Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/X5MsTZPWlidbjRsNBFIbPV0vUME.roa
File: X5MsTZPWlidbjRsNBFIbPV0vUME.roa (raw, json)
Hash identifier: OQp7zlhJEAGWNTM1PnLUDZA8oN6X51VhLqQDQq5vyNQ=
Subject key identifier: 5F:93:2C:4D:93:D6:96:27:5B:8D:1B:0D:04:52:1B:3D:5D:2F:50:C1
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CE5
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/X5MsTZPWlidbjRsNBFIbPV0vUME.roa
Signing time: Thu 05 Dec 2024 07:56:20 +0000
ROA not before: Thu 05 Dec 2024 07:56:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3301 (0xce5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 5 07:56:20 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5F932C4D93D696275B8D1B0D04521B3D5D2F50C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:21:1f:84:9b:4e:24:bc:a3:8c:c0:13:ef:9e:
62:1b:45:1a:d9:07:36:59:1c:da:39:9a:3c:f2:e9:
82:88:c5:b8:8e:de:8d:46:93:4e:a4:ce:34:ce:ff:
d8:99:72:e6:15:5e:ff:42:c5:f7:ab:6d:f1:e0:3f:
4a:14:c6:a7:65:e9:e7:6c:c5:58:19:d7:1e:a8:ce:
30:3d:fd:53:2d:bd:fc:98:67:04:bc:24:08:c8:b0:
36:f1:46:ee:c4:f2:20:be:bd:19:f8:99:12:7a:9d:
39:80:df:b7:00:c5:18:dd:2b:e3:9e:89:b3:05:0d:
24:4d:f2:33:c3:ff:bb:71:3f:cb:57:b8:c5:b4:b9:
65:b3:50:58:59:5e:08:73:2d:3e:4f:46:f4:47:95:
c7:3d:fc:e5:51:9a:a0:9b:a8:0a:7a:96:5b:88:21:
c2:ac:39:fa:73:37:85:e9:03:20:3d:41:fc:4e:66:
42:df:4e:e9:59:fc:b6:74:ed:88:df:e9:a5:48:8a:
32:5a:f1:05:12:c0:cb:b7:2f:10:11:fa:a8:ce:5c:
8f:8c:17:cb:ff:90:ec:02:2c:fc:0e:a3:d2:ad:c1:
e5:af:eb:df:36:c2:89:70:01:24:1e:3a:7c:a2:01:
78:84:e2:46:98:20:dd:65:e4:5e:08:7a:b7:a0:6e:
ff:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:93:2C:4D:93:D6:96:27:5B:8D:1B:0D:04:52:1B:3D:5D:2F:50:C1
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/X5MsTZPWlidbjRsNBFIbPV0vUME.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
76:70:6e:4c:43:b0:10:d6:62:84:59:91:d7:be:a9:16:6e:87:
e6:06:48:e5:4f:77:fe:ce:d7:de:18:6a:fe:5e:af:f7:7e:35:
d9:c7:f5:be:74:26:05:09:4f:60:88:95:fb:32:7c:25:c3:8b:
ac:3a:48:d6:c7:ef:b5:2d:9f:77:4d:74:ff:6a:62:93:e0:1f:
b9:d2:03:72:2e:39:24:1f:3b:8b:c3:35:ac:29:6f:e2:44:a5:
5a:3e:4a:4c:e1:e7:47:fd:6b:b7:6d:54:4d:79:56:b0:6d:4b:
26:eb:ca:3c:85:0a:1e:5d:c7:93:ca:ac:87:ee:22:67:92:82:
41:1f:93:57:4a:fe:f6:02:c1:34:04:d5:6f:a3:c6:41:20:b4:
06:0e:a6:af:8b:4c:cc:ba:e1:32:44:51:6e:2d:13:9c:2a:e9:
cb:d7:42:dd:f4:a1:69:e2:84:ae:9c:82:7f:18:89:16:02:7f:
85:93:ff:d9:88:ba:cc:88:1a:9f:04:1f:b2:df:be:da:04:53:
9b:40:d8:e0:35:3c:db:3f:65:ab:d0:6f:36:d1:81:ff:79:6c:
70:bd:74:ec:27:f6:67:d2:82:6a:1a:a4:41:f6:cd:bc:e7:a2:
bc:9a:c0:13:0c:0a:0c:96:ac:99:4c:46:2a:7d:05:e8:b3:a3:
64:64:29:74
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDUw
NzU2MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVGOTMyQzREOTNENjk2
Mjc1QjhEMUIwRDA0NTIxQjNENUQyRjUwQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7IR+Em04kvKOMwBPvnmIbRRrZBzZZHNo5mjzy6YKIxbiO3o1G
k06kzjTO/9iZcuYVXv9CxferbfHgP0oUxqdl6edsxVgZ1x6ozjA9/VMtvfyYZwS8
JAjIsDbxRu7E8iC+vRn4mRJ6nTmA37cAxRjdK+OeibMFDSRN8jPD/7txP8tXuMW0
uWWzUFhZXghzLT5PRvRHlcc9/OVRmqCbqAp6lluIIcKsOfpzN4XpAyA9QfxOZkLf
TulZ/LZ07Yjf6aVIijJa8QUSwMu3LxAR+qjOXI+MF8v/kOwCLPwOo9KtweWv6982
wolwASQeOnyiAXiE4kaYIN1l5F4Ieregbv9pAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUX5MsTZPWlidbjRsNBFIbPV0vUMEwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvWDVNc1RaUFdsaWRialJzTkJGSWJQ
VjB2VU1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAdnBuTEOwENZihFmR176pFm6H5gZI5U93/s7X3hhq
/l6v93412cf1vnQmBQlPYIiV+zJ8JcOLrDpI1sfvtS2fd010/2pik+AfudIDci45
JB87i8M1rClv4kSlWj5KTOHnR/1rt21UTXlWsG1LJuvKPIUKHl3Hk8qsh+4iZ5KC
QR+TV0r+9gLBNATVb6PGQSC0Bg6mr4tMzLrhMkRRbi0TnCrpy9dC3fShaeKErpyC
fxiJFgJ/hZP/2Yi6zIganwQfst++2gRTm0DY4DU82z9lq9BvNtGB/3lscL107Cf2
Z9KCahqkQfbNvOeivJrAEwwKDJasmUxGKn0F6LOjZGQpdA==
Generated at Thu Dec 5 11:17:32 2024 by rpki-client on console.sobornost.net