Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/a4t-7qiY27_kKHaGhxPhLiZ4wZg.roa
File: a4t-7qiY27_kKHaGhxPhLiZ4wZg.roa (raw, json)
Hash identifier: lf+k53rHwQvOkFML6ApVU26AizDs0nNJVMozokw6oN4=
Subject key identifier: 6B:8B:7E:EE:A8:98:DB:BF:E4:28:76:86:87:13:E1:2E:26:78:C1:98
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 7D
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/a4t-7qiY27_kKHaGhxPhLiZ4wZg.roa
Signing time: Thu 27 Jan 2022 08:01:52 +0000
ROA not before: Thu 27 Jan 2022 08:01:52 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 60614
IP address blocks: 103.172.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125 (0x7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Jan 27 08:01:52 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=6B8B7EEEA898DBBFE42876868713E12E2678C198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0c:37:58:55:31:8b:a2:f6:1c:67:62:2e:1b:
45:ac:57:c4:39:18:da:70:57:04:ba:49:3d:d1:9a:
f8:23:80:21:aa:a9:df:e1:1e:64:3c:67:6f:85:96:
c2:3b:5f:ce:fb:7d:e8:12:43:a5:7a:a4:c4:a1:c1:
2c:dc:57:c2:8d:f4:3b:85:e2:7f:cf:71:0f:b0:09:
81:94:62:79:6d:70:b4:ef:d4:91:ea:0f:a4:98:98:
34:2b:d0:1b:be:f3:cc:e4:6a:11:fa:2a:13:64:f9:
55:fa:44:2e:6a:bd:0a:86:75:7a:b8:00:90:27:3a:
dc:2f:45:db:28:d4:9a:94:bc:d7:db:4a:30:dd:53:
4e:4b:7c:57:b7:e2:fe:ba:2f:ea:9f:25:ba:64:da:
89:37:e9:c8:aa:79:50:b5:af:51:ca:df:ed:96:2f:
6d:b5:c3:12:ce:1b:43:21:41:ae:48:c1:d8:0f:11:
60:29:4e:42:cb:2e:80:1e:d7:e4:e2:64:9a:56:d2:
86:0d:8e:5c:dd:97:20:ce:3c:af:a1:e3:67:fa:8b:
60:e2:c8:55:8d:f7:34:d4:e0:64:ba:c1:a2:db:38:
cc:ef:11:2b:9c:6a:66:61:80:b6:3a:e2:93:65:25:
b7:53:31:95:e6:37:da:ee:c3:66:d1:64:e3:d6:c4:
c2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8B:7E:EE:A8:98:DB:BF:E4:28:76:86:87:13:E1:2E:26:78:C1:98
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/a4t-7qiY27_kKHaGhxPhLiZ4wZg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
27:1e:d9:19:34:b2:fe:01:3b:90:85:3b:93:04:8e:06:ba:10:
89:6f:e4:69:44:f4:33:db:9f:62:24:02:0d:8f:43:e4:a5:c0:
04:b3:f5:52:92:72:53:9d:84:37:c4:34:b4:28:99:8f:ce:b0:
a8:a8:d9:23:7b:c8:87:f4:59:5d:50:8d:53:95:c4:a2:11:9b:
c6:3b:46:67:d9:98:07:f4:b0:72:26:04:70:14:d2:31:3c:7c:
7d:60:5b:b5:6d:75:7d:cb:0c:cc:01:23:17:c7:15:c3:11:83:
6d:7c:de:83:6f:76:89:a2:44:0e:e6:fd:c3:cf:11:e2:f1:82:
d4:09:d5:13:6c:a1:13:b8:a8:c8:98:61:ad:f4:05:5d:8b:38:
e7:ef:c8:d5:75:a3:59:36:61:3b:9c:54:97:47:d9:35:8b:24:
7f:ef:8d:98:b3:83:a9:8f:88:ed:96:46:a3:d7:57:fa:3e:d4:
6f:93:45:b9:fc:7f:67:dd:ae:28:8c:f3:8d:e9:36:96:13:1a:
1d:2e:43:0a:0d:98:1b:48:80:32:99:5f:ee:cb:e6:b7:02:58:
4d:eb:34:47:59:a7:eb:0a:db:07:a5:a7:08:98:a6:f4:5e:0b:
33:61:02:f9:f0:29:a8:82:87:a3:5a:ce:5f:66:e9:ec:e3:5c:
fc:1c:97:66
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIyMDEyNzA4
MDE1MloXDTIyMDkyOTAyMzYyMlowMzExMC8GA1UEAxMoNkI4QjdFRUVBODk4REJC
RkU0Mjg3Njg2ODcxM0UxMkUyNjc4QzE5ODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANwMN1hVMYui9hxnYi4bRaxXxDkY2nBXBLpJPdGa+COAIaqp3+Ee
ZDxnb4WWwjtfzvt96BJDpXqkxKHBLNxXwo30O4Xif89xD7AJgZRieW1wtO/UkeoP
pJiYNCvQG77zzORqEfoqE2T5VfpELmq9CoZ1ergAkCc63C9F2yjUmpS819tKMN1T
Tkt8V7fi/rov6p8lumTaiTfpyKp5ULWvUcrf7ZYvbbXDEs4bQyFBrkjB2A8RYClO
QssugB7X5OJkmlbShg2OXN2XIM48r6HjZ/qLYOLIVY33NNTgZLrBots4zO8RK5xq
ZmGAtjrik2Ult1MxleY32u7DZtFk49bEwqsCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBRri37uqJjbv+QodoaHE+EuJnjBmDAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9hNHQtN3FpWTI3X2tLSGFH
aHhQaExpWjR3Wmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQAnHtkZNLL+ATuQhTuTBI4GuhCJb+RpRPQz
259iJAINj0PkpcAEs/VSknJTnYQ3xDS0KJmPzrCoqNkje8iH9FldUI1TlcSiEZvG
O0Zn2ZgH9LByJgRwFNIxPHx9YFu1bXV9ywzMASMXxxXDEYNtfN6Db3aJokQO5v3D
zxHi8YLUCdUTbKETuKjImGGt9AVdizjn78jVdaNZNmE7nFSXR9k1iyR/742Ys4Op
j4jtlkaj11f6PtRvk0W5/H9n3a4ojPON6TaWExodLkMKDZgbSIAymV/uy+a3AlhN
6zRHWafrCtsHpacImKb0XgszYQL58CmogoejWs5fZuns41z8HJdm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org