Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/yGHolO3EU7T8C1EgaR6-aE0VGww.roa
File: yGHolO3EU7T8C1EgaR6-aE0VGww.roa (raw, json)
Hash identifier: fN0rbin4F85GuHGtncrmF2tWBalTU/phrgt+WqmWzCE=
Subject key identifier: C8:61:E8:94:ED:C4:53:B4:FC:0B:51:20:69:1E:BE:68:4D:15:1B:0C
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 11E7
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/yGHolO3EU7T8C1EgaR6-aE0VGww.roa
Signing time: Wed 03 Jan 2024 10:35:43 +0000
ROA not before: Wed 03 Jan 2024 10:35:43 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18417
IP address blocks: 119.75.245.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4583 (0x11e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Jan 3 10:35:43 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C861E894EDC453B4FC0B5120691EBE684D151B0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d8:9e:4d:b1:d1:bb:c9:20:b2:61:95:3b:98:
30:45:42:eb:6e:16:ec:b0:8a:72:9c:07:e1:0b:c9:
b1:2f:73:33:3f:72:1c:bd:49:4b:f5:9d:10:ae:72:
29:cf:c0:36:e2:8f:d4:85:b8:9a:05:0d:21:c1:47:
e3:ff:5e:7f:d9:08:6c:6e:bb:56:22:f5:3d:ed:23:
13:06:ef:6b:87:bd:3b:d8:b2:02:d5:ab:8c:f9:b5:
e5:05:ef:be:fd:7a:77:49:59:3d:4d:c9:a7:f7:b0:
e1:ea:22:66:31:37:b1:2b:7e:ab:d1:0f:42:be:57:
eb:2c:73:d6:32:6f:d2:13:32:f5:d6:e5:7b:b5:82:
6c:34:22:d8:2d:b2:46:58:c4:0b:ae:3a:db:cc:1e:
81:ee:d4:7a:52:2b:69:39:b5:07:ce:51:19:34:c1:
92:64:9f:62:64:fc:e1:8d:25:25:09:4d:4a:55:4c:
b6:1d:ff:85:14:b4:ad:58:09:19:39:c6:bd:3d:9d:
9c:9a:9a:e9:96:6a:f9:1d:05:83:8a:a2:b9:3a:b8:
f9:53:8a:32:f5:90:6a:ac:85:fb:44:a8:ae:ec:92:
2b:d2:8b:5b:52:90:96:5e:c7:8e:27:97:a6:ed:f3:
9a:fc:6b:8a:4b:61:b6:dc:db:a7:24:7c:06:56:50:
c6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:61:E8:94:ED:C4:53:B4:FC:0B:51:20:69:1E:BE:68:4D:15:1B:0C
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/yGHolO3EU7T8C1EgaR6-aE0VGww.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.75.245.0/24
Signature Algorithm: sha256WithRSAEncryption
07:71:18:34:e2:12:88:53:fb:cb:92:0f:db:cb:fd:ef:31:87:
d1:cf:62:1f:e2:ab:a7:32:f2:b2:1a:08:9b:38:12:96:62:68:
e1:cc:f0:08:e9:db:a3:54:f8:01:af:5a:fd:a6:3b:ae:cb:25:
82:50:e8:8d:e2:df:5b:24:10:c6:62:e5:bc:bb:74:e2:6f:55:
08:ee:34:fe:5c:e0:6e:a3:a5:17:00:aa:fc:3d:8a:76:ba:03:
ad:82:55:55:5a:62:0a:78:39:15:54:91:81:e7:94:bd:ed:de:
c2:de:c4:79:16:80:d2:a1:e9:07:8b:6a:9b:e2:43:6a:b6:bf:
64:c7:3e:26:87:94:2b:1d:74:f7:8e:22:30:d9:d5:0f:20:c8:
2d:41:89:fd:bf:51:6a:3c:cb:b8:29:e0:6d:7f:9b:5f:f2:f7:
01:8a:8f:06:51:b9:34:cd:e9:4b:9b:00:69:d4:0f:67:12:82:
e2:3d:d5:f7:c6:ab:9c:52:20:a3:2c:a8:3c:e3:ca:17:12:25:
5d:eb:ac:cd:81:13:c9:df:af:ef:85:fa:a7:8d:f7:51:8d:80:
9c:37:c4:bc:aa:ad:59:81:7d:21:96:75:2e:38:ba:b6:3a:0c:
ff:e8:dc:27:9f:3e:51:55:e5:60:11:86:79:9a:1c:40:a8:27:
0b:d7:1f:46
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDAxMDMx
MDM1NDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM4NjFFODk0RURDNDUz
QjRGQzBCNTEyMDY5MUVCRTY4NEQxNTFCMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb2J5NsdG7ySCyYZU7mDBFQutuFuywinKcB+ELybEvczM/chy9
SUv1nRCucinPwDbij9SFuJoFDSHBR+P/Xn/ZCGxuu1Yi9T3tIxMG72uHvTvYsgLV
q4z5teUF7779endJWT1Nyaf3sOHqImYxN7ErfqvRD0K+V+ssc9Yyb9ITMvXW5Xu1
gmw0ItgtskZYxAuuOtvMHoHu1HpSK2k5tQfOURk0wZJkn2Jk/OGNJSUJTUpVTLYd
/4UUtK1YCRk5xr09nZyamumWavkdBYOKork6uPlTijL1kGqshftEqK7skivSi1tS
kJZex44nl6bt85r8a4pLYbbc26ckfAZWUMYBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUyGHolO3EU7T8C1EgaR6+aE0VGwwwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy95R0hvbE8zRVU3VDhDMUVnYVI2
LWFFMFZHd3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAd0v1
MA0GCSqGSIb3DQEBCwUAA4IBAQAHcRg04hKIU/vLkg/by/3vMYfRz2If4qunMvKy
GgibOBKWYmjhzPAI6dujVPgBr1r9pjuuyyWCUOiN4t9bJBDGYuW8u3Tib1UI7jT+
XOBuo6UXAKr8PYp2ugOtglVVWmIKeDkVVJGB55S97d7C3sR5FoDSoekHi2qb4kNq
tr9kxz4mh5QrHXT3jiIw2dUPIMgtQYn9v1FqPMu4KeBtf5tf8vcBio8GUbk0zelL
mwBp1A9nEoLiPdX3xqucUiCjLKg848oXEiVd66zNgRPJ36/vhfqnjfdRjYCcN8S8
qq1ZgX0hlnUuOLq2Ogz/6Nwnnz5RVeVgEYZ5mhxAqCcL1x9G
Generated at Mon Feb 5 11:36:22 2024 by rpki-client on console-ams.rpki-client.org