Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS10085.roa
File: AS10085.roa (raw, json)
Hash identifier: iqrxvDsALP0o8cvNww3K9WEnd+8xt7iZ5T8XoOMTITQ=
Subject key identifier: 1F:34:C8:D2:FF:68:2B:4B:B4:A8:53:1A:F3:3D:5B:63:BB:2C:95:81
Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Certificate serial: 1BED4ED67FF988D6FBB3276AB6D104A87BCA29AB
Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS10085.roa
Signing time: Mon 11 May 2026 17:17:35 +0000
ROA not before: Mon 11 May 2026 17:12:35 +0000
ROA not after: Mon 10 May 2027 17:17:35 +0000
asID: 10085
IP address blocks: 150.117.96.0/21 maxlen: 24
150.117.104.0/21 maxlen: 24
150.117.112.0/21 maxlen: 24
203.163.194.0/23 maxlen: 24
203.163.196.0/22 maxlen: 24
203.163.202.0/23 maxlen: 24
203.163.204.0/22 maxlen: 24
203.163.208.0/22 maxlen: 24
203.163.214.0/24 maxlen: 24
223.26.88.0/22 maxlen: 24
223.26.92.0/22 maxlen: 24
223.26.96.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ed:4e:d6:7f:f9:88:d6:fb:b3:27:6a:b6:d1:04:a8:7b:ca:29:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Validity
Not Before: May 11 17:12:35 2026 GMT
Not After : May 10 17:17:35 2027 GMT
Subject: CN=1F34C8D2FF682B4BB4A8531AF33D5B63BB2C9581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:4e:1a:a0:cb:91:71:e5:f3:0f:87:1d:24:
01:21:8f:88:da:b5:e4:f6:71:e7:14:c9:58:73:c7:
af:e5:16:49:dd:d5:88:1f:47:c6:f1:6e:05:03:66:
43:91:39:ae:9c:70:9d:17:9e:09:16:bb:14:3d:9f:
4a:16:fe:2a:54:56:97:b2:c9:34:60:45:41:53:e1:
d8:95:6f:07:e6:8f:37:2e:3d:f4:62:bb:19:90:15:
3b:e1:5a:b5:76:7b:d8:83:0a:a0:73:72:45:88:74:
e2:a7:c4:6a:d2:05:9a:f5:69:e8:6b:4d:a7:c2:d0:
eb:4a:18:17:0c:37:d6:a1:e2:de:37:f1:00:9f:03:
e3:6f:45:5f:8c:96:6f:ef:dc:28:22:75:bb:65:64:
2c:1c:a2:26:4b:f0:a8:5a:e8:59:fe:73:95:92:5b:
ba:8d:69:1b:e7:3c:a1:c5:9b:8d:26:02:1d:07:75:
c5:dc:32:0c:af:22:63:9e:4d:37:8d:8e:b5:83:c6:
65:9c:b4:de:01:68:09:98:72:bd:82:67:82:b4:80:
40:67:8f:69:c2:31:8c:a6:95:19:8c:68:0b:37:cd:
fe:60:ab:b2:c1:24:bd:a9:66:63:f5:14:03:40:c2:
ed:80:2c:73:41:64:ad:03:3f:73:e0:1c:75:f3:92:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:34:C8:D2:FF:68:2B:4B:B4:A8:53:1A:F3:3D:5B:63:BB:2C:95:81
X509v3 Authority Key Identifier:
keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS10085.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.117.96.0-150.117.119.255
203.163.194.0-203.163.199.255
203.163.202.0-203.163.211.255
203.163.214.0/24
223.26.88.0-223.26.103.255
