Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/2LrYPgx8qYRum_t6VX6Y4YIsm8Y.roa
File: 2LrYPgx8qYRum_t6VX6Y4YIsm8Y.roa (raw, json)
Hash identifier: FlIGaJ1SGEZTti5G/bqz1rFiAraZMrFt7Fsz7wGQS7o=
Subject key identifier: D8:BA:D8:3E:0C:7C:A9:84:6E:9B:FB:7A:55:7E:98:E1:82:2C:9B:C6
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CC1
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/2LrYPgx8qYRum_t6VX6Y4YIsm8Y.roa
Signing time: Wed 04 Dec 2024 22:56:15 +0000
ROA not before: Wed 04 Dec 2024 22:56:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3265 (0xcc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 22:56:15 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D8BAD83E0C7CA9846E9BFB7A557E98E1822C9BC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:87:02:50:2e:16:b7:36:9f:bf:5d:e4:1f:
20:21:0d:34:b7:ec:39:47:81:0f:89:e9:bd:87:1c:
f4:dc:ac:ba:c3:5b:e8:14:bb:2c:c2:d6:00:ee:13:
5c:6c:46:0f:66:e9:10:42:3c:55:09:13:1a:f9:83:
29:d0:ff:a4:94:22:56:1c:8b:ca:74:9c:f2:ab:60:
f4:1a:11:b3:5c:bc:1c:91:05:2a:43:40:56:8a:ed:
38:b4:96:be:10:f0:9f:01:8e:2c:66:d5:72:b0:81:
cb:0d:af:42:53:ff:e2:53:dd:2f:78:8f:7f:f8:88:
c2:5f:53:fb:4b:cf:fe:00:8b:69:55:cc:14:11:73:
fb:a3:32:4b:15:51:e8:a1:7a:fc:69:8c:9a:4a:3f:
a0:06:c7:57:f5:78:59:d2:ff:71:18:8c:cb:e5:68:
40:05:85:61:d9:0c:93:e4:7d:26:22:ab:48:48:65:
fe:76:12:00:6c:74:56:4b:7c:21:28:68:bf:b5:dc:
21:ed:59:1c:82:18:7b:3f:25:b1:40:44:7f:d6:2f:
63:e5:00:cb:a9:62:d8:1c:f6:0b:48:c2:40:59:da:
86:e5:1f:c1:4a:e7:1f:a3:ce:82:a6:64:16:b1:16:
b7:1c:af:83:43:3d:93:6c:17:b5:ae:64:11:28:2f:
1e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BA:D8:3E:0C:7C:A9:84:6E:9B:FB:7A:55:7E:98:E1:82:2C:9B:C6
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/2LrYPgx8qYRum_t6VX6Y4YIsm8Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:7c:e1:63:48:cf:19:f4:5a:8b:10:97:78:99:e9:aa:7a:fb:
f1:2e:9d:6e:77:43:44:a5:03:e7:91:7a:15:de:65:ca:a9:cd:
0d:01:ec:b0:6c:75:03:89:0d:20:2d:6f:d5:d1:bb:11:fa:94:
ad:74:7a:dc:62:e5:80:ab:ea:d1:4b:43:2e:ae:b8:90:a5:f1:
9a:28:6f:f0:bc:a7:2d:16:88:aa:0d:e0:e9:c7:0a:d0:36:e9:
fc:15:8f:56:20:bf:d6:d6:51:00:d4:9a:e0:5b:1f:98:33:76:
84:38:b9:aa:cb:53:17:53:0f:8b:6c:ae:40:ba:b9:32:54:f4:
71:b5:2d:fe:72:04:41:7e:f4:45:10:23:87:c0:db:11:59:2c:
bd:e0:44:75:44:b4:89:22:a2:4b:7f:de:14:11:d5:34:e8:d4:
d5:53:e3:c2:a3:1c:37:ba:31:dc:66:6e:d7:27:55:fa:78:35:
e3:e5:7a:6e:3e:63:5e:3f:8c:54:ee:15:9f:1c:34:11:d1:4e:
c4:79:98:bc:1f:15:10:d7:1f:6e:e4:ea:41:f0:e5:fe:1a:b3:
68:d5:2b:ea:6d:22:0b:6a:ba:09:df:4a:3a:6f:69:45:e4:ff:
b2:3d:0d:ef:fe:e4:b2:26:83:01:b2:a2:b9:4f:9f:5c:91:76:
11:b0:1d:1a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQy
MjU2MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4QkFEODNFMEM3Q0E5
ODQ2RTlCRkI3QTU1N0U5OEUxODIyQzlCQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpZ4cCUC4Wtzafv13kHyAhDTS37DlHgQ+J6b2HHPTcrLrDW+gU
uyzC1gDuE1xsRg9m6RBCPFUJExr5gynQ/6SUIlYci8p0nPKrYPQaEbNcvByRBSpD
QFaK7Ti0lr4Q8J8Bjixm1XKwgcsNr0JT/+JT3S94j3/4iMJfU/tLz/4Ai2lVzBQR
c/ujMksVUeihevxpjJpKP6AGx1f1eFnS/3EYjMvlaEAFhWHZDJPkfSYiq0hIZf52
EgBsdFZLfCEoaL+13CHtWRyCGHs/JbFARH/WL2PlAMupYtgc9gtIwkBZ2oblH8FK
5x+jzoKmZBaxFrccr4NDPZNsF7WuZBEoLx5hAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2LrYPgx8qYRum/t6VX6Y4YIsm8YwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvMkxyWVBneDhxWVJ1bV90NlZYNlk0
WUlzbThZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEADnzhY0jPGfRaixCXeJnpqnr78S6dbndDRKUD55F6
Fd5lyqnNDQHssGx1A4kNIC1v1dG7EfqUrXR63GLlgKvq0UtDLq64kKXxmihv8Lyn
LRaIqg3g6ccK0Dbp/BWPViC/1tZRANSa4FsfmDN2hDi5qstTF1MPi2yuQLq5MlT0
cbUt/nIEQX70RRAjh8DbEVksveBEdUS0iSKiS3/eFBHVNOjU1VPjwqMcN7ox3GZu
1ydV+ng14+V6bj5jXj+MVO4Vnxw0EdFOxHmYvB8VENcfbuTqQfDl/hqzaNUr6m0i
C2q6Cd9KOm9pReT/sj0N7/7ksiaDAbKiuU+fXJF2EbAdGg==
Generated at Thu Dec 5 03:49:36 2024 by rpki-client on console.sobornost.net