Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XINAN/ZqVqhBeerJW9-vWanWnW9pPJy3I.roa
File: ZqVqhBeerJW9-vWanWnW9pPJy3I.roa (raw, json)
Hash identifier: OaHMlptHy4vi0ZE8RbF34YUSppWFSeczXIO+/IZTpQw=
Subject key identifier: 66:A5:6A:84:17:9E:AC:95:BD:FA:F5:9A:9D:69:D6:F6:93:C9:CB:72
Certificate issuer: /CN=27E1699C6CFBD770F943A6BDF38F6BF481BB1E97
Certificate serial: 010A
Authority key identifier: 27:E1:69:9C:6C:FB:D7:70:F9:43:A6:BD:F3:8F:6B:F4:81:BB:1E:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J-FpnGz713D5Q6a9849r9IG7Hpc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINAN/ZqVqhBeerJW9-vWanWnW9pPJy3I.roa
Signing time: Mon 26 Aug 2024 05:35:15 +0000
ROA not before: Mon 26 Aug 2024 05:35:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 2401:2720::/32 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266 (0x10a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27E1699C6CFBD770F943A6BDF38F6BF481BB1E97
Validity
Not Before: Aug 26 05:35:15 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=66A56A84179EAC95BDFAF59A9D69D6F693C9CB72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:46:d9:a2:e5:ca:1b:1d:d3:0d:5d:f3:d9:64:
8d:10:0e:7d:f2:97:19:cf:5a:c2:50:ec:85:2c:4d:
1c:c6:ea:67:18:97:ba:3e:29:02:68:af:81:cf:4b:
6c:a2:2c:24:22:d7:8a:e1:4a:0f:78:69:20:69:70:
ba:db:29:fa:b9:08:e6:01:76:45:da:d7:a3:00:a9:
16:f1:e3:e9:b5:e1:e4:c3:ac:af:9d:33:44:b3:05:
c7:06:a3:04:8a:1b:f1:ed:07:ee:56:78:33:21:4e:
66:54:16:45:dd:a2:af:3f:b1:90:11:ba:7b:bd:d2:
9d:7f:6c:0d:50:b3:ae:a2:c2:45:e9:dc:2c:08:65:
4a:94:eb:77:32:00:34:91:21:55:50:6a:8a:ec:c9:
24:c7:87:9a:ad:50:03:39:3f:bd:a8:04:95:42:66:
71:b4:7c:88:d6:55:3a:ab:e6:a4:14:48:86:5a:ee:
5b:79:dd:d7:40:6d:42:18:64:3f:5e:c9:a1:6b:89:
3f:6d:64:49:63:5a:50:9b:0f:86:11:8a:31:3f:10:
be:79:19:45:37:52:51:f3:26:4c:1d:fc:de:96:a8:
fc:38:7b:df:31:4c:33:a5:a1:56:e8:75:0c:13:71:
0c:0b:94:e7:cc:b1:54:89:8d:ca:16:09:88:db:5e:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A5:6A:84:17:9E:AC:95:BD:FA:F5:9A:9D:69:D6:F6:93:C9:CB:72
X509v3 Authority Key Identifier:
keyid:27:E1:69:9C:6C:FB:D7:70:F9:43:A6:BD:F3:8F:6B:F4:81:BB:1E:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINAN/J-FpnGz713D5Q6a9849r9IG7Hpc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J-FpnGz713D5Q6a9849r9IG7Hpc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINAN/ZqVqhBeerJW9-vWanWnW9pPJy3I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:2720::/32
