Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ULC/_OQbtdYOqQ6jM4NBrSJIOcxSUj8.roa
File: _OQbtdYOqQ6jM4NBrSJIOcxSUj8.roa (raw, json)
Hash identifier: 93T8TS67TLWHUThoWMzFlFl2aa3YNTwUR9BzCntIMrs=
Subject key identifier: FC:E4:1B:B5:D6:0E:A9:0E:A3:33:83:41:AD:22:48:39:CC:52:52:3F
Certificate issuer: /CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Certificate serial: 048C
Authority key identifier: BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/_OQbtdYOqQ6jM4NBrSJIOcxSUj8.roa
Signing time: Mon 26 Aug 2024 05:34:33 +0000
ROA not before: Mon 26 Aug 2024 05:34:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18178
IP address blocks: 2406:9740::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1164 (0x48c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Validity
Not Before: Aug 26 05:34:33 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FCE41BB5D60EA90EA3338341AD224839CC52523F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ac:30:1c:66:1d:8a:a4:94:c7:58:f2:06:a6:
32:d7:5e:00:9c:0b:4a:bf:77:5c:67:5a:09:19:22:
2a:58:1e:f8:0e:e1:fc:b7:5e:f6:fe:f1:54:e9:b3:
1b:a2:60:0d:96:99:98:b9:8d:96:ea:2a:15:9a:b6:
d3:eb:41:ff:8d:89:6a:8e:63:8a:b9:13:1e:7d:bc:
d2:4c:8b:de:62:0d:ec:2d:3a:07:52:ba:f7:13:f3:
df:69:14:a0:aa:74:1f:dc:bf:6a:5a:65:7d:0a:4b:
e2:19:b0:69:47:07:38:9e:e2:ac:a9:9d:20:10:ae:
89:c1:da:6a:c2:e5:76:82:8a:b8:ae:ec:37:8f:48:
ae:93:65:41:6d:23:fe:cc:6f:d2:fd:d5:d4:ad:14:
c0:f9:e6:1a:a5:ca:ef:bd:da:ef:a6:1c:21:75:8c:
0d:df:5c:77:d1:93:7b:af:8f:15:94:f8:69:26:7e:
62:0b:89:85:36:7c:11:f3:a9:d3:7b:1e:f2:a5:30:
af:b4:a7:8e:62:6b:eb:ea:2f:56:f6:6c:6b:bf:5b:
83:e5:d5:5c:0c:af:00:29:d6:65:5d:af:db:a4:a8:
e5:e5:d0:9f:28:a7:1c:c0:f7:05:a7:d0:07:80:db:
58:7e:3a:70:90:52:a2:78:ba:5b:b7:ae:57:eb:c5:
05:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E4:1B:B5:D6:0E:A9:0E:A3:33:83:41:AD:22:48:39:CC:52:52:3F
X509v3 Authority Key Identifier:
keyid:BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/v7t_e1xYMjSQh1hJuO3aSV7xexs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/_OQbtdYOqQ6jM4NBrSJIOcxSUj8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:9740::/32
Signature Algorithm: sha256WithRSAEncryption
0f:61:6a:1b:db:ca:01:02:dd:1a:5b:ab:83:a3:b1:4d:b0:7b:
f2:e6:f1:2e:df:ef:ef:83:11:4e:24:7c:64:8d:c3:b2:2c:2c:
5a:1e:63:2f:68:1f:d1:8c:79:38:1b:d2:c4:c7:b5:15:3a:74:
a7:ec:e6:b5:cb:e4:d2:3c:b8:ef:40:cc:79:cc:41:a6:81:91:
bd:9e:6f:4d:df:cb:32:aa:02:65:6a:a3:40:a7:13:34:28:46:
75:f3:b2:d3:0a:de:8c:c0:1d:84:64:99:ca:89:14:8b:3e:48:
d7:ff:df:c2:00:ec:87:d3:74:33:86:c5:bd:17:87:cd:4e:62:
1a:b2:35:bd:c3:a6:46:e9:44:6b:2e:05:73:4b:eb:58:f5:1d:
ab:6f:1d:a6:55:69:5e:63:b6:e4:74:df:13:f1:7d:4f:ab:56:
da:e2:dd:21:ce:0c:19:fc:3a:df:05:a9:3d:a4:92:83:86:3a:
03:d5:e3:04:69:24:27:67:ee:5e:10:b8:c3:fd:42:fa:e9:a6:
55:dd:53:a1:68:a6:54:24:04:4c:1c:d9:cf:40:6f:b8:30:03:
d5:f8:d9:9f:b4:ef:c6:f8:45:0a:a5:75:1a:0e:32:cb:7d:95:
5d:9d:78:22:18:23:c2:e6:ad:82:27:ea:5f:4e:45:b0:b2:58:
6a:3b:5e:47
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICBIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkZC
QjdGN0I1QzU4MzIzNDkwODc1ODQ5QjhFRERBNDk1RUYxN0IxQjAeFw0yNDA4MjYw
NTM0MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZDRTQxQkI1RDYwRUE5
MEVBMzMzODM0MUFEMjI0ODM5Q0M1MjUyM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBrDAcZh2KpJTHWPIGpjLXXgCcC0q/d1xnWgkZIipYHvgO4fy3
Xvb+8VTpsxuiYA2WmZi5jZbqKhWattPrQf+NiWqOY4q5Ex59vNJMi95iDewtOgdS
uvcT899pFKCqdB/cv2paZX0KS+IZsGlHBzie4qypnSAQronB2mrC5XaCiriu7DeP
SK6TZUFtI/7Mb9L91dStFMD55hqlyu+92u+mHCF1jA3fXHfRk3uvjxWU+GkmfmIL
iYU2fBHzqdN7HvKlMK+0p45ia+vqL1b2bGu/W4Pl1VwMrwAp1mVdr9ukqOXl0J8o
pxzA9wWn0AeA21h+OnCQUqJ4ulu3rlfrxQXdAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU/OQbtdYOqQ6jM4NBrSJIOcxSUj8wHwYDVR0jBBgwFoAUv7t/e1xYMjSQh1hJ
uO3aSV7xexswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL3Y3
dF9lMXhZTWpTUWgxaEp1TzNhU1Y3eGV4cy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djd0X2UxeFlNalNRaDFoSnVPM2FTVjd4ZXhzLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL19PUWJ0ZFlPcVE2ak00TkJyU0pJT2N4
U1VqOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBpdAMA0G
CSqGSIb3DQEBCwUAA4IBAQAPYWob28oBAt0aW6uDo7FNsHvy5vEu3+/vgxFOJHxk
jcOyLCxaHmMvaB/RjHk4G9LEx7UVOnSn7Oa1y+TSPLjvQMx5zEGmgZG9nm9N38sy
qgJlaqNApxM0KEZ187LTCt6MwB2EZJnKiRSLPkjX/9/CAOyH03QzhsW9F4fNTmIa
sjW9w6ZG6URrLgVzS+tY9R2rbx2mVWleY7bkdN8T8X1Pq1ba4t0hzgwZ/DrfBak9
pJKDhjoD1eMEaSQnZ+5eELjD/UL66aZV3VOhaKZUJARMHNnPQG+4MAPV+NmftO/G
+EUKpXUaDjLLfZVdnXgiGCPC5q2CJ+pfTkWwslhqO15H
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:23 2025 by rpki-client