Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nI-g1M1OhJvqzFCMMGEIQ0O5ZbM.roa
File: nI-g1M1OhJvqzFCMMGEIQ0O5ZbM.roa (raw, json)
Hash identifier: UFzER5cHRtCi37Z6RWL95pRr//hkdCCwZYCoPN7jPhI=
Subject key identifier: 9C:8F:A0:D4:CD:4E:84:9B:EA:CC:50:8C:30:61:08:43:43:B9:65:B3
Certificate issuer: /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Certificate serial: 0CC3
Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nI-g1M1OhJvqzFCMMGEIQ0O5ZbM.roa
Signing time: Mon 26 Aug 2024 05:25:55 +0000
ROA not before: Mon 26 Aug 2024 05:25:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38047
IP address blocks: 103.106.55.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3267 (0xcc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Validity
Not Before: Aug 26 05:25:55 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9C8FA0D4CD4E849BEACC508C3061084343B965B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:57:0e:a3:bc:88:c7:ae:01:4a:ae:74:9c:6b:
57:1d:3f:36:50:c3:14:b7:1f:32:77:a9:5c:7b:35:
fb:b9:f7:9e:75:19:2d:53:a8:c2:bc:5f:50:6e:d5:
cc:72:43:10:ed:9b:3d:3d:16:e4:96:2c:30:a0:84:
08:db:2d:10:23:bc:cb:ce:80:c5:77:5b:00:92:20:
ec:a1:03:b8:de:39:34:3d:11:e2:be:f2:3c:bd:80:
ae:33:68:d4:38:23:9b:5d:3f:b5:0a:f4:98:dc:d0:
55:41:60:28:9e:88:86:3f:c4:da:44:97:86:89:f4:
79:d8:2f:77:cc:57:20:be:b1:9a:e5:c5:a0:07:77:
84:ab:9d:77:00:62:0e:ab:0e:ee:9e:0d:0b:40:cb:
1f:5c:3e:09:20:31:98:a7:d4:b8:23:85:f2:67:68:
37:c1:68:28:21:35:1d:f0:86:18:5a:4f:67:81:e2:
2b:4b:40:f5:f4:68:8d:92:b6:5f:ab:e4:20:c1:dc:
52:08:64:f1:51:23:eb:70:e3:9f:59:b4:52:65:60:
91:be:d8:62:c1:00:8c:fe:23:c2:49:ef:02:b3:f6:
55:10:d4:74:f0:1d:50:4c:c4:c7:59:04:29:70:6d:
fe:4e:b5:88:35:fd:c6:9b:68:8d:58:a8:1e:a8:b3:
1e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8F:A0:D4:CD:4E:84:9B:EA:CC:50:8C:30:61:08:43:43:B9:65:B3
X509v3 Authority Key Identifier:
keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nI-g1M1OhJvqzFCMMGEIQ0O5ZbM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.55.0/24
Signature Algorithm: sha256WithRSAEncryption
12:1e:e0:10:7c:36:10:53:0a:aa:42:7a:6f:15:77:d8:8e:03:
61:c2:24:4d:1d:61:ce:7e:01:f5:04:10:8e:be:7c:12:b1:86:
e3:f3:21:7e:12:c2:e9:c2:3d:d8:fd:07:05:eb:92:7a:b7:a1:
fd:2d:98:fd:68:47:28:e2:ab:a7:63:4b:c6:18:85:85:1c:bc:
f9:84:7f:28:79:43:86:c4:69:2e:f6:d7:94:ee:01:54:52:aa:
eb:91:3a:58:a9:d1:97:25:d8:e3:f2:d5:6f:37:80:d7:2a:9e:
5a:e0:66:8d:db:e5:40:8c:46:8b:15:51:c0:d3:66:20:7a:eb:
05:5e:47:94:82:3f:f2:d9:0a:cd:28:bc:d5:18:f6:45:94:8c:
73:68:6e:1f:14:87:4d:f4:d6:8d:5e:5f:78:1a:fd:85:e0:d3:
b3:58:13:5a:4d:cb:24:56:af:9c:66:67:97:d3:97:4b:d1:cd:
88:e3:74:80:2d:66:88:09:33:ea:f6:34:2c:ed:6e:ec:f5:20:
da:58:ac:89:52:40:32:62:81:5b:f0:11:38:aa:27:9d:fa:28:
0d:8f:f5:ff:f3:08:38:8b:c1:4e:7b:53:3d:f0:30:3b:fe:b6:
52:c2:4a:60:29:8d:07:4f:d5:59:92:b3:b4:39:df:2e:5a:65:
70:0b:62:2c
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1
NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yNDA4MjYw
NTI1NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlDOEZBMEQ0Q0Q0RTg0
OUJFQUNDNTA4QzMwNjEwODQzNDNCOTY1QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuVw6jvIjHrgFKrnSca1cdPzZQwxS3HzJ3qVx7Nfu59551GS1T
qMK8X1Bu1cxyQxDtmz09FuSWLDCghAjbLRAjvMvOgMV3WwCSIOyhA7jeOTQ9EeK+
8jy9gK4zaNQ4I5tdP7UK9Jjc0FVBYCieiIY/xNpEl4aJ9HnYL3fMVyC+sZrlxaAH
d4SrnXcAYg6rDu6eDQtAyx9cPgkgMZin1LgjhfJnaDfBaCghNR3whhhaT2eB4itL
QPX0aI2Stl+r5CDB3FIIZPFRI+tw459ZtFJlYJG+2GLBAIz+I8JJ7wKz9lUQ1HTw
HVBMxMdZBClwbf5OtYg1/cabaI1YqB6osx59AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUnI+g1M1OhJvqzFCMMGEIQ0O5ZbMwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB
76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI
RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL25JLWcxTTFPaEp2
cXpGQ01NR0VJUTBPNVpiTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABnajcwDQYJKoZIhvcNAQELBQADggEBABIe4BB8NhBTCqpCem8Vd9iOA2HC
JE0dYc5+AfUEEI6+fBKxhuPzIX4SwunCPdj9BwXrknq3of0tmP1oRyjiq6djS8YY
hYUcvPmEfyh5Q4bEaS7215TuAVRSquuROlip0Zcl2OPy1W83gNcqnlrgZo3b5UCM
RosVUcDTZiB66wVeR5SCP/LZCs0ovNUY9kWUjHNobh8Uh0301o1eX3ga/YXg07NY
E1pNyyRWr5xmZ5fTl0vRzYjjdIAtZogJM+r2NCztbuz1INpYrIlSQDJigVvwETiq
J536KA2P9f/zCDiLwU57Uz3wMDv+tlLCSmApjQdP1VmSs7Q53y5aZXALYiw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:46:01 2025 by rpki-client