Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/v4uemC-UVVbMt-ztEuglmaQGvxc.roa
File: v4uemC-UVVbMt-ztEuglmaQGvxc.roa (raw, json)
Hash identifier: PsIbJuSyg6tLKr37Ws7xLYACOKOMVo0ANEurYL67XaU=
Subject key identifier: BF:8B:9E:98:2F:94:55:56:CC:B7:EC:ED:12:E8:25:99:A4:06:BF:17
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/v4uemC-UVVbMt-ztEuglmaQGvxc.roa
Signing time: Thu 15 Sep 2022 02:41:50 +0000
ROA not before: Thu 15 Sep 2022 02:41:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24162
IP address blocks: 103.172.124.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BF8B9E982F945556CCB7ECED12E82599A406BF17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:59:25:46:9a:ac:17:ab:41:c9:b1:0d:77:
4a:78:0c:3d:a6:bc:d3:74:24:3d:15:fa:28:78:8a:
6c:92:47:6c:19:c6:eb:86:9f:cf:66:d4:d3:a8:18:
68:66:e0:ad:27:23:31:47:29:60:3c:39:9b:58:12:
42:a8:5c:6c:8a:5d:43:ed:b6:07:49:67:b7:e6:16:
a8:93:37:b5:5c:44:e7:43:62:c0:f7:0b:30:42:2d:
6a:40:0c:40:16:ca:7b:55:d3:75:66:67:44:8a:e4:
fb:f7:e1:81:dd:41:9e:8e:cd:7c:0a:17:36:50:ec:
e1:bc:e0:2a:cd:0a:2a:d6:82:64:14:a2:a8:a3:e3:
ee:5a:2b:b3:1f:7b:ea:45:95:58:a4:9d:ae:22:d2:
bc:57:b0:cd:63:02:a4:ce:9f:aa:60:08:2e:c1:95:
7f:4e:a5:6b:a7:9c:2d:ad:5b:1e:1b:47:8e:f0:5c:
44:29:18:31:b8:97:36:e1:65:1d:b4:a9:d9:07:bf:
7f:47:f8:83:51:6a:a6:f9:8b:48:8b:62:3b:fe:18:
04:ee:28:e3:73:a1:9e:ff:2a:1a:86:9b:a1:85:7a:
02:8f:ab:ea:ff:fd:0e:6a:2b:13:e5:8c:38:33:9b:
5f:50:5e:0c:5d:9f:f6:2c:e5:c1:a4:ca:8e:cf:2c:
f5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8B:9E:98:2F:94:55:56:CC:B7:EC:ED:12:E8:25:99:A4:06:BF:17
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/v4uemC-UVVbMt-ztEuglmaQGvxc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ac:ff:0d:61:81:da:ec:0c:82:fe:04:1b:c9:8b:9e:1f:eb:
3b:66:c4:08:ae:c2:d1:8f:47:4c:ac:c5:94:7a:4c:b3:f4:43:
24:e6:b1:8c:b7:b1:b0:17:a0:0c:32:85:d0:c5:39:d3:58:fe:
06:43:9a:53:60:db:d6:5e:d9:d5:a5:17:82:7e:fb:eb:9c:b5:
06:f6:d1:07:ef:0f:ac:cb:b2:78:a7:15:dc:f9:c6:d9:6f:23:
38:11:96:7c:73:84:4b:c5:ea:a9:c3:30:67:7f:40:27:43:da:
2b:24:3b:f3:fa:43:f5:e2:16:c4:3a:d5:44:57:6b:54:73:08:
61:ec:69:dc:d1:cf:10:c7:2a:cb:01:f0:2f:66:b0:97:00:2b:
f5:5d:2b:7a:ac:17:6b:75:57:21:a7:e2:bb:1b:50:59:76:cb:
ea:ec:40:21:ba:d6:d0:8d:34:86:0d:86:c6:73:6e:71:bf:1a:
11:a8:ed:8f:cf:6e:da:c4:7c:1a:c9:b4:e3:08:1f:74:67:18:
46:91:f7:47:03:65:87:b7:a3:ce:79:29:81:df:81:dc:00:61:
68:4b:a6:55:69:55:4b:1a:34:58:77:56:53:e3:cc:2f:0a:e2:
99:9c:08:7d:f5:a4:28:69:df:e1:e8:8c:1f:0a:0c:0c:a4:be:
f4:39:21:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJGOEI5RTk4MkY5NDU1
NTZDQ0I3RUNFRDEyRTgyNTk5QTQwNkJGMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/D1klRpqsF6tBybENd0p4DD2mvNN0JD0V+ih4imySR2wZxuuG
n89m1NOoGGhm4K0nIzFHKWA8OZtYEkKoXGyKXUPttgdJZ7fmFqiTN7VcROdDYsD3
CzBCLWpADEAWyntV03VmZ0SK5Pv34YHdQZ6OzXwKFzZQ7OG84CrNCirWgmQUoqij
4+5aK7Mfe+pFlVikna4i0rxXsM1jAqTOn6pgCC7BlX9OpWunnC2tWx4bR47wXEQp
GDG4lzbhZR20qdkHv39H+INRaqb5i0iLYjv+GATuKONzoZ7/KhqGm6GFegKPq+r/
/Q5qKxPljDgzm19QXgxdn/Ys5cGkyo7PLPWXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUv4uemC+UVVbMt+ztEuglmaQGvxcwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUvdjR1ZW1DLVVWVmJNdC16
dEV1Z2xtYVFHdnhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGesfDANBgkqhkiG9w0BAQsFAAOCAQEAGKz/DWGB2uwMgv4EG8mLnh/rO2bECK7C
0Y9HTKzFlHpMs/RDJOaxjLexsBegDDKF0MU501j+BkOaU2Db1l7Z1aUXgn7765y1
BvbRB+8PrMuyeKcV3PnG2W8jOBGWfHOES8XqqcMwZ39AJ0PaKyQ78/pD9eIWxDrV
RFdrVHMIYexp3NHPEMcqywHwL2awlwAr9V0reqwXa3VXIafiuxtQWXbL6uxAIbrW
0I00hg2GxnNucb8aEajtj89u2sR8Gsm04wgfdGcYRpH3RwNlh7ejznkpgd+B3ABh
aEumVWlVSxo0WHdWU+PMLwrimZwIffWkKGnf4eiMHwoMDKS+9DkhQw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org