Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/eF6XiQ6PbdWUAFHunHyuJP3cjzA.roa
File: eF6XiQ6PbdWUAFHunHyuJP3cjzA.roa (raw, json)
Hash identifier: 7fdkWdIyN+IL3XkHK4krHBg2plhr5OFZtf10p5xNJbw=
Subject key identifier: 78:5E:97:89:0E:8F:6D:D5:94:00:51:EE:9C:7C:AE:24:FD:DC:8F:30
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0C61
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/eF6XiQ6PbdWUAFHunHyuJP3cjzA.roa
Signing time: Tue 03 Dec 2024 22:56:04 +0000
ROA not before: Tue 03 Dec 2024 22:56:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3169 (0xc61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 3 22:56:04 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=785E97890E8F6DD5940051EE9C7CAE24FDDC8F30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:db:55:22:be:a8:e7:d5:be:9d:57:0a:6e:8a:
12:4a:87:2f:1a:b9:87:f9:24:a4:49:04:cf:25:25:
1e:17:fa:10:1b:25:10:27:07:84:96:9a:2d:2d:9c:
a0:a5:67:ef:03:c4:ff:43:36:42:be:fe:96:40:86:
d8:33:76:d4:6c:4a:45:71:5a:50:fa:30:7b:7a:1d:
1b:04:1a:ac:e7:e8:15:38:e9:c7:9c:bb:7c:b0:43:
f1:be:eb:89:ce:ba:65:a4:71:ee:42:2f:5a:54:cd:
fa:e9:39:1c:e8:4e:97:32:5c:e9:54:b1:6c:eb:e0:
a3:bf:7d:df:08:41:c5:4a:56:96:02:fb:9c:a4:35:
06:d7:8d:71:48:b5:cd:a9:5c:39:2b:ec:4f:5e:e0:
24:0c:38:1b:ad:92:46:57:66:8e:00:e4:4d:5b:4d:
fd:24:32:cf:1c:7e:82:4d:f1:43:e0:c2:69:85:56:
0c:04:44:cb:34:a1:8c:ae:b8:82:56:ca:a4:b9:3d:
1c:63:e2:d5:22:58:e8:c7:df:86:93:03:1c:8d:42:
d2:33:36:d7:a4:63:90:49:b1:ae:c1:05:92:08:8f:
f2:ed:12:45:89:bf:dc:5c:18:cf:d2:52:eb:74:78:
a4:aa:a1:ba:2f:9a:c5:3c:a3:3c:52:93:76:03:6e:
aa:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5E:97:89:0E:8F:6D:D5:94:00:51:EE:9C:7C:AE:24:FD:DC:8F:30
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/eF6XiQ6PbdWUAFHunHyuJP3cjzA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:42:95:6b:38:bc:58:9c:53:67:c8:ef:8d:20:1e:48:0a:9c:
97:99:4a:16:29:f4:be:6a:94:22:9a:8e:19:1c:8b:c4:4e:94:
f8:9b:a0:ba:95:7b:a0:4e:3d:d3:84:45:c2:f5:de:a6:ca:dd:
4e:85:b6:34:40:4c:1c:ae:6f:e3:de:e4:99:e9:85:ec:aa:bf:
1c:7c:d2:d9:81:d3:7a:04:ec:2e:90:a1:93:40:58:ed:42:ca:
2b:cb:13:02:ec:d8:aa:71:32:38:63:86:30:14:97:00:aa:b9:
7b:1e:b6:3a:7b:42:72:95:22:3f:58:e2:70:b2:36:de:9a:60:
28:12:6b:99:aa:3d:db:82:02:2b:c3:06:d7:9a:c2:6e:e2:34:
4f:fc:75:2e:40:0c:6d:ac:b4:78:96:15:77:6e:d3:9d:77:f9:
68:a4:7b:e0:66:f1:19:8a:0f:ee:be:7a:51:15:29:24:ad:30:
18:9a:81:8e:81:9f:36:a6:2a:ab:d0:88:91:71:b2:af:4b:e8:
b4:46:3b:e7:b2:06:d6:ae:bb:0a:6a:68:95:52:d8:4d:46:53:
3d:9d:b7:f0:77:62:4d:44:56:76:51:68:53:66:a4:6a:f7:20:
ad:00:28:0a:27:fb:f5:9c:f2:50:cf:b1:44:39:8d:19:a1:5b:
2b:6a:24:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDMy
MjU2MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc4NUU5Nzg5MEU4RjZE
RDU5NDAwNTFFRTlDN0NBRTI0RkREQzhGMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG21Uivqjn1b6dVwpuihJKhy8auYf5JKRJBM8lJR4X+hAbJRAn
B4SWmi0tnKClZ+8DxP9DNkK+/pZAhtgzdtRsSkVxWlD6MHt6HRsEGqzn6BU46cec
u3ywQ/G+64nOumWkce5CL1pUzfrpORzoTpcyXOlUsWzr4KO/fd8IQcVKVpYC+5yk
NQbXjXFItc2pXDkr7E9e4CQMOButkkZXZo4A5E1bTf0kMs8cfoJN8UPgwmmFVgwE
RMs0oYyuuIJWyqS5PRxj4tUiWOjH34aTAxyNQtIzNtekY5BJsa7BBZIIj/LtEkWJ
v9xcGM/SUut0eKSqobovmsU8ozxSk3YDbqobAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUeF6XiQ6PbdWUAFHunHyuJP3cjzAwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvZUY2WGlRNlBiZFdVQUZIdW5IeXVK
UDNjanpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEApUKVazi8WJxTZ8jvjSAeSAqcl5lKFin0vmqUIpqO
GRyLxE6U+JugupV7oE4904RFwvXepsrdToW2NEBMHK5v497kmemF7Kq/HHzS2YHT
egTsLpChk0BY7ULKK8sTAuzYqnEyOGOGMBSXAKq5ex62OntCcpUiP1jicLI23ppg
KBJrmao924ICK8MG15rCbuI0T/x1LkAMbay0eJYVd27TnXf5aKR74GbxGYoP7r56
URUpJK0wGJqBjoGfNqYqq9CIkXGyr0votEY757IG1q67CmpolVLYTUZTPZ238Hdi
TURWdlFoU2akavcgrQAoCif79ZzyUM+xRDmNGaFbK2okJA==
Generated at Wed Dec 4 03:38:00 2024 by rpki-client on console.sobornost.net