Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/11ejmwIChMGJiZdWQrwT4e-va-s.roa
File: 11ejmwIChMGJiZdWQrwT4e-va-s.roa (raw, json)
Hash identifier: cArKvAcVFwU8i/ZGceioHnQ5o9NcsXAN9sc7mIi9InU=
Subject key identifier: D7:57:A3:9B:02:02:84:C1:89:89:97:56:42:BC:13:E1:EF:AF:6B:EB
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CD5
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/11ejmwIChMGJiZdWQrwT4e-va-s.roa
Signing time: Thu 05 Dec 2024 03:56:19 +0000
ROA not before: Thu 05 Dec 2024 03:56:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3285 (0xcd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 5 03:56:19 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D757A39B020284C18989975642BC13E1EFAF6BEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:8c:cb:9f:da:d6:fa:27:5b:75:1c:98:e1:
39:51:74:3d:e3:2d:84:ce:04:40:e7:d7:38:cd:ec:
05:0c:e4:cc:a8:42:21:b0:6c:07:0a:35:c8:18:58:
5d:fc:7f:47:f4:7a:16:18:bf:78:28:0a:8a:b8:53:
25:78:82:a5:07:e1:8c:06:91:a4:26:4a:86:a6:89:
01:6e:13:bd:0f:83:09:02:d9:68:c6:1e:f0:76:06:
a3:1f:cc:2e:39:9a:34:93:06:7e:02:e2:74:bc:55:
5e:13:76:be:3d:22:0d:e0:d3:f4:79:ec:af:a4:fc:
81:59:22:d9:75:e8:96:d0:04:6d:cd:4b:c8:0e:f3:
13:1c:20:cd:b4:38:a2:bc:33:f3:e8:fb:72:ba:f3:
af:d4:6c:80:b1:ea:bf:48:ed:a8:4b:8e:da:cd:88:
cc:dd:1d:a3:1c:c9:1d:76:a3:3c:56:00:ba:89:5b:
03:0a:85:f2:54:8d:cc:c6:f2:ec:61:6d:fd:38:9d:
cb:bd:0f:f9:a0:2d:19:8f:3b:f6:09:e3:6f:3d:03:
7e:43:7d:6c:c9:65:5a:29:bd:bd:11:2c:99:7a:26:
28:b4:1a:15:c5:6f:6f:ef:a7:79:1c:c7:2d:75:f6:
48:aa:5c:b8:ff:e7:09:21:51:7b:20:c7:22:e5:19:
61:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:57:A3:9B:02:02:84:C1:89:89:97:56:42:BC:13:E1:EF:AF:6B:EB
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/11ejmwIChMGJiZdWQrwT4e-va-s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
50:d4:15:b4:6f:0c:b5:89:58:c2:bb:cb:21:23:38:ba:8b:a9:
ab:5d:42:bd:b8:7c:6e:49:33:9b:14:0a:43:70:c2:a5:a7:17:
13:c3:c1:1b:2a:9e:49:c5:07:8f:43:f5:65:19:0e:54:f7:fd:
ab:f7:a8:5d:fb:54:c9:82:12:3e:d9:b7:61:9b:10:93:e3:84:
31:c2:1e:45:51:48:3a:e4:a0:67:e4:61:73:6c:1f:6d:d0:3f:
db:0b:b6:ce:6e:9f:05:65:54:b0:c2:05:10:ec:b0:4f:03:59:
65:17:20:81:aa:7a:39:4e:02:de:ee:56:50:60:99:83:e6:ca:
e8:87:23:49:fd:9f:e9:ae:88:1e:d2:ed:24:ae:52:88:a9:f1:
19:a5:fb:4a:32:14:75:8d:76:0f:13:61:55:45:bc:b6:a9:92:
dc:8d:08:4a:97:1b:51:6b:55:f2:26:4b:2a:99:60:34:6d:66:
01:d3:e2:f8:11:db:58:b1:5b:df:cf:9d:90:48:6a:ce:40:ab:
f4:ac:ed:b8:45:cb:46:f8:42:25:67:9c:45:18:4b:b4:3e:e1:
c5:52:8a:a1:5f:31:38:9d:c2:89:ee:76:d7:0d:8d:4d:c7:f6:
a4:88:a8:f3:15:9a:5f:9c:d7:a4:67:95:3a:4c:d9:a0:9b:66:
1b:04:83:3c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDUw
MzU2MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ3NTdBMzlCMDIwMjg0
QzE4OTg5OTc1NjQyQkMxM0UxRUZBRjZCRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtiozLn9rW+idbdRyY4TlRdD3jLYTOBEDn1zjN7AUM5MyoQiGw
bAcKNcgYWF38f0f0ehYYv3goCoq4UyV4gqUH4YwGkaQmSoamiQFuE70PgwkC2WjG
HvB2BqMfzC45mjSTBn4C4nS8VV4Tdr49Ig3g0/R57K+k/IFZItl16JbQBG3NS8gO
8xMcIM20OKK8M/Po+3K686/UbICx6r9I7ahLjtrNiMzdHaMcyR12ozxWALqJWwMK
hfJUjczG8uxhbf04ncu9D/mgLRmPO/YJ4289A35DfWzJZVopvb0RLJl6Jii0GhXF
b2/vp3kcxy119kiqXLj/5wkhUXsgxyLlGWEdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU11ejmwIChMGJiZdWQrwT4e+va+swHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvMTFlam13SUNoTUdKaVpkV1Fyd1Q0
ZS12YS1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAUNQVtG8MtYlYwrvLISM4uoupq11Cvbh8bkkzmxQK
Q3DCpacXE8PBGyqeScUHj0P1ZRkOVPf9q/eoXftUyYISPtm3YZsQk+OEMcIeRVFI
OuSgZ+Rhc2wfbdA/2wu2zm6fBWVUsMIFEOywTwNZZRcggap6OU4C3u5WUGCZg+bK
6IcjSf2f6a6IHtLtJK5SiKnxGaX7SjIUdY12DxNhVUW8tqmS3I0ISpcbUWtV8iZL
KplgNG1mAdPi+BHbWLFb38+dkEhqzkCr9KztuEXLRvhCJWecRRhLtD7hxVKKoV8x
OJ3Cie521w2NTcf2pIio8xWaX5zXpGeVOkzZoJtmGwSDPA==
Generated at Thu Dec 5 07:27:53 2024 by rpki-client on console.sobornost.net