Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/PQ7D8225IxMpl_RDLbZVokAR3XE.roa
File: PQ7D8225IxMpl_RDLbZVokAR3XE.roa (raw, json)
Hash identifier: O3+LYAPgagAeLUgCePU7ICGYn+yG6U2byrs6MuHR4Ts=
Subject key identifier: 3D:0E:C3:F3:6D:B9:23:13:29:97:F4:43:2D:B6:55:A2:40:11:DD:71
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0C9B
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/PQ7D8225IxMpl_RDLbZVokAR3XE.roa
Signing time: Wed 04 Dec 2024 13:26:10 +0000
ROA not before: Wed 04 Dec 2024 13:26:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3227 (0xc9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 13:26:10 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3D0EC3F36DB923132997F4432DB655A24011DD71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:01:74:e4:50:9b:08:34:4b:80:a9:d8:b4:0c:
ef:17:43:53:71:a7:d8:7a:d2:65:d7:be:d7:7e:19:
db:e6:7d:06:77:ef:1d:6f:ef:54:04:19:34:f8:04:
99:e2:b3:91:10:5e:07:92:8d:5e:af:87:64:d7:96:
0f:84:7f:11:9a:f0:b2:2b:2a:50:6c:1d:a8:49:cd:
1d:d8:81:38:5d:45:86:2e:f2:90:71:71:6e:3d:32:
1c:86:d4:de:9d:95:1b:a4:7e:ef:b8:83:46:a1:4c:
67:a8:4c:6b:2d:53:b8:5d:3a:ea:99:bc:30:e8:72:
5c:ae:2c:34:59:ea:9f:4d:8f:2e:c3:0d:19:ca:0e:
ac:ad:5b:80:41:ee:53:18:d3:08:29:35:a8:0c:8f:
f2:cb:39:d9:4c:6c:59:a8:0a:eb:4e:14:1e:cd:bd:
32:c4:f9:74:d0:28:c5:95:86:a5:a2:d8:ba:e2:74:
aa:07:3e:26:05:2b:9c:1b:33:66:01:66:2c:1e:cc:
ee:41:73:2c:50:69:2b:65:88:12:7c:b7:d5:26:f4:
aa:3e:8c:83:64:e2:64:f3:bc:17:e1:43:ec:ce:dc:
69:92:60:16:c4:f6:52:bf:37:9b:21:14:03:a2:41:
8d:cf:19:68:11:f2:fe:35:3a:e2:e9:7b:9e:b3:ee:
fe:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:0E:C3:F3:6D:B9:23:13:29:97:F4:43:2D:B6:55:A2:40:11:DD:71
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/PQ7D8225IxMpl_RDLbZVokAR3XE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
33:8c:40:ab:38:9c:a8:ce:d3:9e:9b:ea:a1:7e:9f:68:8e:4a:
55:37:7a:1b:1f:dd:49:1d:ba:cb:52:12:8f:27:4a:ac:75:e1:
89:00:fe:fd:7a:d8:43:29:75:5c:02:cc:4b:5d:68:26:08:ff:
89:b4:40:97:3e:b9:43:44:43:69:5b:06:f6:28:23:32:1c:58:
a3:09:82:03:c6:d0:dd:e1:b6:53:08:f4:21:d8:08:32:91:a5:
f5:57:1c:8c:ec:aa:f7:4f:07:b9:67:92:28:a1:02:1d:3d:3c:
6a:af:5f:fc:41:19:5d:2d:73:29:bd:4b:84:83:82:5e:87:84:
f4:7b:f5:62:99:25:4d:5c:61:39:ad:e9:ef:a7:e6:b0:6a:8e:
58:89:ec:47:a4:22:39:06:87:95:03:11:37:58:16:7d:a1:95:
85:3e:d7:cb:27:a1:46:e0:1b:df:43:42:b7:87:13:21:2a:0e:
14:64:00:40:1a:09:6c:43:93:58:1b:9b:05:15:25:0c:5b:94:
6a:55:cb:20:0b:3f:b9:72:50:1a:c5:da:2e:0f:52:e1:83:8e:
e3:28:3a:2b:f6:a9:a7:d2:db:6f:b6:91:aa:ee:76:57:c1:aa:
9e:59:95:3b:f3:90:cc:a0:31:18:9b:54:ce:e3:15:05:1e:af:
70:19:27:50
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQx
MzI2MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNEMEVDM0YzNkRCOTIz
MTMyOTk3RjQ0MzJEQjY1NUEyNDAxMURENzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRAXTkUJsINEuAqdi0DO8XQ1Nxp9h60mXXvtd+GdvmfQZ37x1v
71QEGTT4BJnis5EQXgeSjV6vh2TXlg+EfxGa8LIrKlBsHahJzR3YgThdRYYu8pBx
cW49MhyG1N6dlRukfu+4g0ahTGeoTGstU7hdOuqZvDDoclyuLDRZ6p9Njy7DDRnK
DqytW4BB7lMY0wgpNagMj/LLOdlMbFmoCutOFB7NvTLE+XTQKMWVhqWi2LridKoH
PiYFK5wbM2YBZiwezO5BcyxQaStliBJ8t9Um9Ko+jINk4mTzvBfhQ+zO3GmSYBbE
9lK/N5shFAOiQY3PGWgR8v41OuLpe56z7v4JAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPQ7D8225IxMpl/RDLbZVokAR3XEwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvUFE3RDgyMjVJeE1wbF9SRExiWlZv
a0FSM1hFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAM4xAqzicqM7TnpvqoX6faI5KVTd6Gx/dSR26y1IS
jydKrHXhiQD+/XrYQyl1XALMS11oJgj/ibRAlz65Q0RDaVsG9igjMhxYowmCA8bQ
3eG2Uwj0IdgIMpGl9VccjOyq908HuWeSKKECHT08aq9f/EEZXS1zKb1LhIOCXoeE
9Hv1YpklTVxhOa3p76fmsGqOWInsR6QiOQaHlQMRN1gWfaGVhT7XyyehRuAb30NC
t4cTISoOFGQAQBoJbEOTWBubBRUlDFuUalXLIAs/uXJQGsXaLg9S4YOO4yg6K/ap
p9Lbb7aRqu52V8GqnlmVO/OQzKAxGJtUzuMVBR6vcBknUA==
Generated at Wed Dec 4 16:50:24 2024 by rpki-client on console.sobornost.net