Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/EZliZv9u2SnKExIUc4M7nsYBzRQ.roa
File: EZliZv9u2SnKExIUc4M7nsYBzRQ.roa (raw, json)
Hash identifier: MzPUXcArE0i5Qvdt+9pCOfNPWkxRKdWrg0bHhXyQwgA=
Subject key identifier: 11:99:62:66:FF:6E:D9:29:CA:13:12:14:73:83:3B:9E:C6:01:CD:14
Certificate issuer: /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial: 13ED
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/EZliZv9u2SnKExIUc4M7nsYBzRQ.roa
Signing time: Fri 10 Jan 2025 08:33:02 +0000
ROA not before: Fri 10 Jan 2025 08:33:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 202525
IP address blocks: 103.123.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5101 (0x13ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Validity
Not Before: Jan 10 08:33:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=11996266FF6ED929CA13121473833B9EC601CD14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:70:8c:79:20:c0:1c:31:f2:71:74:e5:28:bf:
5c:fe:21:c4:fc:a5:a7:8a:35:b0:fc:c8:62:15:a4:
5b:3c:71:a7:be:b4:fd:40:ec:44:c2:83:3d:bc:f9:
67:dd:16:82:4c:ce:e6:11:a2:f7:41:5e:d7:16:e0:
03:ea:b0:bc:8e:e6:92:23:15:55:9f:74:3e:8d:c7:
4b:fa:5b:59:59:2c:7e:22:ec:68:27:23:de:ad:69:
4f:0e:5d:5f:6e:36:d3:e5:a6:a4:99:46:ab:18:95:
e0:10:e9:52:5e:20:fa:63:55:bf:8f:78:fd:ec:1f:
76:70:63:d4:a2:07:39:cc:3b:99:50:6a:57:6b:24:
f7:79:cb:0f:2c:c1:a6:8b:61:93:dc:cd:8a:0b:06:
78:41:cd:a7:fe:ec:5e:54:7a:f1:57:b1:0d:9d:0f:
8a:0c:d3:5f:bf:d5:1c:b9:4c:29:d1:d5:1b:93:5f:
8a:3a:ca:24:32:3b:d7:6d:6d:b0:1d:a2:5e:85:16:
32:b5:27:a6:d5:5f:92:bb:5d:78:70:b9:d2:1a:57:
51:c2:f1:d0:b5:74:59:4e:44:1a:41:f7:4b:cc:26:
11:bd:e8:ed:0c:0f:c9:a2:c7:0c:90:49:41:20:0b:
89:f0:f7:12:67:82:f2:70:59:67:08:09:05:48:b7:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:99:62:66:FF:6E:D9:29:CA:13:12:14:73:83:3B:9E:C6:01:CD:14
X509v3 Authority Key Identifier:
keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/EZliZv9u2SnKExIUc4M7nsYBzRQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.216.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d1:b2:a1:07:6b:58:8e:4c:cf:a9:0b:37:01:ef:da:53:db:
1b:9b:43:33:2a:f8:4e:2e:a2:f3:0d:06:37:2c:a8:00:3f:43:
cb:34:cf:ba:43:91:b0:fd:27:4b:72:e8:87:87:41:6e:62:f2:
af:a9:6c:87:bc:45:c2:67:8e:15:f4:35:1d:16:f3:a7:ae:4f:
40:cf:c6:b6:9a:74:a2:61:1d:4b:ff:99:36:69:cf:8d:9d:31:
70:82:af:e4:b5:53:98:4a:ec:d9:01:74:bb:9d:3a:e0:13:ea:
a0:5d:ff:ee:dc:ed:22:c1:64:9f:16:c8:a3:97:35:4c:fb:46:
ff:35:8a:b0:53:a4:91:64:59:e7:8c:fe:a1:80:20:ad:f2:52:
c3:74:81:05:27:15:c5:be:cb:69:4d:a4:27:5e:c4:a4:cc:9f:
14:c8:1e:1d:9f:36:be:31:f4:62:ce:4e:61:ba:20:1f:42:aa:
8f:b8:eb:81:cd:b7:df:6d:90:1b:eb:1b:ca:39:e8:e8:fc:d1:
53:21:40:3a:cd:3e:5a:04:0f:f3:f6:d4:d0:c8:38:97:a3:02:
4a:02:3f:52:92:bc:ba:2c:19:ee:48:8a:6f:15:20:e3:e6:b1:
7b:67:ec:ff:f4:60:fe:ea:4c:29:50:46:09:42:6a:7b:2f:22:
2a:cc:ea:b0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICE+0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNTAxMTAw
ODMzMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDExOTk2MjY2RkY2RUQ5
MjlDQTEzMTIxNDczODMzQjlFQzYwMUNEMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdcIx5IMAcMfJxdOUov1z+IcT8paeKNbD8yGIVpFs8cae+tP1A
7ETCgz28+WfdFoJMzuYRovdBXtcW4APqsLyO5pIjFVWfdD6Nx0v6W1lZLH4i7Ggn
I96taU8OXV9uNtPlpqSZRqsYleAQ6VJeIPpjVb+PeP3sH3ZwY9SiBznMO5lQaldr
JPd5yw8swaaLYZPczYoLBnhBzaf+7F5UevFXsQ2dD4oM01+/1Ry5TCnR1RuTX4o6
yiQyO9dtbbAdol6FFjK1J6bVX5K7XXhwudIaV1HC8dC1dFlORBpB90vMJhG96O0M
D8mixwyQSUEgC4nw9xJngvJwWWcICQVIt4TZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUEZliZv9u2SnKExIUc4M7nsYBzRQwHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC9FWmxpWnY5dTJTbktFeElVYzRN
N25zWUJ6UlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vY
MA0GCSqGSIb3DQEBCwUAA4IBAQBb0bKhB2tYjkzPqQs3Ae/aU9sbm0MzKvhOLqLz
DQY3LKgAP0PLNM+6Q5Gw/SdLcuiHh0FuYvKvqWyHvEXCZ44V9DUdFvOnrk9Az8a2
mnSiYR1L/5k2ac+NnTFwgq/ktVOYSuzZAXS7nTrgE+qgXf/u3O0iwWSfFsijlzVM
+0b/NYqwU6SRZFnnjP6hgCCt8lLDdIEFJxXFvstpTaQnXsSkzJ8UyB4dnza+MfRi
zk5huiAfQqqPuOuBzbffbZAb6xvKOejo/NFTIUA6zT5aBA/z9tTQyDiXowJKAj9S
kry6LBnuSIpvFSDj5rF7Z+z/9GD+6kwpUEYJQmp7LyIqzOqw
Generated at Fri Jan 10 12:22:37 2025 by rpki-client on console.sobornost.net