Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/khzyuAn-RJlADD2Yp7ZtGbc217k.roa
File: khzyuAn-RJlADD2Yp7ZtGbc217k.roa (raw, json)
Hash identifier: IMrFEbSi2g0cFlw44fGz4HMFhKkDvmdr6BLgn2gBI50=
Subject key identifier: 92:1C:F2:B8:09:FE:44:99:40:0C:3D:98:A7:B6:6D:19:B7:36:D7:B9
Certificate issuer: /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Certificate serial: 0A56
Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/khzyuAn-RJlADD2Yp7ZtGbc217k.roa
Signing time: Wed 01 Jun 2022 11:42:00 +0000
ROA not before: Wed 01 Jun 2022 11:42:00 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 38047
IP address blocks: 103.106.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2646 (0xa56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Validity
Not Before: Jun 1 11:42:00 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=921CF2B809FE4499400C3D98A7B66D19B736D7B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:00:5b:76:a1:f9:5e:9d:16:b1:c3:7e:59:d4:
e2:77:94:bd:22:4b:d6:ac:ed:61:4b:ee:80:ca:ef:
e7:4f:49:32:79:88:ba:d2:db:66:df:cc:4a:09:53:
40:13:af:b2:b3:a7:7f:31:fc:2c:32:57:ba:d0:e5:
ee:1c:58:26:99:fd:fe:a5:fe:08:9c:94:a7:67:5e:
73:6e:b5:a7:e8:86:f1:6c:70:fa:7a:e9:f7:ed:1d:
28:21:25:5d:eb:b2:41:88:7b:48:bf:1d:be:c9:d8:
84:9d:11:bc:ed:d8:fc:60:9c:7e:f7:c1:9f:4a:6c:
10:ba:f2:fb:fb:e8:0a:5c:1b:7f:39:f3:e7:ec:87:
90:af:fe:4d:52:fd:35:72:ec:10:e9:91:cb:d5:87:
c2:96:df:42:26:0e:4a:2f:91:75:16:52:03:2d:1a:
d1:4b:76:79:d9:6f:b3:d2:fb:1e:e3:0d:31:64:ea:
e4:40:93:47:49:33:78:9c:c8:e8:4d:bd:65:fd:64:
f8:b5:98:0c:10:4d:4d:10:e6:d3:c0:29:32:3c:4f:
af:9b:d7:17:eb:c4:be:fd:a4:65:52:67:ab:0f:a4:
f1:da:11:72:32:1c:1a:7e:32:bf:3b:31:79:3d:18:
94:a0:3c:16:5a:a9:1a:dc:29:1b:ed:c0:49:60:a0:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1C:F2:B8:09:FE:44:99:40:0C:3D:98:A7:B6:6D:19:B7:36:D7:B9
X509v3 Authority Key Identifier:
keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/khzyuAn-RJlADD2Yp7ZtGbc217k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.55.0/24
Signature Algorithm: sha256WithRSAEncryption
43:6b:84:c1:25:bb:77:d2:b1:e2:b3:d8:1e:3b:82:2e:27:d8:
ce:2b:14:f1:45:02:e6:41:ec:fd:33:05:6b:47:bd:95:e3:4d:
32:27:7a:95:fb:76:76:7a:ae:ff:6e:7d:4c:d6:02:7d:6f:00:
20:7a:11:dd:a0:6a:78:6d:0f:a8:b2:44:32:f4:5f:8b:d3:fb:
93:bf:fa:cc:b1:45:06:ec:91:ed:95:5e:6f:a1:7c:16:ec:21:
f3:79:43:a5:1f:9f:7e:9f:54:bb:45:ae:d9:9a:cd:8d:91:f9:
7c:44:7c:91:7e:d1:8f:43:d7:c1:a0:94:30:03:0b:49:92:0e:
ad:b6:47:d1:a2:e1:0d:fb:ad:7b:63:cc:d5:d6:c2:b5:da:e2:
72:1c:97:35:d7:ad:11:b9:71:e6:f2:f1:b2:29:6a:5e:1b:b3:
4c:f3:45:5f:5c:d3:02:4a:08:f1:b5:fc:d2:2b:ac:3e:cc:30:
30:db:0d:1d:b5:11:62:6f:c4:51:1b:74:9f:76:d5:28:37:d4:
4f:d7:3d:78:7e:a6:1e:f3:e8:68:b3:48:28:ab:55:0e:d9:a1:
7e:8e:0d:12:3d:18:1f:c9:f1:25:d8:7d:0a:81:35:e9:3d:34:
2e:1f:37:ad:0e:49:82:01:77:d1:c3:54:6d:3f:7c:3a:78:f9:
49:e6:22:f2
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICClYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1
NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yMjA2MDEx
MTQyMDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDkyMUNGMkI4MDlGRTQ0
OTk0MDBDM0Q5OEE3QjY2RDE5QjczNkQ3QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWAFt2oflenRaxw35Z1OJ3lL0iS9as7WFL7oDK7+dPSTJ5iLrS
22bfzEoJU0ATr7Kzp38x/CwyV7rQ5e4cWCaZ/f6l/giclKdnXnNutafohvFscPp6
6fftHSghJV3rskGIe0i/Hb7J2ISdEbzt2PxgnH73wZ9KbBC68vv76ApcG3858+fs
h5Cv/k1S/TVy7BDpkcvVh8KW30ImDkovkXUWUgMtGtFLdnnZb7PS+x7jDTFk6uRA
k0dJM3icyOhNvWX9ZPi1mAwQTU0Q5tPAKTI8T6+b1xfrxL79pGVSZ6sPpPHaEXIy
HBp+Mr87MXk9GJSgPBZaqRrcKRvtwElgoKjBAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUkhzyuAn+RJlADD2Yp7ZtGbc217kwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB
76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI
RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL2toenl1QW4tUkps
QUREMllwN1p0R2JjMjE3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABnajcwDQYJKoZIhvcNAQELBQADggEBAENrhMElu3fSseKz2B47gi4n2M4r
FPFFAuZB7P0zBWtHvZXjTTInepX7dnZ6rv9ufUzWAn1vACB6Ed2ganhtD6iyRDL0
X4vT+5O/+syxRQbske2VXm+hfBbsIfN5Q6Ufn36fVLtFrtmazY2R+XxEfJF+0Y9D
18GglDADC0mSDq22R9Gi4Q37rXtjzNXWwrXa4nIclzXXrRG5ceby8bIpal4bs0zz
RV9c0wJKCPG1/NIrrD7MMDDbDR21EWJvxFEbdJ921Sg31E/XPXh+ph7z6GizSCir
VQ7ZoX6ODRI9GB/J8SXYfQqBNek9NC4fN60OSYIBd9HDVG0/fDp4+UnmIvI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:08:34 2025 by rpki-client