Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/WvgV98tCjL2uktGqQx_L1Bd579s.roa
File: WvgV98tCjL2uktGqQx_L1Bd579s.roa (raw, json)
Hash identifier: lLoMxVNcv+T/ox+gDbeWH7ewvq9msFF6f5Ufn0TD5QQ=
Subject key identifier: 5A:F8:15:F7:CB:42:8C:BD:AE:92:D1:AA:43:1F:CB:D4:17:79:EF:DB
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CA9
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/WvgV98tCjL2uktGqQx_L1Bd579s.roa
Signing time: Wed 04 Dec 2024 16:56:15 +0000
ROA not before: Wed 04 Dec 2024 16:56:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3241 (0xca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 16:56:15 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5AF815F7CB428CBDAE92D1AA431FCBD41779EFDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ed:1f:97:04:c1:02:91:66:af:3f:1c:0b:b7:
07:83:23:af:d5:4c:9a:42:fe:69:46:8a:4f:d6:4c:
78:f2:38:4c:22:b8:ce:78:0e:3c:81:ed:a5:26:b3:
65:90:a5:83:f1:c6:5c:d0:dd:11:a5:6e:b6:1a:5c:
d2:fd:7f:42:73:47:be:18:41:6a:e7:b7:48:77:9e:
dc:9e:fc:a5:ca:52:6d:6b:2d:b4:cd:3c:18:f0:0e:
67:73:a9:70:49:04:0d:83:82:d2:f2:ee:2b:48:c0:
af:dc:fb:cc:00:59:b8:a1:f6:68:20:34:23:a4:95:
1b:6d:65:23:ed:2c:8d:98:0c:28:45:6e:77:05:e9:
35:90:3a:13:ae:4a:62:88:f5:c5:75:96:2f:db:8d:
36:13:6c:07:73:ef:64:82:23:36:32:93:3b:19:85:
c6:dd:9e:33:fc:89:f3:37:38:6b:f7:89:84:36:a1:
c6:c3:dc:13:32:b2:e6:22:ac:37:c4:a9:38:49:7e:
c6:45:5d:7c:cb:63:4b:07:cd:35:d5:fe:d3:7f:cf:
44:4b:a8:2e:f6:0a:ec:54:bb:d6:f3:6c:d1:d9:76:
3c:51:ab:c3:b1:5a:bc:c8:dd:46:0e:7d:91:74:b6:
91:e5:f0:76:aa:b0:eb:21:f7:92:ba:fe:9f:98:f7:
63:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F8:15:F7:CB:42:8C:BD:AE:92:D1:AA:43:1F:CB:D4:17:79:EF:DB
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/WvgV98tCjL2uktGqQx_L1Bd579s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
84:a2:71:5b:73:79:01:70:ff:5b:9c:37:49:06:ae:56:fd:f2:
7f:c5:d7:07:c3:0d:0a:a4:53:46:73:5b:6b:da:25:f8:d3:83:
f3:8b:58:4a:7f:4d:74:48:56:6d:2e:8a:58:1d:02:d5:34:e1:
37:11:a8:b3:ee:d1:66:27:84:52:02:94:71:0d:b1:13:f5:6e:
d9:1d:c9:0c:fa:81:f2:a1:40:ae:7e:fa:bc:c6:78:5a:f1:f3:
de:2a:3a:ad:7d:28:d1:f9:34:43:d7:a9:89:03:d3:5e:26:6a:
a2:00:42:72:02:94:94:4f:b5:84:69:06:0c:ea:56:c2:a3:d5:
a8:64:f8:5b:bd:94:36:50:cf:f9:fe:96:9f:1a:01:8e:39:92:
a5:77:ae:87:30:de:35:0f:37:d3:99:5b:aa:52:86:55:14:98:
ce:37:c5:2c:2a:40:65:be:87:d3:37:f1:3a:37:cb:c4:e1:bc:
e8:2a:3d:4b:cc:f3:f7:4a:fb:8a:96:e2:39:cd:dd:ff:ac:e1:
3e:0d:97:d7:fb:a4:5c:cb:60:28:96:78:a8:16:58:a3:97:de:
17:b2:c4:07:dc:38:74:f8:a2:b5:ec:fb:94:96:39:7a:75:10:
4e:a4:fe:dd:97:ae:ab:42:c0:26:a3:23:d3:8d:00:e7:69:74:
90:f9:ee:6d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQx
NjU2MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVBRjgxNUY3Q0I0MjhD
QkRBRTkyRDFBQTQzMUZDQkQ0MTc3OUVGREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDn7R+XBMECkWavPxwLtweDI6/VTJpC/mlGik/WTHjyOEwiuM54
DjyB7aUms2WQpYPxxlzQ3RGlbrYaXNL9f0JzR74YQWrnt0h3ntye/KXKUm1rLbTN
PBjwDmdzqXBJBA2DgtLy7itIwK/c+8wAWbih9mggNCOklRttZSPtLI2YDChFbncF
6TWQOhOuSmKI9cV1li/bjTYTbAdz72SCIzYykzsZhcbdnjP8ifM3OGv3iYQ2ocbD
3BMysuYirDfEqThJfsZFXXzLY0sHzTXV/tN/z0RLqC72CuxUu9bzbNHZdjxRq8Ox
WrzI3UYOfZF0tpHl8HaqsOsh95K6/p+Y92OLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUWvgV98tCjL2uktGqQx/L1Bd579swHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvV3ZnVjk4dENqTDJ1a3RHcVF4X0wx
QmQ1NzlzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAhKJxW3N5AXD/W5w3SQauVv3yf8XXB8MNCqRTRnNb
a9ol+NOD84tYSn9NdEhWbS6KWB0C1TThNxGos+7RZieEUgKUcQ2xE/Vu2R3JDPqB
8qFArn76vMZ4WvHz3io6rX0o0fk0Q9epiQPTXiZqogBCcgKUlE+1hGkGDOpWwqPV
qGT4W72UNlDP+f6WnxoBjjmSpXeuhzDeNQ8305lbqlKGVRSYzjfFLCpAZb6H0zfx
OjfLxOG86Co9S8zz90r7ipbiOc3d/6zhPg2X1/ukXMtgKJZ4qBZYo5feF7LEB9w4
dPiitez7lJY5enUQTqT+3Zeuq0LAJqMj040A52l0kPnubQ==
Generated at Wed Dec 4 20:33:30 2024 by rpki-client on console.sobornost.net