Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIDC/eT7VGeYCWULUrQ2MQHST04Dl2yY.roa
File: eT7VGeYCWULUrQ2MQHST04Dl2yY.roa (raw, json)
Hash identifier: u413O5gGmlLcknUyBN10bar9tgpVFEyYRSKMZLMcU8Y=
Subject key identifier: 79:3E:D5:19:E6:02:59:42:D4:AD:0D:8C:40:74:93:D3:80:E5:DB:26
Certificate issuer: /CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Certificate serial: 0C6D
Authority key identifier: C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/eT7VGeYCWULUrQ2MQHST04Dl2yY.roa
Signing time: Wed 04 Dec 2024 01:56:05 +0000
ROA not before: Wed 04 Dec 2024 01:56:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131609
IP address blocks: 103.99.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3181 (0xc6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C08515C8B9FB53F8CED489D2134F6441FFADA05E
Validity
Not Before: Dec 4 01:56:05 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=793ED519E6025942D4AD0D8C407493D380E5DB26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a4:87:cf:d3:8b:3e:19:77:c7:18:e9:88:7c:
02:15:b8:e4:c2:ab:eb:ff:65:cc:70:ad:69:25:64:
0b:fd:e2:7f:48:8c:d0:56:ff:0e:f9:77:91:0e:93:
d1:7b:6c:1a:92:be:f2:f7:12:1c:a4:14:e0:3a:27:
43:95:de:58:b3:05:1e:d1:4b:13:19:4f:b4:6b:c6:
d5:b1:6d:8b:88:87:d0:84:cf:85:42:9b:62:86:ec:
67:72:f5:bd:d3:69:e4:7e:23:19:8e:7c:94:c9:d6:
d9:54:92:7c:28:71:76:9e:48:2e:ee:e0:3c:f4:db:
56:a5:26:54:f0:7b:5b:ec:73:9b:9f:18:39:11:e9:
a6:f1:f6:fa:83:e5:88:53:c1:ad:34:0a:16:45:ad:
39:36:3c:86:90:a3:b7:24:ae:e0:af:e4:ce:56:bf:
6d:4c:96:6e:65:f7:5b:fc:0f:f5:c7:14:fb:20:0e:
da:5d:59:ce:67:ca:3f:12:3d:80:fc:a0:0a:f0:b8:
05:93:69:12:80:16:ee:0a:60:11:15:9b:ab:9a:82:
d4:d5:fa:5d:fe:1b:d0:d8:62:b2:d6:91:0b:e2:ba:
8c:9f:53:f6:04:63:37:9d:2e:66:cb:ea:99:6d:58:
8c:a1:e9:cf:ca:96:53:de:d4:d0:f3:b5:3a:98:1b:
08:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:3E:D5:19:E6:02:59:42:D4:AD:0D:8C:40:74:93:D3:80:E5:DB:26
X509v3 Authority Key Identifier:
keyid:C0:85:15:C8:B9:FB:53:F8:CE:D4:89:D2:13:4F:64:41:FF:AD:A0:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/wIUVyLn7U_jO1InSE09kQf-toF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wIUVyLn7U_jO1InSE09kQf-toF4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIDC/eT7VGeYCWULUrQ2MQHST04Dl2yY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.88.0/22
Signature Algorithm: sha256WithRSAEncryption
78:f3:fa:db:ab:85:76:be:99:d8:67:ca:48:5b:f5:89:d0:11:
a6:b5:ed:b9:67:d0:4d:8f:d5:17:5e:25:25:fa:fe:71:65:83:
92:d3:31:0c:50:a0:3f:b4:df:1e:ff:ca:16:a7:37:37:86:32:
31:f6:2c:f1:cd:83:78:19:72:af:87:0c:93:82:eb:6d:c8:8e:
4a:97:c8:c3:3a:fe:1b:da:d6:04:7e:fb:18:41:5e:be:4e:1b:
12:a8:0f:70:84:d4:60:17:73:9b:cf:50:68:79:8d:01:83:88:
34:d3:58:3d:44:23:17:d6:ff:c1:15:b2:0a:d4:8d:91:5d:b1:
b9:75:a0:52:00:de:f7:71:31:8e:9c:f4:d3:08:7b:55:68:54:
32:89:f4:62:5d:7b:d4:56:15:92:4e:17:65:b1:3c:c2:8b:8f:
d2:63:f0:d9:ff:67:75:57:ac:42:9b:b8:ab:20:d4:c2:6f:fe:
0f:c1:5c:e7:f4:6b:c7:80:a5:8c:52:0e:ee:c4:0a:58:5a:5c:
4d:b9:a3:ec:03:f1:98:d3:9e:a2:6a:fa:85:a7:de:8e:a9:9f:
6d:9c:2d:4f:8f:d5:9b:d6:31:af:bb:52:42:a0:6b:8a:eb:1a:
c0:30:d7:2f:a0:78:32:1d:86:bb:a0:db:7d:30:af:5a:78:0a:
e1:20:2c:a8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzA4
NTE1QzhCOUZCNTNGOENFRDQ4OUQyMTM0RjY0NDFGRkFEQTA1RTAeFw0yNDEyMDQw
MTU2MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc5M0VENTE5RTYwMjU5
NDJENEFEMEQ4QzQwNzQ5M0QzODBFNURCMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCypIfP04s+GXfHGOmIfAIVuOTCq+v/ZcxwrWklZAv94n9IjNBW
/w75d5EOk9F7bBqSvvL3EhykFOA6J0OV3lizBR7RSxMZT7RrxtWxbYuIh9CEz4VC
m2KG7Gdy9b3TaeR+IxmOfJTJ1tlUknwocXaeSC7u4Dz021alJlTwe1vsc5ufGDkR
6abx9vqD5YhTwa00ChZFrTk2PIaQo7ckruCv5M5Wv21Mlm5l91v8D/XHFPsgDtpd
Wc5nyj8SPYD8oArwuAWTaRKAFu4KYBEVm6uagtTV+l3+G9DYYrLWkQviuoyfU/YE
YzedLmbL6pltWIyh6c/KllPe1NDztTqYGwi9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUeT7VGeYCWULUrQ2MQHST04Dl2yYwHwYDVR0jBBgwFoAUwIUVyLn7U/jO1InS
E09kQf+toF4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElEQy93
SVVWeUxuN1Vfak8xSW5TRTA5a1FmLXRvRjQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dJVVZ5TG43VV9qTzFJblNFMDlrUWYtdG9GNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RJREMvZVQ3VkdlWUNXVUxVclEyTVFIU1Qw
NERsMnlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmdjWDAN
BgkqhkiG9w0BAQsFAAOCAQEAePP626uFdr6Z2GfKSFv1idARprXtuWfQTY/VF14l
Jfr+cWWDktMxDFCgP7TfHv/KFqc3N4YyMfYs8c2DeBlyr4cMk4LrbciOSpfIwzr+
G9rWBH77GEFevk4bEqgPcITUYBdzm89QaHmNAYOINNNYPUQjF9b/wRWyCtSNkV2x
uXWgUgDe93Exjpz00wh7VWhUMon0Yl171FYVkk4XZbE8wouP0mPw2f9ndVesQpu4
qyDUwm/+D8Fc5/Rrx4CljFIO7sQKWFpcTbmj7APxmNOeomr6hafejqmfbZwtT4/V
m9Yxr7tSQqBriusawDDXL6B4Mh2Gu6DbfTCvWngK4SAsqA==
Generated at Wed Dec 4 05:35:04 2024 by rpki-client on console.sobornost.net