Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/cfe6JcebdZuU81HHP5arMIYuGGY.roa
File: cfe6JcebdZuU81HHP5arMIYuGGY.roa (raw, json)
Hash identifier: TW98CUHr+ly2BsMC4OHKrddQahnhk80//4mXSGIk2l4=
Subject key identifier: 71:F7:BA:25:C7:9B:75:9B:94:F3:51:C7:3F:96:AB:30:86:2E:18:66
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0CA3
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/cfe6JcebdZuU81HHP5arMIYuGGY.roa
Signing time: Wed 04 Dec 2024 15:26:13 +0000
ROA not before: Wed 04 Dec 2024 15:26:13 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3235 (0xca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 15:26:13 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=71F7BA25C79B759B94F351C73F96AB30862E1866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bf:90:b3:81:ad:73:2e:18:73:0c:e1:c0:06:
ef:bb:36:a8:e2:a0:70:74:60:d2:7d:05:10:dd:e5:
a0:6e:f3:48:6a:4d:fe:3d:33:b1:49:da:1a:d6:1d:
10:c4:ec:1a:07:44:ae:bb:c4:4d:9d:1d:93:3b:dd:
fe:61:df:68:e0:dd:39:87:8a:ea:e7:47:ae:6a:59:
0d:dc:45:f2:77:7e:0f:44:91:6a:5a:d4:20:1b:a1:
4d:6e:84:c2:b5:1b:11:3a:e7:3b:d8:97:fe:a3:fe:
72:80:bc:62:2a:4c:ac:0d:2b:9d:44:d4:bd:27:4f:
04:77:5f:9f:7a:42:5c:da:c2:3a:91:56:63:b4:5a:
3d:83:93:af:94:4a:e5:2d:60:44:97:94:d0:84:cf:
c7:17:bc:77:d5:2e:95:34:d6:80:c4:35:44:9e:05:
34:6d:dd:27:92:34:f2:83:3b:32:c3:95:1b:7a:0d:
56:1c:3b:0a:34:ec:27:62:06:66:59:d1:39:2f:c7:
87:03:eb:73:37:4d:df:84:60:78:8c:39:3c:46:a0:
dc:7b:d8:b2:8b:2d:e0:72:ab:d7:f3:03:72:ef:97:
c3:73:5f:4d:9e:32:9a:ad:9e:ae:f0:a2:56:3f:14:
48:17:d6:00:64:ef:c8:27:c8:e0:ea:c1:65:5d:30:
d8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F7:BA:25:C7:9B:75:9B:94:F3:51:C7:3F:96:AB:30:86:2E:18:66
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/cfe6JcebdZuU81HHP5arMIYuGGY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
38:32:22:0c:5a:0f:a0:26:57:67:f6:51:f8:42:36:91:5a:64:
09:fa:09:6f:31:d5:78:e5:03:3d:2c:be:2e:05:61:4c:75:9a:
c7:52:18:19:cf:9f:09:08:2a:e0:94:19:67:f8:09:b5:33:ee:
5a:e3:1e:ce:b7:67:90:48:e4:2b:78:ad:ab:4e:7c:33:a9:ff:
48:50:47:4a:57:15:e6:de:f4:22:d8:2e:93:69:8b:92:b7:30:
6a:9f:34:a7:01:77:6a:89:4a:42:77:87:70:4e:4b:f4:60:aa:
73:e9:60:7f:fa:6d:c0:45:ef:50:86:3a:60:07:b9:74:05:50:
44:55:f0:f3:bb:1e:19:a4:bb:38:15:a8:79:40:c1:78:8b:36:
f9:f1:c0:6e:69:7c:c8:d1:38:0e:20:b4:9d:43:fd:92:d8:b5:
a0:cb:9b:a4:e7:ab:55:0b:79:35:f3:4c:24:76:26:25:31:c4:
48:b8:2b:8f:ea:fb:fe:dc:c8:0b:f0:28:8d:d9:16:af:da:18:
45:5e:49:08:78:45:60:46:af:47:20:8f:75:e9:53:19:3e:fd:
e2:3f:3d:ae:7a:3d:c0:a7:c1:a3:1a:04:76:5e:f4:be:b9:d8:
b7:f6:86:fa:1e:16:34:8e:0b:06:6e:ce:2b:df:7f:9c:6d:40:
b6:c6:b5:e4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQx
NTI2MTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxRjdCQTI1Qzc5Qjc1
OUI5NEYzNTFDNzNGOTZBQjMwODYyRTE4NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlv5Czga1zLhhzDOHABu+7NqjioHB0YNJ9BRDd5aBu80hqTf49
M7FJ2hrWHRDE7BoHRK67xE2dHZM73f5h32jg3TmHiurnR65qWQ3cRfJ3fg9EkWpa
1CAboU1uhMK1GxE65zvYl/6j/nKAvGIqTKwNK51E1L0nTwR3X596QlzawjqRVmO0
Wj2Dk6+USuUtYESXlNCEz8cXvHfVLpU01oDENUSeBTRt3SeSNPKDOzLDlRt6DVYc
Owo07CdiBmZZ0Tkvx4cD63M3Td+EYHiMOTxGoNx72LKLLeByq9fzA3Lvl8NzX02e
Mpqtnq7wolY/FEgX1gBk78gnyODqwWVdMNj1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcfe6JcebdZuU81HHP5arMIYuGGYwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvY2ZlNkpjZWJkWnVVODFISFA1YXJN
SVl1R0dZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAODIiDFoPoCZXZ/ZR+EI2kVpkCfoJbzHVeOUDPSy+
LgVhTHWax1IYGc+fCQgq4JQZZ/gJtTPuWuMezrdnkEjkK3itq058M6n/SFBHSlcV
5t70Itguk2mLkrcwap80pwF3aolKQneHcE5L9GCqc+lgf/ptwEXvUIY6YAe5dAVQ
RFXw87seGaS7OBWoeUDBeIs2+fHAbml8yNE4DiC0nUP9kti1oMubpOerVQt5NfNM
JHYmJTHESLgrj+r7/tzIC/AojdkWr9oYRV5JCHhFYEavRyCPdelTGT794j89rno9
wKfBoxoEdl70vrnYt/aG+h4WNI4LBm7OK99/nG1Atsa15A==
Generated at Wed Dec 4 18:38:17 2024 by rpki-client on console.sobornost.net