Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mtVMmWuIiJyXG14euhpRprbZJ0Y.roa
File: mtVMmWuIiJyXG14euhpRprbZJ0Y.roa (raw, json)
Hash identifier: BT4rZBKNYXM1Np2rGb8gAm1VNgo0z+Zrq15zsu4tgNY=
Subject key identifier: 9A:D5:4C:99:6B:88:88:9C:97:1B:5E:1E:BA:1A:51:A6:B6:D9:27:46
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 121B
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mtVMmWuIiJyXG14euhpRprbZJ0Y.roa
Signing time: Mon 05 Feb 2024 09:05:39 +0000
ROA not before: Mon 05 Feb 2024 09:05:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18417
IP address blocks: 119.75.245.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4635 (0x121b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Feb 5 09:05:39 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9AD54C996B88889C971B5E1EBA1A51A6B6D92746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:18:2d:e7:95:11:c7:62:a9:67:a6:8d:8e:17:
51:87:a6:d2:a7:49:14:17:ee:88:6e:bf:a6:54:b3:
db:45:ca:13:25:0f:ab:90:27:46:7c:1b:49:a1:78:
10:e8:ae:0a:20:8b:e3:c3:12:49:95:b0:ed:53:e9:
b7:54:ab:a3:77:58:10:c6:64:24:76:3c:6e:05:81:
09:d4:a9:bf:92:85:d1:c9:c4:35:e4:07:1f:3d:fc:
81:ac:b4:0d:ca:1c:e1:cb:7b:f4:77:3a:91:81:b6:
e3:04:08:2d:10:1d:30:04:b5:2c:a4:5d:8d:95:3b:
24:66:8f:46:08:5b:94:10:f0:0e:e8:a8:e2:05:ff:
30:17:76:d8:cd:20:5c:ec:77:95:b9:87:ce:78:20:
1d:79:aa:ff:e6:25:81:39:31:ac:a2:7e:77:73:8e:
3c:14:ac:a2:b8:13:2f:fe:6b:8e:67:9b:88:42:05:
a3:83:0d:a4:e9:6e:33:70:ab:60:de:0a:5b:5b:cb:
82:6b:7c:ff:fa:59:33:5d:d3:3b:b4:b9:5b:20:e1:
83:bd:a1:33:45:06:fc:1e:60:0f:c0:38:68:63:3b:
03:7b:78:ef:5d:4d:02:81:41:a9:9c:77:0b:e4:9a:
a1:b2:1b:96:68:ab:12:ee:45:f4:15:7e:f6:be:1d:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D5:4C:99:6B:88:88:9C:97:1B:5E:1E:BA:1A:51:A6:B6:D9:27:46
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/mtVMmWuIiJyXG14euhpRprbZJ0Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.75.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:17:34:c2:22:f6:7b:88:c7:9f:f0:f5:09:29:a8:b4:b7:11:
27:d3:40:50:88:1c:75:9c:57:82:85:08:79:12:96:f4:d7:55:
1f:fa:75:d6:7e:36:7a:4e:e9:70:a0:55:50:f6:07:4a:6d:b2:
42:80:89:91:7d:30:b1:f8:dc:86:98:b0:b0:06:65:fd:b4:8c:
35:5a:26:3a:f6:44:09:f7:62:40:a6:60:59:fd:53:41:6a:99:
77:bc:f0:ed:d0:e1:6b:d0:b2:b5:28:fd:71:a8:f9:10:7f:f3:
02:41:41:89:99:00:81:f3:d5:22:f3:14:1f:b6:62:95:cb:33:
8c:62:bc:9a:8c:36:97:a4:61:68:87:02:07:89:d5:19:64:c1:
61:df:4a:67:df:8e:7d:f0:23:57:55:64:6c:8b:3b:03:12:dc:
96:2b:62:ae:ae:eb:aa:34:f3:6c:45:30:2e:83:f2:b1:49:8f:
fb:75:7f:d2:be:b6:18:4c:51:e9:7e:41:2e:b9:76:33:8c:a1:
e5:14:d5:6a:7d:98:75:35:8f:19:3c:d1:be:4b:c0:5e:32:bb:
d7:30:10:9d:ce:9a:cc:3a:e9:14:9f:66:7a:92:9e:69:2c:00:
4c:f9:ef:22:e3:8d:12:d1:9e:07:dd:3e:87:06:1d:20:db:ba:
dc:41:8f:fe
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDAyMDUw
OTA1MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlBRDU0Qzk5NkI4ODg4
OUM5NzFCNUUxRUJBMUE1MUE2QjZEOTI3NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbGC3nlRHHYqlnpo2OF1GHptKnSRQX7ohuv6ZUs9tFyhMlD6uQ
J0Z8G0mheBDorgogi+PDEkmVsO1T6bdUq6N3WBDGZCR2PG4FgQnUqb+ShdHJxDXk
Bx89/IGstA3KHOHLe/R3OpGBtuMECC0QHTAEtSykXY2VOyRmj0YIW5QQ8A7oqOIF
/zAXdtjNIFzsd5W5h854IB15qv/mJYE5MayifndzjjwUrKK4Ey/+a45nm4hCBaOD
DaTpbjNwq2DeCltby4JrfP/6WTNd0zu0uVsg4YO9oTNFBvweYA/AOGhjOwN7eO9d
TQKBQamcdwvkmqGyG5ZoqxLuRfQVfva+HXw7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUmtVMmWuIiJyXG14euhpRprbZJ0YwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9tdFZNbVd1SWlKeVhHMTRldWhw
UnByYlpKMFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAd0v1
MA0GCSqGSIb3DQEBCwUAA4IBAQCkFzTCIvZ7iMef8PUJKai0txEn00BQiBx1nFeC
hQh5Epb011Uf+nXWfjZ6TulwoFVQ9gdKbbJCgImRfTCx+NyGmLCwBmX9tIw1WiY6
9kQJ92JApmBZ/VNBapl3vPDt0OFr0LK1KP1xqPkQf/MCQUGJmQCB89Ui8xQftmKV
yzOMYryajDaXpGFohwIHidUZZMFh30pn34598CNXVWRsizsDEtyWK2KuruuqNPNs
RTAug/KxSY/7dX/SvrYYTFHpfkEuuXYzjKHlFNVqfZh1NY8ZPNG+S8BeMrvXMBCd
zprMOukUn2Z6kp5pLABM+e8i440S0Z4H3T6HBh0g27rcQY/+
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:44 2024 by rpki-client on console-ams.rpki-client.org