Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0mhgTmchoFsLyxmlXsrFoX63RBY.roa
File: 0mhgTmchoFsLyxmlXsrFoX63RBY.roa (raw, json)
Hash identifier: 3Gbmz4qZZPuTYHakXj0o+LzdwBDfl4K594dXVSu8nXY=
Subject key identifier: D2:68:60:4E:67:21:A0:5B:0B:CB:19:A5:5E:CA:C5:A1:7E:B7:44:16
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 11E1
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0mhgTmchoFsLyxmlXsrFoX63RBY.roa
Signing time: Tue 02 Jan 2024 10:36:35 +0000
ROA not before: Tue 02 Jan 2024 10:36:35 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18417
IP address blocks: 119.75.245.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4577 (0x11e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Jan 2 10:36:35 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D268604E6721A05B0BCB19A55ECAC5A17EB74416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:74:f0:6c:65:e0:4e:08:b0:ac:5b:ff:44:
50:a6:1d:1e:b8:97:6f:f3:a1:50:56:3c:37:b3:a9:
fb:3f:36:a4:e5:21:f9:ba:35:d7:2a:b9:d0:c1:f8:
a2:94:33:cc:67:e5:cc:74:d4:b7:bf:80:fb:09:1c:
78:7f:6f:29:cd:07:fe:f9:4f:5e:04:a9:78:34:e8:
36:54:60:67:dd:e3:dc:a5:87:f5:8f:0c:0e:c9:5d:
25:5e:d5:5c:ee:5b:56:e2:e4:38:db:0c:c5:12:83:
d2:dd:d2:11:34:04:2e:d9:d3:30:73:50:98:e8:1a:
8f:95:8c:c0:04:10:73:b6:41:11:27:69:e3:c2:71:
a7:85:88:c8:df:08:d4:f2:f4:00:6d:d4:7d:3e:c8:
90:7d:ce:b2:e2:f8:de:7d:10:93:ef:e7:d5:e9:79:
f6:30:41:ff:7f:02:dd:05:1f:c7:c8:87:b6:37:2d:
66:42:45:23:c1:f5:e5:28:7a:bf:56:8b:f3:61:b4:
b2:c8:f4:4a:ab:84:bf:63:2b:b8:3c:fb:29:a3:58:
fc:79:98:75:fe:36:37:da:81:ca:18:6f:f0:b9:e0:
0d:f5:6c:e7:00:09:82:d7:80:29:08:f3:e0:67:23:
84:c9:85:78:61:06:72:ed:9d:be:7b:b2:19:f0:f1:
b5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:68:60:4E:67:21:A0:5B:0B:CB:19:A5:5E:CA:C5:A1:7E:B7:44:16
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/0mhgTmchoFsLyxmlXsrFoX63RBY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.75.245.0/24
Signature Algorithm: sha256WithRSAEncryption
66:95:5b:0d:bb:a7:7b:7f:77:0b:0b:87:48:58:f3:2e:21:28:
cc:26:c0:1b:a2:41:8d:ac:70:67:b8:88:82:76:c4:26:19:1d:
0f:8b:af:67:60:5c:af:d6:ba:83:f0:f9:d8:be:4a:21:21:df:
32:66:0d:33:cc:99:a7:30:2c:8b:ee:c1:0b:d0:74:35:02:2b:
02:8a:57:62:bc:80:61:a4:be:17:4a:fe:40:2c:c4:0a:2b:9c:
6a:3d:89:44:45:5c:84:b2:7a:7a:98:fa:0b:2c:ba:f6:e3:ee:
19:c9:cc:0e:a2:2a:51:d4:07:40:98:8a:af:7e:36:01:52:9a:
1d:fc:41:ae:26:8c:2d:13:1b:9c:1f:b5:a6:ef:c4:cf:1a:65:
ba:27:37:40:aa:dc:42:88:20:a8:7d:bf:3b:e7:cf:34:b3:08:
a3:6f:3f:a1:84:cc:68:80:24:a7:25:74:0a:f9:54:ce:77:11:
49:d1:10:e1:d3:bd:61:71:2b:65:cf:ea:71:b4:9d:9d:89:28:
1a:0f:f2:40:23:20:3b:8e:b8:12:85:14:ff:bb:86:b9:5e:7a:
d2:0f:36:bd:85:1b:3e:60:77:af:4f:99:32:d9:f0:03:af:ae:
49:44:fd:ca:38:30:b8:1a:30:d4:2f:e7:e1:bb:97:1c:c9:9d:
fd:cc:3c:6f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDAxMDIx
MDM2MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQyNjg2MDRFNjcyMUEw
NUIwQkNCMTlBNTVFQ0FDNUExN0VCNzQ0MTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHAnTwbGXgTgiwrFv/RFCmHR64l2/zoVBWPDezqfs/NqTlIfm6
NdcqudDB+KKUM8xn5cx01Le/gPsJHHh/bynNB/75T14EqXg06DZUYGfd49ylh/WP
DA7JXSVe1VzuW1bi5DjbDMUSg9Ld0hE0BC7Z0zBzUJjoGo+VjMAEEHO2QREnaePC
caeFiMjfCNTy9ABt1H0+yJB9zrLi+N59EJPv59XpefYwQf9/At0FH8fIh7Y3LWZC
RSPB9eUoer9Wi/NhtLLI9EqrhL9jK7g8+ymjWPx5mHX+NjfagcoYb/C54A31bOcA
CYLXgCkI8+BnI4TJhXhhBnLtnb57shnw8bX/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU0mhgTmchoFsLyxmlXsrFoX63RBYwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8wbWhnVG1jaG9Gc0x5eG1sWHNy
Rm9YNjNSQlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAd0v1
MA0GCSqGSIb3DQEBCwUAA4IBAQBmlVsNu6d7f3cLC4dIWPMuISjMJsAbokGNrHBn
uIiCdsQmGR0Pi69nYFyv1rqD8PnYvkohId8yZg0zzJmnMCyL7sEL0HQ1AisCildi
vIBhpL4XSv5ALMQKK5xqPYlERVyEsnp6mPoLLLr24+4ZycwOoipR1AdAmIqvfjYB
Upod/EGuJowtExucH7Wm78TPGmW6JzdAqtxCiCCofb875880swijbz+hhMxogCSn
JXQK+VTOdxFJ0RDh071hcStlz+pxtJ2diSgaD/JAIyA7jrgShRT/u4a5XnrSDza9
hRs+YHevT5ky2fADr65JRP3KODC4GjDUL+fhu5ccyZ39zDxv
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org