Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/KXqygFFKsue2Vdo4EAfsBXuqLnM.roa
File: KXqygFFKsue2Vdo4EAfsBXuqLnM.roa (raw, json)
Hash identifier: m4/vDW8gGy+B7KGRXYVYHEKMh0M7q779RKI7T2POJ6k=
Subject key identifier: 29:7A:B2:80:51:4A:B2:E7:B6:55:DA:38:10:07:EC:05:7B:AA:2E:73
Certificate issuer: /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Certificate serial: 0CC1
Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/KXqygFFKsue2Vdo4EAfsBXuqLnM.roa
Signing time: Mon 26 Aug 2024 05:25:55 +0000
ROA not before: Mon 26 Aug 2024 05:25:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38047
IP address blocks: 103.106.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3265 (0xcc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Validity
Not Before: Aug 26 05:25:55 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=297AB280514AB2E7B655DA381007EC057BAA2E73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:be:ea:3f:5e:39:78:0c:15:e0:34:61:2e:
1e:6b:6e:72:00:10:15:27:5f:59:7e:d8:59:ae:33:
39:84:74:99:c0:70:43:15:b0:ee:3f:6f:9a:fb:7f:
df:32:c3:6d:4b:a7:87:74:37:e8:65:b1:e2:01:56:
37:7b:ee:99:c5:a3:76:b0:f2:8d:8e:48:1e:bc:01:
0e:4c:ba:c2:39:59:f7:4d:6a:75:a1:7d:a4:08:56:
de:c7:1f:63:29:e1:a1:02:2d:8d:e1:ab:fa:7e:ef:
7a:b9:ae:35:d1:4b:25:95:d9:fb:ce:84:b1:37:c0:
98:c0:ec:b3:d9:11:16:ed:4a:58:7a:2d:a2:15:e0:
1d:da:d3:81:39:ac:05:bd:68:be:ad:f4:0d:51:62:
45:7a:b2:30:3a:3d:f7:48:d2:c6:5a:a8:43:bc:22:
26:52:61:c3:92:f3:10:e6:a0:dc:2e:ee:47:7c:52:
5a:d2:44:6e:45:ab:95:cb:a4:00:1d:19:8b:c4:da:
04:01:88:77:d7:97:cc:5e:19:82:c3:03:21:dd:f3:
8b:ff:9d:33:c8:06:5a:5a:62:0d:4e:87:68:90:2e:
c4:66:a4:3b:c9:5a:e2:2d:6f:91:aa:a7:c8:49:1b:
16:65:13:aa:9c:79:9e:63:73:90:23:97:47:66:42:
a7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:7A:B2:80:51:4A:B2:E7:B6:55:DA:38:10:07:EC:05:7B:AA:2E:73
X509v3 Authority Key Identifier:
keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/KXqygFFKsue2Vdo4EAfsBXuqLnM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.53.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a2:e4:ea:11:16:32:f5:ef:77:79:cc:f7:ad:e6:9e:8d:9a:
aa:b2:0d:a1:bb:10:5a:8f:a6:eb:be:0e:e1:1c:c4:83:ca:40:
36:1f:56:67:14:1b:ee:49:c4:ad:fa:22:fc:4e:80:1b:c3:d1:
28:02:23:ca:e9:22:fc:c7:b2:13:fe:7e:e5:1e:97:90:7f:d2:
26:a6:f9:b5:4b:d9:83:10:6a:a6:1d:b0:af:79:6d:ac:02:a4:
b4:d1:45:4e:4c:28:d9:45:bf:5b:97:3d:b4:f0:d3:48:31:f7:
bd:f8:79:82:42:03:c9:76:2a:42:fc:67:f7:4a:b3:ae:a6:0a:
c9:e8:44:f1:4b:3b:7d:ff:78:b7:fe:70:20:64:0f:9c:81:be:
25:60:3f:c7:77:cd:8c:2a:13:f0:bf:eb:ba:ad:1b:27:f0:14:
01:62:7d:39:09:1a:ae:65:b7:d7:ed:0b:9b:78:23:43:f2:6c:
94:5d:6e:7b:85:75:ee:2b:55:b8:a7:ca:c7:19:9a:ba:1b:53:
2f:b5:f7:1a:3f:bc:82:ee:39:05:20:90:40:04:cb:1f:88:20:
7c:7e:59:e4:3b:99:0c:f5:ef:0b:c5:70:05:84:a0:e6:0d:a9:
dc:94:37:98:3a:d4:92:5a:4f:af:65:d8:81:c2:80:c6:50:21:
14:16:c7:6e
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1
NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yNDA4MjYw
NTI1NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5N0FCMjgwNTE0QUIy
RTdCNjU1REEzODEwMDdFQzA1N0JBQTJFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Qb7qP145eAwV4DRhLh5rbnIAEBUnX1l+2FmuMzmEdJnAcEMV
sO4/b5r7f98yw21Lp4d0N+hlseIBVjd77pnFo3aw8o2OSB68AQ5MusI5WfdNanWh
faQIVt7HH2Mp4aECLY3hq/p+73q5rjXRSyWV2fvOhLE3wJjA7LPZERbtSlh6LaIV
4B3a04E5rAW9aL6t9A1RYkV6sjA6PfdI0sZaqEO8IiZSYcOS8xDmoNwu7kd8UlrS
RG5Fq5XLpAAdGYvE2gQBiHfXl8xeGYLDAyHd84v/nTPIBlpaYg1Oh2iQLsRmpDvJ
WuItb5Gqp8hJGxZlE6qceZ5jc5Ajl0dmQqdVAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUKXqygFFKsue2Vdo4EAfsBXuqLnMwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB
76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI
RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL0tYcXlnRkZLc3Vl
MlZkbzRFQWZzQlh1cUxuTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABnajUwDQYJKoZIhvcNAQELBQADggEBAAui5OoRFjL173d5zPet5p6Nmqqy
DaG7EFqPpuu+DuEcxIPKQDYfVmcUG+5JxK36IvxOgBvD0SgCI8rpIvzHshP+fuUe
l5B/0iam+bVL2YMQaqYdsK95bawCpLTRRU5MKNlFv1uXPbTw00gx9734eYJCA8l2
KkL8Z/dKs66mCsnoRPFLO33/eLf+cCBkD5yBviVgP8d3zYwqE/C/67qtGyfwFAFi
fTkJGq5lt9ftC5t4I0PybJRdbnuFde4rVbinyscZmrobUy+19xo/vILuOQUgkEAE
yx+IIHx+WeQ7mQz17wvFcAWEoOYNqdyUN5g61JJaT69l2IHCgMZQIRQWx24=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:28 2025 by rpki-client