Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/kLC_jcdv5fli74icdW_cNXPcsPk.roa
File: kLC_jcdv5fli74icdW_cNXPcsPk.roa (raw, json)
Hash identifier: oHq5PkyiD6k/Ono7T3VFBN3mBrEzw7viTMfK8QijADM=
Subject key identifier: 90:B0:BF:8D:C7:6F:E5:F9:62:EF:88:9C:75:6F:DC:35:73:DC:B0:F9
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 5F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/kLC_jcdv5fli74icdW_cNXPcsPk.roa
Signing time: Thu 16 Dec 2021 05:39:00 +0000
ROA not before: Thu 16 Dec 2021 05:39:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 141173
IP address blocks: 103.172.124.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Dec 16 05:39:00 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=90B0BF8DC76FE5F962EF889C756FDC3573DCB0F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:31:fd:d9:97:dd:d9:8b:90:21:28:93:91:
c3:ac:a7:a8:1d:55:ae:f8:af:a1:58:49:c4:bb:0d:
9b:89:d1:7f:91:32:f1:2b:f1:d5:6e:9d:27:4a:2c:
5a:16:a3:e3:e5:8e:7c:df:5a:61:e4:91:81:59:39:
43:79:b9:b8:28:6f:5a:f0:72:39:5d:80:d0:c8:50:
43:e7:a6:dd:c5:92:b9:0b:00:e0:2e:61:cf:9c:b1:
5a:02:40:d5:5f:f3:31:8c:6d:a8:16:6c:bf:97:37:
6f:bc:08:47:29:75:14:1f:81:7f:95:30:80:16:54:
b0:7f:09:f9:81:a1:7f:3e:1c:0e:e9:9d:8c:20:d3:
a7:28:f4:81:03:54:bc:6e:82:65:25:79:d9:81:42:
e3:27:3b:81:e9:96:58:a9:d1:58:13:0a:a9:84:b2:
dd:08:88:0d:ff:db:aa:fb:d7:64:b3:d8:e7:8c:cd:
7d:f5:17:48:cd:51:46:91:0d:99:cd:1d:28:ec:8b:
83:f7:b7:c9:2e:c1:31:5b:ed:7d:4a:1a:21:9a:79:
d0:33:bf:11:c9:1d:7d:6c:3c:58:38:39:4d:a1:c7:
05:c9:04:cc:80:3d:e0:c5:57:60:42:b6:ce:cf:00:
36:d6:a1:25:cd:b6:52:c2:ff:d5:6e:84:4a:e0:d8:
6c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B0:BF:8D:C7:6F:E5:F9:62:EF:88:9C:75:6F:DC:35:73:DC:B0:F9
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/kLC_jcdv5fli74icdW_cNXPcsPk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/23
Signature Algorithm: sha256WithRSAEncryption
82:94:64:dd:89:29:e7:06:7d:d5:fd:43:b5:41:9b:1d:37:3e:
6b:1b:84:40:f9:e6:f8:d4:23:f5:37:fa:69:7d:62:55:53:ce:
ae:93:ae:20:06:cf:08:bd:a6:4b:b2:6f:12:5f:8e:b8:1a:23:
c2:0c:db:e9:6f:dc:79:07:ab:12:86:68:b5:7b:7a:84:31:aa:
81:ab:5c:7a:17:15:0d:e0:d9:f5:24:0b:1a:bc:14:3d:b5:f4:
b0:43:c0:a4:eb:c4:f7:7d:3c:22:2c:8b:12:58:e0:4e:55:2e:
64:32:1c:a4:66:ac:ca:22:21:07:1c:8d:d5:3b:a9:88:c2:db:
d4:53:16:0d:4b:b7:5c:50:3f:f4:01:a3:b5:29:41:f8:b6:70:
57:ed:76:d5:d5:4d:4e:81:e9:60:8b:ac:a5:fc:8f:19:ea:bf:
ae:ba:66:6f:8e:e4:5a:11:c0:bc:eb:79:ee:27:17:52:cf:62:
f2:db:37:f0:f0:2b:c8:08:aa:46:f0:7e:1c:4b:73:a8:31:58:
f9:ab:7e:6e:d0:04:14:77:e3:21:f8:41:d5:65:de:a7:19:e5:
f4:4d:58:aa:ee:e5:97:9b:15:d4:16:62:62:bb:85:01:ad:66:
7a:4d:78:10:ea:2b:c5:3f:76:cf:d8:53:e4:51:a4:c4:1e:43:
b8:56:17:d8
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMTIxNjA1
MzkwMFoXDTIyMDkyOTAyMzYyMlowMzExMC8GA1UEAxMoOTBCMEJGOERDNzZGRTVG
OTYyRUY4ODlDNzU2RkRDMzU3M0RDQjBGOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALl9Mf3Zl93Zi5AhKJORw6ynqB1VrvivoVhJxLsNm4nRf5Ey8Svx
1W6dJ0osWhaj4+WOfN9aYeSRgVk5Q3m5uChvWvByOV2A0MhQQ+em3cWSuQsA4C5h
z5yxWgJA1V/zMYxtqBZsv5c3b7wIRyl1FB+Bf5UwgBZUsH8J+YGhfz4cDumdjCDT
pyj0gQNUvG6CZSV52YFC4yc7gemWWKnRWBMKqYSy3QiIDf/bqvvXZLPY54zNffUX
SM1RRpENmc0dKOyLg/e3yS7BMVvtfUoaIZp50DO/EckdfWw8WDg5TaHHBckEzIA9
4MVXYEK2zs8ANtahJc22UsL/1W6ESuDYbKMCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBSQsL+Nx2/l+WLviJx1b9w1c9yw+TAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9rTENfamNkdjVmbGk3NGlj
ZFdfY05YUGNzUGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQCClGTdiSnnBn3V/UO1QZsdNz5rG4RA+eb4
1CP1N/ppfWJVU86uk64gBs8IvaZLsm8SX464GiPCDNvpb9x5B6sShmi1e3qEMaqB
q1x6FxUN4Nn1JAsavBQ9tfSwQ8Ck68T3fTwiLIsSWOBOVS5kMhykZqzKIiEHHI3V
O6mIwtvUUxYNS7dcUD/0AaO1KUH4tnBX7XbV1U1Ogelgi6yl/I8Z6r+uumZvjuRa
EcC863nuJxdSz2Ly2zfw8CvICKpG8H4cS3OoMVj5q35u0AQUd+Mh+EHVZd6nGeX0
TViq7uWXmxXUFmJiu4UBrWZ6TXgQ6ivFP3bP2FPkUaTEHkO4VhfY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org