Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/bUnLp9h68l_RGD9kE0SpcB0Hrks.roa
File: bUnLp9h68l_RGD9kE0SpcB0Hrks.roa (raw, json)
Hash identifier: PHm+IpYldT4qQO0E3gwwo0boVvzfTpqUfr4/4gHKMbU=
Subject key identifier: 6D:49:CB:A7:D8:7A:F2:5F:D1:18:3F:64:13:44:A9:70:1D:07:AE:4B
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CB9
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/bUnLp9h68l_RGD9kE0SpcB0Hrks.roa
Signing time: Wed 04 Dec 2024 20:56:16 +0000
ROA not before: Wed 04 Dec 2024 20:56:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3257 (0xcb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 20:56:16 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=6D49CBA7D87AF25FD1183F641344A9701D07AE4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:9b:9d:f2:8c:5f:32:23:9f:af:d5:6e:14:
9d:ab:34:2a:65:8e:94:7d:8e:ad:44:64:bd:a0:b7:
2a:25:fd:3d:fb:f8:df:9c:12:65:ea:af:30:dc:aa:
57:7a:ea:ae:73:a1:da:0e:16:d6:3f:14:e4:3c:16:
02:2f:0e:9c:94:ef:3e:97:c6:17:6f:89:1e:44:f5:
68:32:37:43:2b:34:58:06:4d:80:7d:7b:6b:2d:af:
53:47:f6:3e:8f:a7:fd:10:59:71:83:45:0b:07:78:
8a:c3:20:fa:7f:36:6e:db:53:8b:2d:52:44:4a:5c:
3d:9e:19:57:e5:e3:08:51:08:52:e4:a7:2d:19:5a:
d2:70:30:91:03:bf:4f:ac:ce:95:0d:7d:4e:4e:b0:
d7:9f:72:ef:ad:98:88:c1:a4:12:87:02:cb:f5:ea:
83:e6:6f:97:b5:28:f8:0c:f1:bf:4e:d4:fc:d5:70:
7f:14:ca:86:ec:2a:05:01:70:0b:56:a1:02:bd:37:
b5:80:a4:b8:3a:fd:eb:db:98:0f:ba:0c:1c:c9:42:
19:bb:16:cb:98:53:0e:f7:42:89:4e:18:5b:2b:9f:
2c:76:79:44:c1:1f:e4:bc:a4:ba:bb:f4:d5:95:bd:
26:f1:6f:25:5e:6c:57:0d:df:89:e9:0b:d1:90:0d:
28:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:49:CB:A7:D8:7A:F2:5F:D1:18:3F:64:13:44:A9:70:1D:07:AE:4B
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/bUnLp9h68l_RGD9kE0SpcB0Hrks.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
15:c9:b1:f6:0d:9e:80:12:43:6a:24:c5:66:7a:d4:f1:59:30:
2f:1a:33:77:ae:49:ee:5b:bb:14:57:27:41:72:9f:a5:33:08:
27:69:f0:98:47:db:c2:77:1c:8c:16:c1:c5:54:4b:bf:63:bf:
84:d7:c9:05:a7:25:cc:54:49:de:6b:76:bf:45:c6:e9:1c:b7:
f8:8b:c0:dc:e5:d9:47:ad:b8:99:1a:15:3a:19:e1:d4:b9:5a:
12:c8:05:45:b4:32:d3:fb:79:be:c0:67:35:5e:29:5f:78:76:
6d:23:53:35:3e:86:ba:81:1f:c6:45:64:ec:4d:65:dd:f7:45:
97:1c:a2:fb:47:ed:12:5d:01:56:e4:20:41:cb:51:d8:63:72:
6a:c7:6f:49:03:0a:a6:66:38:2f:34:c9:8b:f0:e6:0a:e9:a0:
ca:5c:06:81:dd:c1:75:74:8d:cb:fb:a8:7e:14:c3:e8:8a:d7:
f9:5c:53:76:82:74:b4:b9:16:f7:d6:3b:c3:0d:1f:41:c7:cb:
0e:a8:38:45:6a:12:6d:60:79:7d:d3:c3:73:44:40:23:8f:b2:
75:f9:b2:96:9d:2e:48:41:ed:84:5a:26:08:ef:c3:17:09:4c:
28:b2:fa:6a:07:32:0d:82:ff:ca:5f:b6:c0:5c:86:05:ec:4f:
fe:cf:06:e4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQy
MDU2MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZENDlDQkE3RDg3QUYy
NUZEMTE4M0Y2NDEzNDRBOTcwMUQwN0FFNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6FZud8oxfMiOfr9VuFJ2rNCpljpR9jq1EZL2gtyol/T37+N+c
EmXqrzDcqld66q5zodoOFtY/FOQ8FgIvDpyU7z6XxhdviR5E9WgyN0MrNFgGTYB9
e2str1NH9j6Pp/0QWXGDRQsHeIrDIPp/Nm7bU4stUkRKXD2eGVfl4whRCFLkpy0Z
WtJwMJEDv0+szpUNfU5OsNefcu+tmIjBpBKHAsv16oPmb5e1KPgM8b9O1PzVcH8U
yobsKgUBcAtWoQK9N7WApLg6/evbmA+6DBzJQhm7FsuYUw73QolOGFsrnyx2eUTB
H+S8pLq79NWVvSbxbyVebFcN34npC9GQDSj7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUbUnLp9h68l/RGD9kE0SpcB0HrkswHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvYlVuTHA5aDY4bF9SR0Q5a0UwU3Bj
QjBIcmtzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAFcmx9g2egBJDaiTFZnrU8VkwLxozd65J7lu7FFcn
QXKfpTMIJ2nwmEfbwnccjBbBxVRLv2O/hNfJBaclzFRJ3mt2v0XG6Ry3+IvA3OXZ
R624mRoVOhnh1LlaEsgFRbQy0/t5vsBnNV4pX3h2bSNTNT6GuoEfxkVk7E1l3fdF
lxyi+0ftEl0BVuQgQctR2GNyasdvSQMKpmY4LzTJi/DmCumgylwGgd3BdXSNy/uo
fhTD6IrX+VxTdoJ0tLkW99Y7ww0fQcfLDqg4RWoSbWB5fdPDc0RAI4+ydfmylp0u
SEHthFomCO/DFwlMKLL6agcyDYL/yl+2wFyGBexP/s8G5A==
Generated at Thu Dec 5 01:45:33 2024 by rpki-client on console.sobornost.net