Signature Algorithm: sha256WithRSAEncryption
4b:79:5a:1f:74:4b:9c:da:7f:21:64:2b:21:77:89:db:e5:c6:
2e:53:53:ce:bc:57:dd:0d:a6:66:14:0e:e0:60:d8:92:d9:ae:
21:69:e5:c9:3b:ca:9f:8b:81:62:dc:ef:59:e0:88:92:08:06:
fa:33:3a:c4:28:f2:43:7d:64:94:e1:44:dd:62:08:47:e3:9d:
d4:00:c1:5f:09:63:04:89:e9:79:30:04:61:44:df:41:f9:21:
46:e0:8b:75:b2:65:cd:b7:b5:f3:b2:f4:d6:57:8b:8c:17:6e:
5a:87:44:1c:72:24:ee:e6:80:10:68:71:42:4b:4d:66:8a:62:
48:64:99:a2:91:fd:18:2e:54:1f:3a:c2:05:72:1e:1e:9d:60:
05:9f:e6:99:80:7c:ef:78:d2:01:1e:70:bb:e2:03:aa:0f:99:
7a:f1:1b:b2:4e:5a:30:f8:06:ab:08:5d:75:02:82:7e:ff:c4:
06:91:30:e6:c9:4a:a8:ef:0f:7a:03:e5:7c:45:a7:36:d3:12:
fd:53:37:12:bb:ba:e4:0c:02:f2:75:34:de:07:7b:75:34:9f:
ea:a5:03:68:65:90:df:51:a2:d7:3a:b2:8d:5f:6b:6b:a7:2b:
db:c4:a6:40:49:d1:26:bc:57:24:31:b9:8d:47:79:de:63:4c:
c6:b9:44:87
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICAQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjdF
MTY5OUM2Q0ZCRDc3MEY5NDNBNkJERjM4RjZCRjQ4MUJCMUU5NzAeFw0yNDA4MjYw
NTM1MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY2QTU2QTg0MTc5RUFD
OTVCREZBRjU5QTlENjlENkY2OTNDOUNCNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRRtmi5cobHdMNXfPZZI0QDn3ylxnPWsJQ7IUsTRzG6mcYl7o+
KQJor4HPS2yiLCQi14rhSg94aSBpcLrbKfq5COYBdkXa16MAqRbx4+m14eTDrK+d
M0SzBccGowSKG/HtB+5WeDMhTmZUFkXdoq8/sZARunu90p1/bA1Qs66iwkXp3CwI
ZUqU63cyADSRIVVQaorsySTHh5qtUAM5P72oBJVCZnG0fIjWVTqr5qQUSIZa7lt5
3ddAbUIYZD9eyaFriT9tZEljWlCbD4YRijE/EL55GUU3UlHzJkwd/N6WqPw4e98x
TDOloVbodQwTcQwLlOfMsVSJjcoWCYjbXlc7AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUZqVqhBeerJW9+vWanWnW9pPJy3IwHwYDVR0jBBgwFoAUJ+FpnGz713D5Q6a9
849r9IG7HpcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOQU4v
Si1GcG5HejcxM0Q1UTZhOTg0OXI5SUc3SHBjLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9KLUZwbkd6NzEzRDVRNmE5ODQ5cjlJRzdIcGMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9YSU5BTi9acVZxaEJlZXJKVzktdldhbldu
VzlwUEp5M0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAEn
IDANBgkqhkiG9w0BAQsFAAOCAQEAS3laH3RLnNp/IWQrIXeJ2+XGLlNTzrxX3Q2m
ZhQO4GDYktmuIWnlyTvKn4uBYtzvWeCIkggG+jM6xCjyQ31klOFE3WIIR+Od1ADB
XwljBInpeTAEYUTfQfkhRuCLdbJlzbe187L01leLjBduWodEHHIk7uaAEGhxQktN
ZopiSGSZopH9GC5UHzrCBXIeHp1gBZ/mmYB873jSAR5wu+IDqg+ZevEbsk5aMPgG
qwhddQKCfv/EBpEw5slKqO8PegPlfEWnNtMS/VM3Eru65AwC8nU03gd7dTSf6qUD
aGWQ31Gi1zqyjV9ra6cr28SmQEnRJrxXJDG5jUd53mNMxrlEhw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:03 2025 by rpki-client