Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/oLEchk48DaPQ-kHg9o-4d7VsPkM.roa
File: oLEchk48DaPQ-kHg9o-4d7VsPkM.roa (raw, json)
Hash identifier: P6k4NbKRDXAxXEXnmqpLlJCHvHG5nM4xHOsSdjQAOzM=
Subject key identifier: A0:B1:1C:86:4E:3C:0D:A3:D0:FA:41:E0:F6:8F:B8:77:B5:6C:3E:43
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 07
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/oLEchk48DaPQ-kHg9o-4d7VsPkM.roa
Signing time: Mon 30 Aug 2021 04:03:22 +0000
ROA not before: Mon 30 Aug 2021 04:03:22 +0000
ROA not after: Tue 30 Aug 2022 03:11:21 +0000
asID: 212279
IP address blocks: 103.172.124.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Aug 30 04:03:22 2021 GMT
Not After : Aug 30 03:11:21 2022 GMT
Subject: CN=A0B11C864E3C0DA3D0FA41E0F68FB877B56C3E43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:9c:11:7f:dd:07:27:ec:a1:56:6b:00:6d:
c9:84:7c:aa:66:29:7e:9b:56:24:06:c9:f7:81:62:
f8:58:05:ca:f4:55:8e:8e:d9:65:61:df:92:b8:f0:
6c:db:8b:5a:17:5f:5b:39:06:f5:4f:26:66:01:7d:
2a:a1:4e:1a:f5:12:24:08:98:62:e1:8a:ab:fb:65:
53:09:0f:42:f1:e2:4e:54:e2:2a:6e:bd:6e:35:bf:
76:8e:69:16:ff:b2:8c:c3:98:a8:af:16:73:43:9b:
ed:bd:57:96:d8:38:0c:74:14:05:51:08:c2:3b:be:
91:bf:7b:aa:04:41:4c:17:42:40:14:14:fa:96:3a:
a6:59:be:8f:fc:45:a9:10:2e:0d:17:d8:40:c4:bb:
98:b1:81:9d:67:6f:46:2b:05:48:3b:3d:81:64:0c:
31:dd:c1:92:bb:0e:9f:10:a5:32:45:32:0b:19:91:
ac:29:8d:d4:a7:aa:58:90:75:72:9d:be:22:4c:b9:
87:48:fb:ac:1a:8a:22:ac:2b:f9:32:e4:a8:d0:37:
6a:46:78:02:9d:12:17:3f:2f:71:2b:6f:12:15:f5:
7b:43:d4:05:01:1e:b6:93:a1:cd:13:0c:8d:b1:6e:
a1:bb:b4:54:0d:ea:55:ed:16:57:52:6e:ba:59:4e:
ba:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B1:1C:86:4E:3C:0D:A3:D0:FA:41:E0:F6:8F:B8:77:B5:6C:3E:43
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/oLEchk48DaPQ-kHg9o-4d7VsPkM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:19:46:f7:df:20:47:80:ae:64:7a:db:10:e2:9a:90:09:af:
63:62:d3:63:28:9f:fa:41:18:ef:d6:84:74:99:6c:29:f6:ed:
d1:51:dd:4e:30:b2:dd:be:c3:1f:52:ab:9f:b9:6a:f5:aa:14:
04:9e:5d:16:c7:e0:53:03:f4:12:83:25:d1:87:93:8d:ce:6d:
2a:5a:c7:94:ee:ab:23:8d:56:e5:f5:af:ea:4e:37:91:8b:ea:
2b:6e:5a:64:9d:70:cd:4e:c0:8c:a5:bc:a7:4e:6d:c9:a2:9f:
eb:a6:fe:36:c9:1a:4d:5d:83:58:50:c4:ec:aa:0c:76:5c:a5:
1a:70:22:4f:47:94:7e:15:2e:b6:39:73:fd:d6:2d:da:3a:03:
5d:a4:02:9a:d7:ab:1b:f0:49:67:a5:80:d6:77:7c:22:9c:5b:
19:77:3a:03:dd:59:1c:8e:f7:36:48:d9:c0:ed:ef:cf:42:51:
fb:7e:35:44:5c:e6:fc:40:70:92:74:05:55:93:2c:86:7f:3b:
78:52:3b:28:90:7e:39:ae:b2:5c:18:83:bc:80:cc:44:8d:ee:
e3:78:cf:98:e4:86:fd:77:b7:19:b4:6f:67:4f:08:80:aa:12:
aa:41:56:69:b8:01:af:fe:6e:34:ec:a4:7c:ff:a8:dd:ba:34:
d4:e0:47:c1
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMDgzMDA0
MDMyMloXDTIyMDgzMDAzMTEyMVowMzExMC8GA1UEAxMoQTBCMTFDODY0RTNDMERB
M0QwRkE0MUUwRjY4RkI4NzdCNTZDM0U0MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALxUnBF/3Qcn7KFWawBtyYR8qmYpfptWJAbJ94Fi+FgFyvRVjo7Z
ZWHfkrjwbNuLWhdfWzkG9U8mZgF9KqFOGvUSJAiYYuGKq/tlUwkPQvHiTlTiKm69
bjW/do5pFv+yjMOYqK8Wc0Ob7b1Xltg4DHQUBVEIwju+kb97qgRBTBdCQBQU+pY6
plm+j/xFqRAuDRfYQMS7mLGBnWdvRisFSDs9gWQMMd3BkrsOnxClMkUyCxmRrCmN
1KeqWJB1cp2+Iky5h0j7rBqKIqwr+TLkqNA3akZ4Ap0SFz8vcStvEhX1e0PUBQEe
tpOhzRMMjbFuobu0VA3qVe0WV1JuullOut8CAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBSgsRyGTjwNo9D6QeD2j7h3tWw+QzAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9vTEVjaGs0OERhUFEta0hn
OW8tNGQ3VnNQa00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQCoGUb33yBHgK5ketsQ4pqQCa9jYtNjKJ/6
QRjv1oR0mWwp9u3RUd1OMLLdvsMfUqufuWr1qhQEnl0Wx+BTA/QSgyXRh5ONzm0q
WseU7qsjjVbl9a/qTjeRi+orblpknXDNTsCMpbynTm3Jop/rpv42yRpNXYNYUMTs
qgx2XKUacCJPR5R+FS62OXP91i3aOgNdpAKa16sb8ElnpYDWd3winFsZdzoD3Vkc
jvc2SNnA7e/PQlH7fjVEXOb8QHCSdAVVkyyGfzt4UjsokH45rrJcGIO8gMxEje7j
eM+Y5Ib9d7cZtG9nTwiAqhKqQVZpuAGv/m407KR8/6jdujTU4EfB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:44 2024 by rpki-client on console-fra.rpki-client.org