Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/pj0-Z4aQRw7hCq5rakmsZwlxGco.roa
File: pj0-Z4aQRw7hCq5rakmsZwlxGco.roa (raw, json)
Hash identifier: Z7DnHjqvkFatLHfwQjbtptMr3CDcFA1zKE2vvJkSO68=
Subject key identifier: A6:3D:3E:67:86:90:47:0E:E1:0A:AE:6B:6A:49:AC:67:09:71:19:CA
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 09
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/pj0-Z4aQRw7hCq5rakmsZwlxGco.roa
Signing time: Mon 30 Aug 2021 04:03:44 +0000
ROA not before: Mon 30 Aug 2021 04:03:44 +0000
ROA not after: Tue 30 Aug 2022 03:11:21 +0000
asID: 212279
IP address blocks: 2407:d1c0::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Aug 30 04:03:44 2021 GMT
Not After : Aug 30 03:11:21 2022 GMT
Subject: CN=A63D3E678690470EE10AAE6B6A49AC67097119CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:23:16:23:fe:3c:82:70:96:78:c2:18:63:
fc:fc:87:ff:02:a7:62:02:32:99:65:46:19:93:ff:
79:cd:0a:69:3d:ef:dc:ae:ef:06:c7:2f:2a:20:bb:
5d:b4:b6:86:43:22:44:1d:fc:13:8c:f6:a4:93:51:
31:82:0c:79:5d:82:96:ea:48:1a:fd:17:38:c0:60:
91:da:fc:f5:b6:31:59:f5:e3:90:86:2a:5d:0c:3e:
56:58:ac:84:02:a8:81:52:47:66:74:f1:ad:a9:8c:
ec:9a:94:bf:b6:af:3c:89:c1:41:66:1c:3a:d5:9c:
ff:8e:39:96:c2:4a:39:db:f2:fc:d1:ce:12:11:27:
84:c9:6a:2a:14:fe:84:fc:81:4c:e0:b0:c0:92:c8:
ed:5c:e5:b4:f9:4f:fb:e6:2c:ef:72:cc:1f:97:f1:
bf:a6:e4:1c:92:72:fb:fa:26:9f:36:70:3d:e7:33:
54:fd:ca:43:3f:a8:b2:09:2d:18:00:62:20:f5:0c:
b9:0d:05:db:f1:20:7d:33:03:22:3c:75:a5:66:c4:
60:e4:e7:4e:49:2e:19:03:08:eb:34:48:73:39:56:
00:c3:d5:ea:ff:75:0e:a0:8b:bd:ea:bf:5b:18:5c:
c5:85:0f:19:0d:2b:90:df:75:fc:e9:36:62:44:93:
90:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3D:3E:67:86:90:47:0E:E1:0A:AE:6B:6A:49:AC:67:09:71:19:CA
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/pj0-Z4aQRw7hCq5rakmsZwlxGco.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:4d:aa:3a:f0:ee:59:98:a4:12:d8:9a:ef:50:cf:03:cb:8d:
8f:9f:30:0d:cd:c6:03:42:68:cc:74:41:da:1e:95:6b:bd:b2:
8a:e5:e5:64:5d:ec:f7:d1:a2:cc:ca:0e:4b:e8:b2:b4:93:c1:
36:92:96:eb:1e:9e:cf:ae:25:5d:a1:70:4e:2b:e7:28:39:b5:
c1:3f:7b:53:74:86:2d:58:4e:ef:58:f4:ff:af:66:5d:58:b2:
81:9e:c9:a7:28:10:59:01:2f:c0:4c:92:a5:c4:f3:fe:d1:e2:
a1:d2:87:74:0b:96:8d:a2:8a:09:9d:a4:d4:5a:bc:34:cb:ad:
92:aa:61:6c:10:e5:a6:9a:ef:56:1e:64:15:63:c1:74:02:75:
4d:9f:54:34:2f:db:dc:87:26:b1:b2:3b:f7:8f:6c:2d:66:0f:
d6:1c:7f:17:60:21:65:6c:db:fe:28:6f:98:6b:69:53:d8:29:
df:89:8a:16:b2:53:78:84:88:af:8e:2a:18:6e:6a:f7:bf:b8:
00:7b:a9:fe:ff:a5:8d:51:43:ae:6c:0b:42:5a:89:3a:51:81:
e4:fe:3c:3b:58:93:1e:4c:ac:16:6f:25:c5:1a:8a:ac:a2:3a:
84:dd:81:72:b6:58:aa:e1:1a:d0:95:79:c2:67:f4:49:23:ea:
a9:b8:16:b6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMDgzMDA0
MDM0NFoXDTIyMDgzMDAzMTEyMVowMzExMC8GA1UEAxMoQTYzRDNFNjc4NjkwNDcw
RUUxMEFBRTZCNkE0OUFDNjcwOTcxMTlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALzPIxYj/jyCcJZ4whhj/PyH/wKnYgIymWVGGZP/ec0KaT3v3K7v
BscvKiC7XbS2hkMiRB38E4z2pJNRMYIMeV2ClupIGv0XOMBgkdr89bYxWfXjkIYq
XQw+VlishAKogVJHZnTxramM7JqUv7avPInBQWYcOtWc/445lsJKOdvy/NHOEhEn
hMlqKhT+hPyBTOCwwJLI7VzltPlP++Ys73LMH5fxv6bkHJJy+/omnzZwPeczVP3K
Qz+osgktGABiIPUMuQ0F2/EgfTMDIjx1pWbEYOTnTkkuGQMI6zRIczlWAMPV6v91
DqCLveq/WxhcxYUPGQ0rkN91/Ok2YkSTkLUCAwEAAaOCAfEwggHtMB0GA1UdDgQW
BBSmPT5nhpBHDuEKrmtqSaxnCXEZyjAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9wajAtWjRhUVJ3N2hDcTVy
YWttc1p3bHhHY28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
JAfRwDANBgkqhkiG9w0BAQsFAAOCAQEAp02qOvDuWZikEtia71DPA8uNj58wDc3G
A0JozHRB2h6Va72yiuXlZF3s99GizMoOS+iytJPBNpKW6x6ez64lXaFwTivnKDm1
wT97U3SGLVhO71j0/69mXViygZ7JpygQWQEvwEySpcTz/tHiodKHdAuWjaKKCZ2k
1Fq8NMutkqphbBDlpprvVh5kFWPBdAJ1TZ9UNC/b3IcmsbI7949sLWYP1hx/F2Ah
ZWzb/ihvmGtpU9gp34mKFrJTeISIr44qGG5q97+4AHup/v+ljVFDrmwLQlqJOlGB
5P48O1iTHkysFm8lxRqKrKI6hN2BcrZYquEa0JV5wmf0SSPqqbgWtg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:19 2024 by rpki-client on console-ams.rpki-client.org