Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nJGc69_QP8uDDLNS9rISUIdfbYU.roa
File: nJGc69_QP8uDDLNS9rISUIdfbYU.roa (raw, json)
Hash identifier: iCoTBcj7jWB03YBxUCHz6uWQYoKFVxKmS0aOMjZE2nE=
Subject key identifier: 9C:91:9C:EB:DF:D0:3F:CB:83:0C:B3:52:F6:B2:12:50:87:5F:6D:85
Certificate issuer: /CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Certificate serial: 08E5
Authority key identifier: 00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nJGc69_QP8uDDLNS9rISUIdfbYU.roa
Signing time: Sun 07 Feb 2021 06:05:34 +0000
ROA not before: Sun 07 Feb 2021 06:05:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38047
IP address blocks: 103.106.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2277 (0x8e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00572E99C64ED652FA81D501EFA16CF9D44AE99C
Validity
Not Before: Feb 7 06:05:34 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9C919CEBDFD03FCB830CB352F6B21250875F6D85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4f:dd:dd:60:2e:d1:ff:84:89:8b:98:05:ef:
bb:4e:e0:8f:98:85:ff:41:1a:25:23:03:a9:28:91:
27:3a:9b:16:43:d1:fa:2d:db:59:21:c1:0b:f8:cc:
0a:17:49:73:76:e2:6f:3f:52:66:d9:ba:d9:71:c0:
fb:67:85:96:9a:b8:26:66:43:b3:47:14:67:6d:ae:
d6:a7:df:ae:92:f2:ef:3e:22:50:a9:70:f4:1b:d5:
f7:ff:f2:d0:25:3e:23:66:e2:29:71:c1:6f:b5:57:
db:e8:5d:e3:ec:91:fd:38:34:67:93:e3:6d:7a:a5:
49:74:56:e9:68:b4:b5:2f:af:4f:e0:bb:ac:b5:16:
9a:6b:fa:12:2e:01:da:1d:8c:42:35:51:fd:66:7f:
0b:b8:70:bc:70:1d:56:7d:36:f0:d0:a3:ca:eb:e1:
5e:a9:17:f7:d5:fc:32:0f:1a:09:35:a8:c2:6c:60:
2f:12:dc:24:73:13:49:f8:7c:36:e9:f0:1b:d3:7b:
d2:fe:94:ad:8b:78:83:37:37:2f:45:09:6e:d0:a1:
d6:65:51:da:34:ab:07:29:44:44:35:f4:22:4a:2d:
ec:43:0d:c1:0c:8d:78:44:7d:d7:cf:56:ea:90:39:
6e:0c:98:dc:50:57:be:8d:0d:68:36:80:d2:dd:ec:
59:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:91:9C:EB:DF:D0:3F:CB:83:0C:B3:52:F6:B2:12:50:87:5F:6D:85
X509v3 Authority Key Identifier:
keyid:00:57:2E:99:C6:4E:D6:52:FA:81:D5:01:EF:A1:6C:F9:D4:4A:E9:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/AFcumcZO1lL6gdUB76Fs-dRK6Zw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AFcumcZO1lL6gdUB76Fs-dRK6Zw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHINCHENG/nJGc69_QP8uDDLNS9rISUIdfbYU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.53.0/24
Signature Algorithm: sha256WithRSAEncryption
88:a8:9f:9c:6d:46:76:85:26:18:4d:87:6a:0f:5a:90:67:9a:
c8:12:cc:19:21:35:7f:a4:55:e1:ab:57:29:ea:31:5c:a5:e9:
96:45:33:c2:1e:39:3d:5c:c9:7a:df:31:d3:5e:16:e7:8f:e5:
7f:b3:a9:a8:45:85:fc:41:b1:10:c3:4f:73:6e:ab:c0:8d:b9:
b2:39:9b:38:77:23:ca:f3:df:7e:41:af:29:83:74:34:c4:9f:
eb:a3:c4:3d:40:a6:73:e6:c7:39:fc:db:df:3c:61:9e:91:ff:
91:06:0d:4d:4d:92:3d:25:ca:8c:c5:09:67:ac:e4:28:66:37:
d3:2e:05:08:56:92:32:6f:40:f8:f9:3e:26:9f:78:35:7b:47:
f2:9a:53:3a:af:cf:48:74:f1:3d:95:05:06:ad:6c:cd:51:ba:
1a:60:79:22:16:cb:30:e5:19:cb:1f:8c:7e:56:43:51:45:86:
09:59:48:7c:f4:84:8a:65:af:ce:f1:c8:0d:28:62:1b:21:43:
74:8d:48:2d:07:aa:1a:25:a8:5d:39:33:a7:ca:6e:20:da:5f:
ca:81:3b:c2:0d:9f:29:33:0c:ed:8e:8c:08:07:cb:5c:c0:77:
77:cf:b7:ef:ef:b5:c0:bf:5e:59:2d:6d:9d:ac:7b:0f:b3:a7:
55:cf:55:4f
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDA1
NzJFOTlDNjRFRDY1MkZBODFENTAxRUZBMTZDRjlENDRBRTk5QzAeFw0yMTAyMDcw
NjA1MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlDOTE5Q0VCREZEMDNG
Q0I4MzBDQjM1MkY2QjIxMjUwODc1RjZEODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBT93dYC7R/4SJi5gF77tO4I+Yhf9BGiUjA6kokSc6mxZD0fot
21khwQv4zAoXSXN24m8/UmbZutlxwPtnhZaauCZmQ7NHFGdtrtan366S8u8+IlCp
cPQb1ff/8tAlPiNm4ilxwW+1V9voXePskf04NGeT4216pUl0VulotLUvr0/gu6y1
Fppr+hIuAdodjEI1Uf1mfwu4cLxwHVZ9NvDQo8rr4V6pF/fV/DIPGgk1qMJsYC8S
3CRzE0n4fDbp8BvTe9L+lK2LeIM3Ny9FCW7QodZlUdo0qwcpREQ19CJKLexDDcEM
jXhEfdfPVuqQOW4MmNxQV76NDWg2gNLd7FlnAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUnJGc69/QP8uDDLNS9rISUIdfbYUwHwYDVR0jBBgwFoAUAFcumcZO1lL6gdUB
76Fs+dRK6ZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNI
RU5HL0FGY3VtY1pPMWxMNmdkVUI3NkZzLWRSSzZady5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvQUZjdW1jWk8xbEw2Z2RVQjc2RnMtZFJLNlp3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hJTkNIRU5HL25KR2M2OV9RUDh1
RERMTlM5cklTVUlkZmJZVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABnajUwDQYJKoZIhvcNAQELBQADggEBAIion5xtRnaFJhhNh2oPWpBnmsgS
zBkhNX+kVeGrVynqMVyl6ZZFM8IeOT1cyXrfMdNeFueP5X+zqahFhfxBsRDDT3Nu
q8CNubI5mzh3I8rz335BrymDdDTEn+ujxD1ApnPmxzn82988YZ6R/5EGDU1Nkj0l
yozFCWes5ChmN9MuBQhWkjJvQPj5PiafeDV7R/KaUzqvz0h08T2VBQatbM1Ruhpg
eSIWyzDlGcsfjH5WQ1FFhglZSHz0hIplr87xyA0oYhshQ3SNSC0HqholqF05M6fK
biDaX8qBO8INnykzDO2OjAgHy1zAd3fPt+/vtcC/XlktbZ2sew+zp1XPVU8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:12 2025 by rpki-client