Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/AVKSaxxaYK9cr278H6BybgCFoEo.roa
File: AVKSaxxaYK9cr278H6BybgCFoEo.roa (raw, json)
Hash identifier: Tbn8rSdU3R5fh5elWHT6EKQmPH0Vsg9HqvIhktWvcbU=
Subject key identifier: 01:52:92:6B:1C:5A:60:AF:5C:AF:6E:FC:1F:A0:72:6E:00:85:A0:4A
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: 0196
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/AVKSaxxaYK9cr278H6BybgCFoEo.roa
Signing time: Fri 01 Sep 2023 10:00:23 +0000
ROA not before: Fri 01 Sep 2023 10:00:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18178
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406 (0x196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Sep 1 10:00:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0152926B1C5A60AF5CAF6EFC1FA0726E0085A04A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:05:5e:a0:f5:80:e3:89:93:2b:e8:53:98:
9a:0a:19:73:fe:f3:c9:bd:dd:15:cd:92:cf:08:28:
66:82:6d:61:d1:ca:b5:1a:70:80:2f:1d:4b:00:eb:
fa:39:36:39:82:55:42:72:00:dd:24:ac:95:48:cf:
ca:3c:44:7d:72:f7:a0:d0:cc:85:80:86:cd:2b:ca:
38:7f:0f:8d:00:e3:92:97:30:b0:a9:86:a4:1e:bd:
d3:6f:e9:c7:8a:e5:19:a6:a5:c2:84:ed:a9:11:45:
5c:37:03:63:bb:8d:a4:fa:24:7c:be:78:ea:e9:4b:
f4:2c:e0:af:3b:49:94:d6:a6:62:ac:ad:73:d8:9c:
10:65:49:6d:57:1b:a5:7f:d8:c0:19:33:26:40:92:
81:d6:ce:00:bc:bc:f0:01:ea:b4:cb:2e:f9:87:70:
d2:22:29:c2:a2:80:79:72:3e:11:6c:aa:e8:cc:a2:
5d:9e:90:25:14:c6:aa:3a:aa:d8:27:13:7c:d5:5b:
83:47:52:10:54:2b:b0:60:66:bf:1e:6b:f4:12:53:
c8:44:b9:81:a5:f3:3d:8c:ba:f2:b9:ae:a3:95:3a:
22:58:b0:5e:82:25:f0:d3:ac:65:83:7a:57:c1:f9:
bc:a8:71:a0:55:20:36:c8:43:bf:de:b3:65:51:8e:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:52:92:6B:1C:5A:60:AF:5C:AF:6E:FC:1F:A0:72:6E:00:85:A0:4A
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/AVKSaxxaYK9cr278H6BybgCFoEo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
bf:f1:41:81:0d:43:8e:7a:7d:b6:cd:8d:dc:fa:34:d0:d7:b8:
7a:94:67:b2:a3:d6:d8:7a:8f:ae:54:d4:3f:14:55:ae:60:4d:
53:b0:80:16:50:66:d5:15:3e:a2:d0:4e:36:c0:37:95:32:de:
7e:62:4d:56:8c:e7:68:ca:1f:44:e3:75:3e:03:50:d5:f4:80:
34:0c:21:12:ce:7b:b3:bb:81:48:3e:fd:3f:79:86:cb:7c:1d:
bf:97:89:27:ad:38:64:5e:65:0b:2a:ea:b1:00:62:15:4b:7b:
63:58:76:82:54:ec:51:8f:78:a1:b8:ee:52:51:77:90:49:9c:
c9:5d:06:d6:61:72:8b:c7:61:7e:85:8f:c4:a2:65:cd:2e:83:
51:7f:7a:91:47:fd:f3:67:ad:50:30:67:bb:1f:91:72:89:b0:
8c:dd:db:a5:a8:b1:88:9f:23:fe:31:91:d1:12:cb:c4:bd:3c:
6b:9e:d6:40:35:7d:38:95:c5:18:f6:00:f8:34:dc:8c:34:6a:
49:e1:38:55:81:ea:cf:fc:35:a8:97:c9:00:fa:84:6e:3c:35:
3e:aa:d5:2c:88:b7:ff:d5:34:19:c7:67:cb:99:8d:ba:5f:25:
d2:07:06:bd:f6:f7:ba:57:2d:69:45:9b:d9:c6:e7:b4:f6:b7:
5a:03:96:f2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2
MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yMzA5MDEx
MDAwMjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAxNTI5MjZCMUM1QTYw
QUY1Q0FGNkVGQzFGQTA3MjZFMDA4NUEwNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEsQVeoPWA44mTK+hTmJoKGXP+88m93RXNks8IKGaCbWHRyrUa
cIAvHUsA6/o5NjmCVUJyAN0krJVIz8o8RH1y96DQzIWAhs0ryjh/D40A45KXMLCp
hqQevdNv6ceK5RmmpcKE7akRRVw3A2O7jaT6JHy+eOrpS/Qs4K87SZTWpmKsrXPY
nBBlSW1XG6V/2MAZMyZAkoHWzgC8vPAB6rTLLvmHcNIiKcKigHlyPhFsqujMol2e
kCUUxqo6qtgnE3zVW4NHUhBUK7BgZr8ea/QSU8hEuYGl8z2MuvK5rqOVOiJYsF6C
JfDTrGWDelfB+byocaBVIDbIQ7/es2VRjsjjAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUAVKSaxxaYK9cr278H6BybgCFoEowHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN
XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y
QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL0FWS1NheHhhWUs5Y3IyNzhINkJ5YmdD
Rm9Fby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G
CSqGSIb3DQEBCwUAA4IBAQC/8UGBDUOOen22zY3c+jTQ17h6lGeyo9bYeo+uVNQ/
FFWuYE1TsIAWUGbVFT6i0E42wDeVMt5+Yk1WjOdoyh9E43U+A1DV9IA0DCESznuz
u4FIPv0/eYbLfB2/l4knrThkXmULKuqxAGIVS3tjWHaCVOxRj3ihuO5SUXeQSZzJ
XQbWYXKLx2F+hY/EomXNLoNRf3qRR/3zZ61QMGe7H5FyibCM3dulqLGInyP+MZHR
EsvEvTxrntZANX04lcUY9gD4NNyMNGpJ4ThVgerP/DWol8kA+oRuPDU+qtUsiLf/
1TQZx2fLmY26XyXSBwa99ve6Vy1pRZvZxue09rdaA5by
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:01 2025 by rpki-client