Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/sonTQsL6sD2wVjdQyaF2GjtKZc4.roa
File: sonTQsL6sD2wVjdQyaF2GjtKZc4.roa (raw, json)
Hash identifier: 0mLeR5MINHO686L8YhXrDMWgThFF+813N9fCH+cPLVM=
Subject key identifier: B2:89:D3:42:C2:FA:B0:3D:B0:56:37:50:C9:A1:76:1A:3B:4A:65:CE
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 010A
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/sonTQsL6sD2wVjdQyaF2GjtKZc4.roa
Signing time: Tue 16 Aug 2022 03:09:40 +0000
ROA not before: Tue 16 Aug 2022 03:09:40 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24162
IP address blocks: 2407:d1c0::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266 (0x10a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Aug 16 03:09:40 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=B289D342C2FAB03DB0563750C9A1761A3B4A65CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d9:c1:f2:4a:bc:a0:a5:40:92:3d:c5:98:77:
30:17:c8:99:16:89:d0:14:c4:2f:8c:a0:f4:0b:a2:
73:5d:88:86:f9:68:e9:8d:3e:d5:f4:b1:15:6a:e2:
b0:b1:b3:c3:04:21:06:17:e4:11:a5:a9:08:fd:21:
83:c5:1f:bd:07:c1:00:84:e7:5f:a0:0e:a3:3d:e2:
44:b9:a6:a3:db:35:96:a1:3a:00:64:6b:fc:72:0c:
68:47:a3:65:37:1d:04:84:64:07:73:e8:47:8e:89:
e3:3d:5d:c7:fe:3f:cd:25:97:e2:c7:97:37:71:26:
69:f6:20:a5:09:44:f0:ea:fb:98:49:5c:fc:62:0f:
9b:7d:3f:fa:b4:5e:56:11:81:4f:aa:42:df:4e:f0:
9d:e2:3c:e1:45:51:14:be:8c:dc:67:db:4a:ed:2a:
62:75:b2:63:01:52:97:0b:51:fc:f3:45:a2:3a:04:
7e:bb:57:3e:ed:42:d0:15:bf:b9:8c:a6:07:d8:a2:
9a:d3:aa:39:0c:68:cc:9e:76:92:cf:46:3a:06:65:
9c:24:41:e2:35:eb:96:0f:6a:ee:ab:f8:52:7d:cb:
6d:23:f4:92:d4:bf:8b:d3:e9:bb:e0:1a:bb:c6:80:
70:9c:22:2c:cb:3c:88:4e:25:0b:c2:0a:56:15:ac:
0b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:D3:42:C2:FA:B0:3D:B0:56:37:50:C9:A1:76:1A:3B:4A:65:CE
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/sonTQsL6sD2wVjdQyaF2GjtKZc4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:9e:d7:59:61:0b:36:55:f1:bd:d9:6b:75:48:3a:2b:f8:4f:
09:68:8d:41:98:c6:89:c1:8a:a8:ee:3c:b3:15:0c:55:13:cb:
b5:a6:89:c4:d2:cd:43:ed:52:0a:cf:d1:1b:ed:79:bc:bd:df:
b8:a5:5c:1b:42:6c:24:8b:94:56:8a:49:ba:30:28:73:e6:cf:
a5:3a:4d:de:15:38:e9:61:f6:02:5e:0d:41:04:d2:d4:9d:80:
60:12:33:7c:b2:93:ef:b8:dc:26:df:91:2e:75:69:21:7b:4e:
b3:6a:56:ab:7e:13:41:8e:9f:ce:cb:e2:36:b2:d8:d5:a3:c7:
5c:ab:7f:94:ed:61:6a:de:e5:0c:c7:66:90:7f:ef:e4:53:46:
b2:4e:5c:ab:a5:c4:8f:22:ce:27:8c:91:33:9a:c4:fc:bc:f7:
5c:ee:c3:6c:78:39:46:b2:24:4b:9e:63:b2:78:ea:13:63:87:
02:e1:ad:09:46:bf:68:ec:51:23:74:db:7c:06:9a:5e:7a:96:
d5:d2:34:b3:58:bb:51:b3:7f:b0:40:7a:42:df:39:f6:bf:ad:
06:70:65:85:aa:b0:4b:70:7a:c0:23:c9:e3:cf:12:c6:b9:c5:
e4:9e:8c:eb:2f:d9:25:c1:30:43:d3:35:a2:5a:21:6a:c4:75:
93:35:d8:e3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA4MTYw
MzA5NDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEIyODlEMzQyQzJGQUIw
M0RCMDU2Mzc1MEM5QTE3NjFBM0I0QTY1Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt2cHySrygpUCSPcWYdzAXyJkWidAUxC+MoPQLonNdiIb5aOmN
PtX0sRVq4rCxs8MEIQYX5BGlqQj9IYPFH70HwQCE51+gDqM94kS5pqPbNZahOgBk
a/xyDGhHo2U3HQSEZAdz6EeOieM9Xcf+P80ll+LHlzdxJmn2IKUJRPDq+5hJXPxi
D5t9P/q0XlYRgU+qQt9O8J3iPOFFURS+jNxn20rtKmJ1smMBUpcLUfzzRaI6BH67
Vz7tQtAVv7mMpgfYoprTqjkMaMyedpLPRjoGZZwkQeI165YPau6r+FJ9y20j9JLU
v4vT6bvgGrvGgHCcIizLPIhOJQvCClYVrAstAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsonTQsL6sD2wVjdQyaF2GjtKZc4wHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvc29uVFFzTDZzRDJ3Vmpk
UXlhRjJHanRLWmM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQH0cAwDQYJKoZIhvcNAQELBQADggEBAKqe11lhCzZV8b3Za3VIOiv4TwlojUGY
xonBiqjuPLMVDFUTy7WmicTSzUPtUgrP0Rvteby937ilXBtCbCSLlFaKSbowKHPm
z6U6Td4VOOlh9gJeDUEE0tSdgGASM3yyk++43CbfkS51aSF7TrNqVqt+E0GOn87L
4jay2NWjx1yrf5TtYWre5QzHZpB/7+RTRrJOXKulxI8izieMkTOaxPy891zuw2x4
OUayJEueY7J46hNjhwLhrQlGv2jsUSN023wGml56ltXSNLNYu1Gzf7BAekLfOfa/
rQZwZYWqsEtwesAjyePPEsa5xeSejOsv2SXBMEPTNaJaIWrEdZM12OM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:10 2025 by rpki-client