Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/_V5cc3VYR0HgprproPRta3nB9Cw.roa
File: _V5cc3VYR0HgprproPRta3nB9Cw.roa (raw, json)
Hash identifier: p2qOK1aZaNWZrH3jDjR7mkSsWBn2zTIFoRpARgS2HgI=
Subject key identifier: FD:5E:5C:73:75:58:47:41:E0:A6:BA:6B:A0:F4:6D:6B:79:C1:F4:2C
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: F5
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/_V5cc3VYR0HgprproPRta3nB9Cw.roa
Signing time: Sat 14 Jan 2023 03:39:23 +0000
ROA not before: Sat 14 Jan 2023 03:39:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131642
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 245 (0xf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Jan 14 03:39:23 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=FD5E5C7375584741E0A6BA6BA0F46D6B79C1F42C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0d:ff:f1:e2:2f:78:d8:9d:b1:1b:6c:63:99:
9a:37:aa:1f:72:f3:cf:19:e3:f6:15:4f:50:72:f0:
3b:53:fc:f1:21:d6:59:3d:fb:13:8d:bf:20:2b:04:
9c:3f:04:53:b3:6a:c2:e1:94:a5:65:d2:40:c6:5c:
52:43:30:c5:58:c2:22:b8:6e:96:fc:e7:bb:89:fc:
bc:f4:e2:48:1a:a9:6f:d0:e0:71:41:f0:f2:71:6b:
8c:99:3e:64:48:4a:b4:ba:d2:e3:c2:63:e0:c1:c4:
5e:fe:45:47:b1:0f:27:7a:a0:21:26:9a:f7:32:11:
78:c0:fc:f2:1c:91:c0:d4:9a:63:b1:c2:db:f5:6b:
61:16:08:91:e1:be:c7:e1:41:66:52:e2:d7:7d:67:
cf:5d:37:31:29:5e:25:fb:f8:7f:33:82:81:0b:53:
29:fe:c1:28:43:6b:77:be:fc:f5:24:e4:f0:50:fb:
20:34:df:be:39:0c:75:c9:bb:50:ca:d7:98:7c:bc:
59:cf:0e:bd:a0:53:33:b5:0c:98:17:2d:6d:13:d7:
07:56:d7:21:f3:6e:c6:ac:73:bd:d7:70:f6:ed:dd:
91:fb:7f:de:5f:df:97:c2:8a:a7:ba:30:bc:15:13:
fa:55:30:60:8d:08:bc:5e:d4:ee:70:07:73:fd:50:
7a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5E:5C:73:75:58:47:41:E0:A6:BA:6B:A0:F4:6D:6B:79:C1:F4:2C
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/_V5cc3VYR0HgprproPRta3nB9Cw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
8b:f2:78:0f:f3:b6:de:98:d1:bd:39:ae:7d:b9:3c:74:f6:c8:
83:c3:1d:3e:f2:a0:b0:33:49:ff:64:90:c9:ce:0e:36:ce:15:
27:9a:fa:67:8f:28:2a:c0:96:23:3a:0e:6e:4b:9d:2a:50:df:
e9:6b:48:56:3d:0b:a6:9a:98:01:34:74:84:20:05:be:c3:46:
98:9a:42:51:07:35:0f:48:cc:4c:97:94:5a:6e:2d:68:d2:34:
4e:5e:f3:cf:31:9b:a2:0c:43:aa:4a:46:5f:cc:52:a5:7c:51:
cc:23:cc:7e:e8:5f:c6:17:7e:81:29:d0:87:30:d9:53:b7:e2:
98:14:66:85:85:df:61:a3:bc:14:89:81:6b:84:39:f4:b8:90:
14:50:84:be:96:90:7b:3e:01:4d:a2:71:f8:76:33:e0:1f:fd:
ae:85:50:fa:63:48:df:d0:66:bc:90:14:69:d1:f6:e6:55:10:
bb:49:90:ff:aa:a5:71:ee:e8:9d:d8:2a:79:b8:4f:c3:02:23:
f4:b5:02:62:54:1a:2b:65:5b:cb:6b:62:23:d2:9f:e6:52:88:
ce:e2:8a:aa:4e:e0:31:fb:fe:7c:f8:2d:c9:e1:4f:e4:df:77:
f5:cd:cc:0a:15:3d:ce:51:f7:4c:04:24:e1:77:97:cf:ab:09:
43:e4:ef:bb
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2
MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yMzAxMTQw
MzM5MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZENUU1QzczNzU1ODQ3
NDFFMEE2QkE2QkEwRjQ2RDZCNzlDMUY0MkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpDf/x4i942J2xG2xjmZo3qh9y888Z4/YVT1By8DtT/PEh1lk9
+xONvyArBJw/BFOzasLhlKVl0kDGXFJDMMVYwiK4bpb857uJ/Lz04kgaqW/Q4HFB
8PJxa4yZPmRISrS60uPCY+DBxF7+RUexDyd6oCEmmvcyEXjA/PIckcDUmmOxwtv1
a2EWCJHhvsfhQWZS4td9Z89dNzEpXiX7+H8zgoELUyn+wShDa3e+/PUk5PBQ+yA0
3745DHXJu1DK15h8vFnPDr2gUzO1DJgXLW0T1wdW1yHzbsasc73XcPbt3ZH7f95f
35fCiqe6MLwVE/pVMGCNCLxe1O5wB3P9UHpBAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU/V5cc3VYR0HgprproPRta3nB9CwwHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN
XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y
QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL19WNWNjM1ZZUjBIZ3BycHJvUFJ0YTNu
QjlDdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G
CSqGSIb3DQEBCwUAA4IBAQCL8ngP87bemNG9Oa59uTx09siDwx0+8qCwM0n/ZJDJ
zg42zhUnmvpnjygqwJYjOg5uS50qUN/pa0hWPQummpgBNHSEIAW+w0aYmkJRBzUP
SMxMl5Rabi1o0jROXvPPMZuiDEOqSkZfzFKlfFHMI8x+6F/GF36BKdCHMNlTt+KY
FGaFhd9ho7wUiYFrhDn0uJAUUIS+lpB7PgFNonH4djPgH/2uhVD6Y0jf0Ga8kBRp
0fbmVRC7SZD/qqVx7uid2Cp5uE/DAiP0tQJiVBorZVvLa2Ij0p/mUojO4oqqTuAx
+/58+C3J4U/k33f1zcwKFT3OUfdMBCThd5fPqwlD5O+7
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:15 2025 by rpki-client