Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/LvJiReTTdilHJ_T-ChGgNV1wPKo.roa
File: LvJiReTTdilHJ_T-ChGgNV1wPKo.roa (raw, json)
Hash identifier: Xz8mAB2Huhhc5NeuX5txdTFmibG4o3/ExR/qk85a++I=
Subject key identifier: 2E:F2:62:45:E4:D3:76:29:47:27:F4:FE:0A:11:A0:35:5D:70:3C:AA
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0C8D
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/LvJiReTTdilHJ_T-ChGgNV1wPKo.roa
Signing time: Wed 04 Dec 2024 09:56:08 +0000
ROA not before: Wed 04 Dec 2024 09:56:08 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3213 (0xc8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 09:56:08 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2EF26245E4D376294727F4FE0A11A0355D703CAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2c:9a:7d:8d:7f:4b:a1:a4:52:90:34:08:2c:
a2:ce:df:de:3c:b3:86:dc:1e:8d:fb:41:cf:05:61:
d6:5d:82:4c:19:2a:bd:bd:df:8e:53:3a:ac:25:ba:
b1:2e:7d:ff:21:5e:0f:c8:44:47:84:d5:d7:da:92:
d7:16:55:e6:2a:25:10:cf:e2:44:6f:b1:56:3a:8e:
77:1e:dd:3d:08:27:27:4b:40:01:99:00:ab:43:99:
c2:f6:a3:58:70:00:02:18:46:66:35:1f:0b:52:b6:
33:af:ba:c5:3e:aa:c9:1b:e1:e2:8d:c1:b3:7a:b8:
b7:3e:1c:36:46:e5:ec:67:9e:75:41:d6:84:e9:f3:
17:5f:c7:22:2f:be:00:d8:8f:d7:c1:22:ca:f2:01:
57:29:79:1f:2d:2b:b7:90:c3:90:3c:51:59:5a:ce:
fe:e8:76:f3:d0:4d:b4:96:c9:9c:09:90:27:5b:c0:
db:06:13:49:f5:fd:11:4d:f3:0d:cc:77:90:52:48:
ea:d3:fa:7b:b8:14:4b:8d:77:71:b1:60:a6:7b:09:
40:b8:94:c5:96:fb:02:cf:e3:18:0f:d5:76:6d:40:
0b:71:de:c3:76:2d:50:22:df:ae:c1:c5:3b:f7:9b:
4e:dc:c0:89:40:e5:c0:ff:56:c0:ee:d5:6a:c0:bd:
41:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F2:62:45:E4:D3:76:29:47:27:F4:FE:0A:11:A0:35:5D:70:3C:AA
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/LvJiReTTdilHJ_T-ChGgNV1wPKo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
09:90:8b:e4:8f:b8:72:86:7f:7f:76:76:dd:6a:46:e8:1a:91:
df:16:9a:cb:82:f8:4d:f5:ab:5c:00:7a:a0:f2:b0:63:44:84:
99:84:aa:d4:ac:e5:e9:90:95:9d:41:ef:37:49:85:28:7c:06:
d7:2f:4b:13:6b:88:78:9d:66:8a:14:34:99:e5:91:81:8e:87:
42:5c:2b:29:7e:ca:c2:2d:3e:95:c8:32:64:93:28:35:b4:ac:
f5:e1:59:eb:14:ae:1c:61:58:27:0e:08:ff:c3:b0:d5:88:e2:
c4:0b:9a:7e:fb:56:ff:00:e9:bb:41:51:b6:e9:36:50:ea:84:
22:88:ee:e1:65:f5:60:ff:bd:7e:1c:c1:d5:94:04:a4:53:1a:
20:51:24:f2:92:8d:cb:3b:e4:14:c0:25:4e:21:cb:2e:a9:49:
b7:bd:97:a9:f8:ee:89:4e:18:f7:c3:37:5e:95:bb:c1:93:2a:
1c:68:95:97:b2:eb:97:1c:91:75:7a:2b:3b:6b:c2:d7:ed:71:
ef:e8:7a:aa:e1:3a:74:e0:fc:30:f6:a7:07:e7:d0:b3:d0:f6:
2c:4c:bd:0d:fe:42:22:c1:d6:91:89:59:f3:e8:33:fc:e1:5f:
d6:d1:18:8b:82:d6:bd:ad:36:ac:92:aa:5a:25:cc:84:b2:5a:
6b:6b:5e:74
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQw
OTU2MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJFRjI2MjQ1RTREMzc2
Mjk0NzI3RjRGRTBBMTFBMDM1NUQ3MDNDQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0LJp9jX9LoaRSkDQILKLO3948s4bcHo37Qc8FYdZdgkwZKr29
345TOqwlurEuff8hXg/IREeE1dfaktcWVeYqJRDP4kRvsVY6jnce3T0IJydLQAGZ
AKtDmcL2o1hwAAIYRmY1HwtStjOvusU+qskb4eKNwbN6uLc+HDZG5exnnnVB1oTp
8xdfxyIvvgDYj9fBIsryAVcpeR8tK7eQw5A8UVlazv7odvPQTbSWyZwJkCdbwNsG
E0n1/RFN8w3Md5BSSOrT+nu4FEuNd3GxYKZ7CUC4lMWW+wLP4xgP1XZtQAtx3sN2
LVAi367BxTv3m07cwIlA5cD/VsDu1WrAvUEPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULvJiReTTdilHJ/T+ChGgNV1wPKowHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvTHZKaVJlVFRkaWxISl9ULUNoR2dO
VjF3UEtvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEACZCL5I+4coZ/f3Z23WpG6BqR3xaay4L4TfWrXAB6
oPKwY0SEmYSq1Kzl6ZCVnUHvN0mFKHwG1y9LE2uIeJ1mihQ0meWRgY6HQlwrKX7K
wi0+lcgyZJMoNbSs9eFZ6xSuHGFYJw4I/8Ow1YjixAuafvtW/wDpu0FRtuk2UOqE
Ioju4WX1YP+9fhzB1ZQEpFMaIFEk8pKNyzvkFMAlTiHLLqlJt72XqfjuiU4Y98M3
XpW7wZMqHGiVl7LrlxyRdXorO2vC1+1x7+h6quE6dOD8MPanB+fQs9D2LEy9Df5C
IsHWkYlZ8+gz/OFf1tEYi4LWva02rJKqWiXMhLJaa2tedA==
Generated at Wed Dec 4 13:11:26 2024 by rpki-client on console.sobornost.net