier: 5D:2E:D1:2E:4B:29:BE:DC:93:52:BE:DF:F3:BC:AE:38:06:6E:DF:9E
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/XS7RLkspvtyTUr7f87yuOAZu354.roa
Signing time: Thu 15 Sep 2022 02:41:53 +0000
ROA not before: Thu 15 Sep 2022 02:41:53 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 7480
IP address blocks: 103.172.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:53 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5D2ED12E4B29BEDC9352BEDFF3BCAE38066EDF9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2b:fc:71:23:ca:87:3e:b3:cb:5c:82:49:8b:
e0:ad:b5:39:89:4f:2d:e4:5f:02:b0:13:67:2b:8f:
16:78:18:df:f4:ed:38:d5:e4:db:08:86:d3:ac:d6:
b1:94:03:c4:62:6a:ea:b9:b7:4c:0a:b4:1b:cb:93:
b8:9f:ee:bc:f4:2e:5e:cc:7c:a5:0b:d7:16:e9:c5:
1d:0a:27:27:b6:b2:70:24:88:b3:7d:d0:df:1e:a2:
7b:6a:cd:0e:ff:f2:3a:07:96:7e:b4:6f:69:51:17:
09:33:83:fd:2c:09:dd:c3:03:ec:84:af:2e:b2:d1:
d9:0a:f6:da:cf:06:0c:4d:95:e5:10:95:7d:38:d2:
57:81:d4:7b:d7:9e:5a:d7:14:6f:74:db:f7:1a:d7:
0f:11:2c:cc:3f:c4:57:22:20:b8:2c:68:f1:e1:23:
d0:35:76:00:4d:65:f3:5a:20:0f:c1:e9:bc:ef:af:
92:ca:f0:07:14:37:e8:ad:8b:68:e9:6e:7c:9e:46:
ab:0f:1b:67:5a:ca:e9:3a:cd:8c:05:e5:2b:39:4c:
9c:13:67:3b:82:3f:cd:71:9a:bc:a5:31:4c:f3:0a:
3c:87:cd:1c:11:10:62:73:cd:c4:5a:1c:4f:2d:82:
9b:a1:a3:27:02:6e:8a:64:45:a4:32:dd:d1:75:f9:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:2E:D1:2E:4B:29:BE:DC:93:52:BE:DF:F3:BC:AE:38:06:6E:DF:9E
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/XS7RLkspvtyTUr7f87yuOAZu354.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
50:20:d7:a2:c7:73:a1:fd:76:d7:bc:52:4e:f7:83:2c:ba:a8:
91:85:0e:18:70:22:ec:c4:75:6f:a0:58:3c:d9:38:c0:58:77:
55:b7:3d:98:29:06:5f:13:0b:5f:e2:03:f6:43:62:1a:69:66:
3b:c1:33:3b:8d:c0:86:0b:14:42:b7:2d:57:bb:a8:1a:b4:2c:
2f:bd:72:e3:d7:79:bd:ce:31:8c:5a:17:a3:f3:12:12:fb:c8:
65:d7:f8:25:f7:41:77:2f:29:ac:d1:c3:b8:0a:a5:be:20:b4:
ca:ec:89:c5:30:c0:57:db:78:ad:6f:f7:d9:37:01:5d:b3:c2:
fc:97:b0:97:4e:91:6f:0b:c0:fe:dd:60:da:78:64:98:b6:39:
c1:06:c9:b8:25:cd:e8:41:94:59:d8:f6:16:14:9b:4e:e6:13:
aa:9f:21:90:b0:71:71:ed:b0:e3:11:d2:02:68:19:43:de:78:
a4:83:f2:07:42:3f:d2:48:78:18:21:e2:d4:a6:37:34:97:ec:
a4:c3:b8:e4:20:ae:ea:40:c4:e9:96:e4:e0:89:78:fc:c9:cd:
e5:9d:ac:06:5c:84:de:b3:bf:4e:cb:d4:31:bb:d4:36:1d:1d:
23:f0:4f:b2:5b:ac:28:85:2a:cc:4b:be:c0:4b:08:b0:39:20:
8e:04:28:24
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVEMkVEMTJFNEIyOUJF
REM5MzUyQkVERkYzQkNBRTM4MDY2RURGOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQK/xxI8qHPrPLXIJJi+CttTmJTy3kXwKwE2crjxZ4GN/07TjV
5NsIhtOs1rGUA8Riauq5t0wKtBvLk7if7rz0Ll7MfKUL1xbpxR0KJye2snAkiLN9
0N8eontqzQ7/8joHln60b2lRFwkzg/0sCd3DA+yEry6y0dkK9trPBgxNleUQlX04
0leB1HvXnlrXFG902/ca1w8RLMw/xFciILgsaPHhI9A1dgBNZfNaIA/B6bzvr5LK
8AcUN+iti2jpbnyeRqsPG2dayuk6zYwF5Ss5TJwTZzuCP81xmrylMUzzCjyHzRwR
EGJzzcRaHE8tgpuhoycCbopkRaQy3dF1+TxbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXS7RLkspvtyTUr7f87yuOAZu354wHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvWFM3Ukxrc3B2dHlUVXI3
Zjg3eXVPQVp1MzU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGesfDANBgkqhkiG9w0BAQsFAAOCAQEAUCDXosdzof1217xSTveDLLqokYUOGHAi
7MR1b6BYPNk4wFh3Vbc9mCkGXxMLX+ID9kNiGmlmO8EzO43AhgsUQrctV7uoGrQs
L71y49d5vc4xjFoXo/MSEvvIZdf4JfdBdy8prNHDuAqlviC0yuyJxTDAV9t4rW/3
2TcBXbPC/Jewl06RbwvA/t1g2nhkmLY5wQbJuCXN6EGUWdj2FhSbTuYTqp8hkLBx
ce2w4xHSAmgZQ954pIPyB0I/0kh4GCHi1KY3NJfspMO45CCu6kDE6Zbk4Il4/MnN
5Z2sBlyE3rO/TsvUMbvUNh0dI/BPslusKIUqzEu+wEsIsDkgjgQoJA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:20 2025 by rpki-client