Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/RECTALE/yHcL8VYsRdtDj7ZvqJU8ThxFwvg.roa
File: yHcL8VYsRdtDj7ZvqJU8ThxFwvg.roa (raw, json)
Hash identifier: xAjPzlpquGvIMmmv501iRY74IVlFTgUhM4fYMnG55h4=
Subject key identifier: C8:77:0B:F1:56:2C:45:DB:43:8F:B6:6F:A8:95:3C:4E:1C:45:C2:F8
Certificate issuer: /CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Certificate serial: 011F
Authority key identifier: E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/yHcL8VYsRdtDj7ZvqJU8ThxFwvg.roa
Signing time: Thu 15 Sep 2022 02:41:54 +0000
ROA not before: Thu 15 Sep 2022 02:41:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 210707
IP address blocks: 103.172.124.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287 (0x11f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E2AF8CFD95270FCF5C2CA65D87777F6FB7ABFD32
Validity
Not Before: Sep 15 02:41:54 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C8770BF1562C45DB438FB66FA8953C4E1C45C2F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:65:e7:27:9f:74:60:69:69:44:62:ec:6f:2b:
60:b1:a3:b1:32:d6:5c:f0:52:5f:dd:43:e7:e3:24:
32:4d:2d:cf:74:9a:50:44:ae:bd:ec:d4:52:e3:e1:
11:71:de:d7:70:13:b9:6d:b6:f5:79:b2:d8:7c:78:
2b:4b:f7:44:0c:36:31:4d:9d:ae:c3:7b:c7:dd:4d:
cb:ff:bb:28:a0:de:0e:cf:cb:f2:50:e5:9e:46:f3:
0e:0c:4c:b9:95:94:cc:5c:22:d5:ff:1d:02:19:41:
55:db:0c:d9:5e:92:53:ec:1e:83:c2:14:12:ab:c1:
cb:0c:5d:09:b8:3e:8f:61:93:3a:8c:34:07:a0:9c:
d1:c2:de:83:10:52:5c:e9:c1:19:fb:b5:53:48:21:
15:51:27:0c:2e:8a:e3:d8:0f:4a:e2:64:06:e4:42:
fd:a1:38:20:c1:74:df:b6:d9:a7:96:80:a9:62:41:
b1:8d:e6:07:21:94:43:08:a1:4f:e5:54:31:84:ba:
e8:b9:bd:ce:51:58:59:d1:9e:0d:a9:e5:68:42:e4:
e0:40:7d:c2:fe:4e:db:09:f6:95:33:20:13:e7:ab:
7a:3f:d6:60:d9:cc:aa:27:21:a3:c6:22:44:34:c0:
99:d2:a3:70:32:fc:70:02:c4:61:4d:bf:20:1d:6d:
8e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:77:0B:F1:56:2C:45:DB:43:8F:B6:6F:A8:95:3C:4E:1C:45:C2:F8
X509v3 Authority Key Identifier:
keyid:E2:AF:8C:FD:95:27:0F:CF:5C:2C:A6:5D:87:77:7F:6F:B7:AB:FD:32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/4q-M_ZUnD89cLKZdh3d_b7er_TI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4q-M_ZUnD89cLKZdh3d_b7er_TI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RECTALE/yHcL8VYsRdtDj7ZvqJU8ThxFwvg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.124.0/24
Signature Algorithm: sha256WithRSAEncryption
32:9b:e4:c1:37:0d:5d:1f:f3:02:9d:9e:fb:69:20:ca:62:91:
94:dd:f0:ac:2c:ca:ff:10:19:87:11:65:f2:2d:74:89:e6:95:
63:95:7e:15:7a:78:d9:75:4e:c5:9d:43:33:7e:42:6c:0b:15:
95:98:2d:a3:5a:07:12:d8:40:c1:7c:80:49:8d:a0:42:0e:6a:
45:df:18:1b:4e:12:4e:4c:a9:90:5f:af:81:1c:da:94:33:22:
3e:67:d5:d9:99:4a:90:ce:b0:a0:5e:c4:f1:60:a9:e0:bf:f8:
6a:19:d0:85:89:5d:21:8c:e8:71:a9:8e:c1:15:bb:ec:98:2f:
56:1a:89:b9:c4:ad:e8:13:e4:56:5f:a4:81:48:3e:4d:47:64:
ac:27:83:09:d0:df:17:27:21:9b:56:0d:56:1b:80:60:8e:d7:
6e:d0:83:42:3a:17:98:69:8f:88:fa:aa:23:d3:da:89:09:ac:
ea:a1:fe:ac:7c:11:03:2a:d0:28:d9:d1:93:16:46:50:ff:06:
87:c1:d1:45:68:73:43:d7:c3:bd:4e:de:88:e0:2a:fc:4d:06:
4d:0b:64:ae:06:67:53:c4:c4:27:94:12:df:c1:cc:d8:97:4b:
d3:4b:b6:b7:66:30:e2:80:c5:0b:7e:8e:a4:b8:46:d0:e5:2b:
60:cb:00:68
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTJB
RjhDRkQ5NTI3MEZDRjVDMkNBNjVEODc3NzdGNkZCN0FCRkQzMjAeFw0yMjA5MTUw
MjQxNTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM4NzcwQkYxNTYyQzQ1
REI0MzhGQjY2RkE4OTUzQzRFMUM0NUMyRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Zecnn3RgaWlEYuxvK2Cxo7Ey1lzwUl/dQ+fjJDJNLc90mlBE
rr3s1FLj4RFx3tdwE7lttvV5sth8eCtL90QMNjFNna7De8fdTcv/uyig3g7Py/JQ
5Z5G8w4MTLmVlMxcItX/HQIZQVXbDNleklPsHoPCFBKrwcsMXQm4Po9hkzqMNAeg
nNHC3oMQUlzpwRn7tVNIIRVRJwwuiuPYD0riZAbkQv2hOCDBdN+22aeWgKliQbGN
5gchlEMIoU/lVDGEuui5vc5RWFnRng2p5WhC5OBAfcL+TtsJ9pUzIBPnq3o/1mDZ
zKonIaPGIkQ0wJnSo3Ay/HACxGFNvyAdbY6RAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUyHcL8VYsRdtDj7ZvqJU8ThxFwvgwHwYDVR0jBBgwFoAU4q+M/ZUnD89cLKZd
h3d/b7er/TIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUkVDVEFM
RS80cS1NX1pVbkQ4OWNMS1pkaDNkX2I3ZXJfVEkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLzRxLU1fWlVuRDg5Y0xLWmRoM2RfYjdlcl9USS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1JFQ1RBTEUveUhjTDhWWXNSZHREajda
dnFKVThUaHhGd3ZnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGesfDANBgkqhkiG9w0BAQsFAAOCAQEAMpvkwTcNXR/zAp2e+2kgymKRlN3wrCzK
/xAZhxFl8i10ieaVY5V+FXp42XVOxZ1DM35CbAsVlZgto1oHEthAwXyASY2gQg5q
Rd8YG04STkypkF+vgRzalDMiPmfV2ZlKkM6woF7E8WCp4L/4ahnQhYldIYzocamO
wRW77JgvVhqJucSt6BPkVl+kgUg+TUdkrCeDCdDfFychm1YNVhuAYI7XbtCDQjoX
mGmPiPqqI9PaiQms6qH+rHwRAyrQKNnRkxZGUP8Gh8HRRWhzQ9fDvU7eiOAq/E0G
TQtkrgZnU8TEJ5QS38HM2JdL00u2t2Yw4oDFC36OpLhG0OUrYMsAaA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:16 2023 by rpki-client on console-fra.rpki-client.org