Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/r4j_NGpxKIiOS0ylRjJ786lnk2M.roa
File: r4j_NGpxKIiOS0ylRjJ786lnk2M.roa (raw, json)
Hash identifier: uaQVFIdEDgJ9hDPvDQ/GRjUBjQuqHGdTmgdw8GI3FDs=
Subject key identifier: AF:88:FF:34:6A:71:28:88:8E:4B:4C:A5:46:32:7B:F3:A9:67:93:63
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 03
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/r4j_NGpxKIiOS0ylRjJ786lnk2M.roa
Signing time: Mon 30 Aug 2021 03:25:52 +0000
ROA not before: Mon 30 Aug 2021 03:25:52 +0000
ROA not after: Tue 30 Aug 2022 03:11:21 +0000
asID: 24162
IP address blocks: 103.172.124.0/23 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Aug 30 03:25:52 2021 GMT
Not After : Aug 30 03:11:21 2022 GMT
Subject: CN=AF88FF346A7128888E4B4CA546327BF3A9679363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:5d:a4:d4:97:94:e8:d5:53:bc:96:44:5c:
e3:90:5f:bb:41:94:07:80:1c:05:6f:d0:83:9e:7c:
58:3c:1f:c2:de:54:41:e4:08:5f:e1:8d:be:6f:72:
07:d6:aa:da:7c:5f:d2:4f:98:6e:e3:ee:20:7d:7d:
2f:2d:da:fa:18:60:67:00:ca:c5:b9:c7:5a:be:13:
c2:d0:62:8b:51:9f:ec:bd:5f:22:ae:4d:2c:72:17:
26:30:b5:0d:8b:f0:ed:de:c4:58:b2:b3:08:c3:39:
42:62:11:7d:fc:64:f1:95:28:e9:ad:59:0f:92:f2:
89:1a:8e:bc:41:f3:90:13:51:71:7e:56:6d:0d:a9:
d1:fb:e1:7e:83:b3:73:cb:53:a5:ff:9c:cb:ab:0d:
9a:30:71:8b:87:48:73:63:c3:57:bc:2d:46:a9:4e:
ac:e1:05:11:8a:b9:14:06:e1:d7:47:b3:33:70:2e:
ff:26:bf:e5:c2:c2:3e:32:8a:0f:3f:3c:9c:a7:44:
cc:9f:bf:c0:75:1a:7f:a3:e9:53:bf:0e:83:20:7a:
70:dc:6a:a1:ec:2b:fb:7e:c9:8e:40:f6:19:94:60:
74:dd:36:fc:8f:0f:9a:55:af:10:4a:12:41:74:f7:
e4:e6:33:2e:95:c7:2e:e8:99:2d:e2:bb:16:a6:7a:
c9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:88:FF:34:6A:71:28:88:8E:4B:4C:A5:46:32:7B:F3:A9:67:93:63
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/r4j_NGpxKIiOS0ylRjJ786lnk2M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:6a:3c:b6:28:af:eb:82:c4:5f:81:1a:98:b2:f0:e0:ab:96:
f4:87:3e:b8:26:96:ae:a1:86:6d:47:bf:0f:23:ec:8b:82:98:
20:6c:b0:d2:cc:b5:08:41:69:4c:1b:54:81:e5:74:d6:8a:54:
49:e4:8c:5d:18:cd:b2:ea:a9:9b:3f:a4:0e:b5:90:f6:96:37:
f4:4c:d6:1b:e8:e7:e8:a9:0f:af:a6:07:f4:96:26:c4:8f:7a:
c7:42:4a:55:a2:f8:53:a6:ab:8d:92:b5:08:c3:6d:92:be:5b:
d3:24:be:b6:41:b8:d0:6b:d6:bb:5f:69:bc:c6:94:67:e6:8c:
82:58:9c:38:85:ef:f5:a3:01:f9:79:83:99:19:24:26:c0:e9:
22:92:39:03:a9:85:1e:1c:f8:06:90:33:30:ac:3f:81:d7:4a:
35:b9:d4:33:6d:e9:f4:76:c9:01:cf:8d:57:6c:49:fa:b8:c7:
d4:8a:80:ce:9f:5e:e8:48:09:69:21:c5:ab:0c:64:68:28:48:
58:a1:8c:ea:7b:c2:90:be:81:31:95:74:82:19:a5:3a:04:cf:
3a:6e:f5:89:2a:22:ae:6d:da:c8:e1:17:31:96:79:be:af:f0:
98:72:5e:15:fa:62:23:b0:3d:3e:9a:df:d3:f5:49:44:fe:15:
65:0a:8d:b7
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFMkFG
OENGRDk1MjcwRkNGNUMyQ0E2NUQ4Nzc3N0Y2RkI3QUJGRDMyMB4XDTIxMDgzMDAz
MjU1MloXDTIyMDgzMDAzMTEyMVowMzExMC8GA1UEAxMoQUY4OEZGMzQ2QTcxMjg4
ODhFNEI0Q0E1NDYzMjdCRjNBOTY3OTM2MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM3NXaTUl5To1VO8lkRc45Bfu0GUB4AcBW/Qg558WDwfwt5UQeQI
X+GNvm9yB9aq2nxf0k+YbuPuIH19Ly3a+hhgZwDKxbnHWr4TwtBii1Gf7L1fIq5N
LHIXJjC1DYvw7d7EWLKzCMM5QmIRffxk8ZUo6a1ZD5LyiRqOvEHzkBNRcX5WbQ2p
0fvhfoOzc8tTpf+cy6sNmjBxi4dIc2PDV7wtRqlOrOEFEYq5FAbh10ezM3Au/ya/
5cLCPjKKDz88nKdEzJ+/wHUaf6PpU78OgyB6cNxqoewr+37JjkD2GZRgdN02/I8P
mlWvEEoSQXT35OYzLpXHLuiZLeK7FqZ6yRMCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBSviP80anEoiI5LTKVGMnvzqWeTYzAfBgNVHSMEGDAWgBTir4z9lScPz1wspl2H
d39vt6v9MjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9SRUNUQUxF
LzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNHEtTV9aVW5EODljTEtaZGgzZF9iN2VyX1RJLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFMRS9yNGpfTkdweEtJaU9TMHls
UmpKNzg2bG5rMk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Z6x8MA0GCSqGSIb3DQEBCwUAA4IBAQCfajy2KK/rgsRfgRqYsvDgq5b0hz64Jpau
oYZtR78PI+yLgpggbLDSzLUIQWlMG1SB5XTWilRJ5IxdGM2y6qmbP6QOtZD2ljf0
TNYb6OfoqQ+vpgf0libEj3rHQkpVovhTpquNkrUIw22SvlvTJL62QbjQa9a7X2m8
xpRn5oyCWJw4he/1owH5eYOZGSQmwOkikjkDqYUeHPgGkDMwrD+B10o1udQzben0
dskBz41XbEn6uMfUioDOn17oSAlpIcWrDGRoKEhYoYzqe8KQvoExlXSCGaU6BM86
bvWJKiKubdrI4Rcxlnm+r/CYcl4V+mIjsD0+mt/T9UlE/hVlCo23
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:04 2023 by rpki-client on console-ams.rpki-client.org