Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/YOVPVnIE_LFJhwpuRT0xO5B_ntc.roa
File: YOVPVnIE_LFJhwpuRT0xO5B_ntc.roa (raw, json)
Hash identifier: KO2dqTSawddwvgR54Fwo8nWj554kCIWYAnsCMbQqiO0=
Subject key identifier: 60:E5:4F:56:72:04:FC:B1:49:87:0A:6E:45:3D:31:3B:90:7F:9E:D7
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0C77
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/YOVPVnIE_LFJhwpuRT0xO5B_ntc.roa
Signing time: Wed 04 Dec 2024 04:26:06 +0000
ROA not before: Wed 04 Dec 2024 04:26:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3191 (0xc77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 04:26:06 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=60E54F567204FCB149870A6E453D313B907F9ED7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:f0:ac:6d:f7:19:cc:f5:9b:f0:48:0e:11:
2a:82:c8:8a:9b:85:ae:80:49:5e:ec:c2:81:96:2a:
1a:0d:99:7b:97:53:cd:e6:78:db:14:8a:64:b7:14:
fe:d3:c1:c7:5e:8d:02:58:b4:8d:d3:a2:e4:b5:41:
1f:7a:a1:9c:6d:0f:71:7c:5c:e8:d7:b5:dd:72:05:
c8:32:55:93:1c:97:b9:39:9f:0e:21:a4:d4:d8:a0:
ac:c2:a8:4b:8f:b2:86:06:06:4f:20:93:b6:9e:6f:
d2:05:44:c8:ba:3d:41:31:e3:9c:ee:aa:79:59:b9:
b1:78:d7:7e:25:b3:03:da:cc:88:8b:f9:3b:0e:f9:
6b:10:7a:3c:92:33:4f:48:9c:9e:3f:e8:2b:20:6b:
e4:e6:63:df:a2:1d:05:83:25:8b:43:8a:e1:09:f8:
c8:3c:c9:6b:25:d6:47:25:77:6e:56:79:c6:1a:e5:
6f:25:ef:d8:39:cc:db:14:1b:53:2a:32:cb:1e:b4:
1d:3a:20:ef:23:40:26:48:76:87:a8:d4:a2:cb:02:
6d:b7:0d:1a:94:e5:95:51:7a:06:4d:6e:de:c1:21:
c6:58:4a:21:60:41:65:27:8c:1f:98:0e:bb:96:5f:
44:92:94:79:5c:15:82:46:15:7b:b1:61:9e:c1:5b:
89:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E5:4F:56:72:04:FC:B1:49:87:0A:6E:45:3D:31:3B:90:7F:9E:D7
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/YOVPVnIE_LFJhwpuRT0xO5B_ntc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
89:26:c2:d6:47:23:44:90:6e:42:cd:3e:2c:93:e6:60:d9:19:
8b:53:fb:33:3b:0f:c0:ba:1a:e8:bc:c0:03:2d:48:65:ac:41:
b4:5d:d3:ef:0f:bd:ff:4c:80:96:68:f5:aa:ba:06:57:dc:75:
d3:3f:2d:da:c2:fd:27:91:a0:80:65:be:68:dd:30:7a:98:8d:
c8:16:ba:76:11:1f:34:36:87:fc:40:f2:83:fd:13:de:c7:e8:
a9:26:c5:6e:b7:b0:10:f3:07:ff:c1:ec:e8:8e:c8:f3:5d:73:
ee:15:f1:3b:8c:27:60:58:85:1a:fe:55:ac:de:03:dc:d1:c2:
2c:a4:9f:bb:fc:7c:28:1f:82:b3:61:1a:ea:64:a2:ec:6c:51:
9e:9a:de:eb:67:85:aa:a7:ba:b4:35:a7:0e:a2:90:ff:d1:29:
0b:38:c4:1d:b5:f5:b8:7a:a1:4c:16:5b:5f:58:2f:aa:9c:3a:
2f:c2:05:19:94:9e:cf:7e:5d:57:59:88:ab:30:4e:f1:ab:2b:
d0:03:96:8c:6d:cd:05:28:58:c5:e7:ad:f7:95:9e:71:2d:a1:
6c:cf:77:58:d0:5d:16:12:23:a1:3a:5b:87:33:b3:73:42:75:
4b:43:a7:85:94:98:32:53:f9:fc:4c:4d:f1:5f:66:c9:56:cc:
b5:ed:5c:3f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQw
NDI2MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwRTU0RjU2NzIwNEZD
QjE0OTg3MEE2RTQ1M0QzMTNCOTA3RjlFRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDARfCsbfcZzPWb8EgOESqCyIqbha6ASV7swoGWKhoNmXuXU83m
eNsUimS3FP7TwcdejQJYtI3TouS1QR96oZxtD3F8XOjXtd1yBcgyVZMcl7k5nw4h
pNTYoKzCqEuPsoYGBk8gk7aeb9IFRMi6PUEx45zuqnlZubF4134lswPazIiL+TsO
+WsQejySM09InJ4/6Csga+TmY9+iHQWDJYtDiuEJ+Mg8yWsl1kcld25WecYa5W8l
79g5zNsUG1MqMssetB06IO8jQCZIdoeo1KLLAm23DRqU5ZVRegZNbt7BIcZYSiFg
QWUnjB+YDruWX0SSlHlcFYJGFXuxYZ7BW4kZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYOVPVnIE/LFJhwpuRT0xO5B/ntcwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvWU9WUFZuSUVfTEZKaHdwdVJUMHhP
NUJfbnRjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAiSbC1kcjRJBuQs0+LJPmYNkZi1P7MzsPwLoa6LzA
Ay1IZaxBtF3T7w+9/0yAlmj1qroGV9x10z8t2sL9J5GggGW+aN0wepiNyBa6dhEf
NDaH/EDyg/0T3sfoqSbFbrewEPMH/8Hs6I7I811z7hXxO4wnYFiFGv5VrN4D3NHC
LKSfu/x8KB+Cs2Ea6mSi7GxRnpre62eFqqe6tDWnDqKQ/9EpCzjEHbX1uHqhTBZb
X1gvqpw6L8IFGZSez35dV1mIqzBO8asr0AOWjG3NBShYxeet95WecS2hbM93WNBd
FhIjoTpbhzOzc0J1S0OnhZSYMlP5/ExN8V9myVbMte1cPw==
Generated at Wed Dec 4 07:27:51 2024 by rpki-client on console.sobornost.net