Signature Algorithm: sha256WithRSAEncryption
86:59:ad:06:a1:47:8b:02:aa:3b:8e:26:fb:c6:77:7a:fc:e3:
d3:a7:06:7d:eb:dc:cb:51:15:ba:3d:56:ed:15:13:b1:44:9a:
06:6f:9e:2e:bc:cd:da:35:cd:c7:5c:83:a4:e6:38:c6:d7:e0:
97:c8:30:3b:de:bb:40:e1:28:ca:80:67:37:b3:aa:9c:cd:00:
f5:69:b7:e4:66:8c:28:bd:f9:1e:ed:c5:c9:07:2b:e0:68:e3:
4a:0b:8c:2b:68:c9:7c:fb:32:cf:5e:15:3f:d3:87:59:12:37:
5a:95:a4:6e:d9:c4:53:cb:f6:f6:e9:78:60:87:c3:69:ee:45:
03:b9:1c:b8:af:80:5e:ac:51:df:25:0c:fc:b7:25:25:89:97:
61:32:3d:6a:ef:a4:5c:12:da:77:4d:3d:ed:fc:e2:7d:92:54:
f3:35:ed:28:43:c6:8b:e4:96:1f:f4:88:07:31:59:c0:c4:26:
e7:2b:cc:46:62:15:af:d6:03:5d:de:35:96:3e:56:df:5a:6c:
f4:2d:fa:f2:90:3d:25:16:34:12:4a:f6:09:30:2f:ff:05:99:
b8:cb:78:f4:74:72:dc:9e:92:7d:f5:80:b7:1a:49:d5:8d:f1:
73:7e:8f:55:27:38:af:9a:e9:e7:22:63:c3:e2:e2:e8:c3:17:
d4:8c:7f:c8
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUG+1O1n/5iNb7sydqttEEqHvKKaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz
RDFGMDMxNDAeFw0yNjA1MTExNzEyMzVaFw0yNzA1MTAxNzE3MzVaMDMxMTAvBgNV
BAMTKDFGMzRDOEQyRkY2ODJCNEJCNEE4NTMxQUYzM0Q1QjYzQkIyQzk1ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0tk4aoMuRceXzD4cdJAEhj4ja
teT2cecUyVhzx6/lFknd1YgfR8bxbgUDZkOROa6ccJ0XngkWuxQ9n0oW/ipUVpey
yTRgRUFT4diVbwfmjzcuPfRiuxmQFTvhWrV2e9iDCqBzckWIdOKnxGrSBZr1aehr
TafC0OtKGBcMN9ah4t438QCfA+NvRV+Mlm/v3CgidbtlZCwcoiZL8Kha6Fn+c5WS
W7qNaRvnPKHFm40mAh0HdcXcMgyvImOeTTeNjrWDxmWctN4BaAmYcr2CZ4K0gEBn
j2nCMYymlRmMaAs3zf5gq7LBJL2pZmP1FANAwu2ALHNBZK0DP3PgHHXzkmvVAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUHzTI0v9oK0u0qFMa8z1bY7sslYEwHwYDVR0j
BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt
VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx
QzZENzM1M0QxRjAzMTQuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4Yz
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMTAwODUu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBG
MEQEAgABMD4wDAMEBZZ1YAMEA5Z1cDAMAwQBy6PCAwQDy6PAMAwDBAHLo8oDBALL
o9ADBADLo9YwDAMEA98aWAMEA98aYDANBgkqhkiG9w0BAQsFAAOCAQEAhlmtBqFH
iwKqO44m+8Z3evzj06cGfevcy1EVuj1W7RUTsUSaBm+eLrzN2jXNx1yDpOY4xtfg
l8gwO967QOEoyoBnN7OqnM0A9Wm35GaMKL35Hu3FyQcr4GjjSguMK2jJfPsyz14V
P9OHWRI3WpWkbtnEU8v29ul4YIfDae5FA7kcuK+AXqxR3yUM/LclJYmXYTI9au+k
XBLad0097fzifZJU8zXtKEPGi+SWH/SIBzFZwMQm5yvMRmIVr9YDXd41lj5W31ps
9C368pA9JRY0Ekr2CTAv/wWZuMt49HRy3J6SffWAtxpJ1Y3xc36PVSc4r5rp5yJj
w+Li6MMX1Ix/yA==
-----END CERTIFICATE-----
Generated at Wed May 13 02:48:52 2026 by rpki-client