Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131600.roa
File: AS131600.roa (raw, json)
Hash identifier: Hqjr0QNzCDAb58no3kyXToiKsdA+yAVu1DmUsHaYkdo=
Subject key identifier: 09:6F:5B:29:EF:84:5D:EC:B9:04:CC:37:A9:86:D9:60:CD:D8:E6:03
Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Certificate serial: 5FF565D813192FF3B6D11D0C7B269B404571F4A9
Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131600.roa
Signing time: Mon 11 May 2026 17:17:32 +0000
ROA not before: Mon 11 May 2026 17:12:32 +0000
ROA not after: Mon 10 May 2027 17:17:32 +0000
asID: 131600
IP address blocks: 150.117.120.0/21 maxlen: 24
223.26.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:f5:65:d8:13:19:2f:f3:b6:d1:1d:0c:7b:26:9b:40:45:71:f4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Validity
Not Before: May 11 17:12:32 2026 GMT
Not After : May 10 17:17:32 2027 GMT
Subject: CN=096F5B29EF845DECB904CC37A986D960CDD8E603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8e:72:eb:0b:80:94:56:ce:2c:34:91:b0:be:
1d:57:49:17:47:0f:13:4d:fc:f0:75:d4:13:04:eb:
3d:6e:49:4f:c0:a4:14:a7:9e:6d:a7:87:51:79:f7:
90:01:03:04:03:da:22:cb:05:ad:90:91:75:35:eb:
06:a6:35:81:24:c8:a6:a2:9b:02:a3:86:30:0d:fc:
81:9a:dd:23:7e:0d:a6:ab:bd:8c:7f:60:e4:92:61:
39:39:db:70:e2:e3:11:44:a2:f4:ad:dc:48:b8:c6:
57:d2:f4:ae:94:26:44:b5:a0:f1:26:0b:cd:8d:e0:
ce:ab:c8:ec:cb:79:04:7f:ca:8b:81:4a:b5:83:f6:
2e:11:58:ee:dd:26:53:99:78:37:b1:89:eb:52:48:
d1:2d:7e:d5:5d:15:8f:c8:2a:5a:25:31:2d:ab:f5:
77:5f:2e:50:03:76:54:71:a9:2a:95:cd:db:a3:a7:
7e:fd:ba:9e:93:76:e0:e3:11:17:08:d1:1c:cd:bd:
c5:48:82:95:89:1e:1b:eb:24:d0:76:22:b1:e0:12:
d9:df:95:40:4c:87:00:e3:29:52:ee:c2:b9:54:c2:
ca:13:db:d9:42:c2:b8:3e:ce:43:5d:8f:80:84:4d:
75:97:f4:b9:ea:fc:64:b9:32:7e:d2:9d:a6:c4:6b:
4b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6F:5B:29:EF:84:5D:EC:B9:04:CC:37:A9:86:D9:60:CD:D8:E6:03
X509v3 Authority Key Identifier:
keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131600.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.117.120.0/21
223.26.68.0/24
Signature Algorithm: sha256WithRSAEncryption
23:5c:50:b0:0b:b3:e7:82:e0:79:f9:39:3d:2c:9d:6f:16:b6:
eb:6c:eb:d1:85:2c:d3:9b:5a:6c:62:66:28:b0:bf:b5:74:50:
ad:3f:63:9f:2d:ca:e1:c2:a2:e3:25:16:7a:af:b6:ed:1c:90:
71:a1:13:c5:f5:1b:58:ce:3f:fd:cb:28:a0:8e:c2:51:a3:04:
77:2b:73:05:09:30:2e:d4:7a:9f:cd:87:97:5e:c6:e9:35:4e:
e6:a0:5b:2b:bf:0a:65:0a:b6:83:56:8d:70:1b:4c:e0:08:9b:
92:5b:ec:05:22:63:c0:b6:e6:aa:c9:25:e7:62:61:af:1c:1f:
be:40:aa:87:cb:46:ac:a2:41:f7:ce:d2:77:a1:c4:43:26:e5:
a8:37:95:cd:4c:d0:b9:25:8a:93:3e:52:55:5a:e4:c3:54:cc:
86:77:a3:46:26:44:82:e4:b9:d2:68:75:65:d5:78:57:da:7d:
91:80:3d:98:6d:36:fe:cb:15:06:15:22:1f:b1:b8:e7:ca:20:
0f:77:8d:4c:94:4b:d2:7f:bc:4c:4b:c1:b5:e6:e5:93:73:c5:
ca:44:f1:a9:63:32:56:7b:39:81:43:c9:d3:2f:22:fc:9f:7d:
06:af:4d:16:0a:d0:18:4c:16:a0:f8:89:e9:b7:26:59:09:46:
c2:42:1d:e0
-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgIUX/Vl2BMZL/O20R0MeyabQEVx9KkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz
RDFGMDMxNDAeFw0yNjA1MTExNzEyMzJaFw0yNzA1MTAxNzE3MzJaMDMxMTAvBgNV
BAMTKDA5NkY1QjI5RUY4NDVERUNCOTA0Q0MzN0E5ODZEOTYwQ0REOEU2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsjnLrC4CUVs4sNJGwvh1XSRdH
DxNN/PB11BME6z1uSU/ApBSnnm2nh1F595ABAwQD2iLLBa2QkXU16wamNYEkyKai
mwKjhjAN/IGa3SN+DaarvYx/YOSSYTk523Di4xFEovSt3Ei4xlfS9K6UJkS1oPEm
C82N4M6ryOzLeQR/youBSrWD9i4RWO7dJlOZeDexietSSNEtftVdFY/IKlolMS2r
9XdfLlADdlRxqSqVzdujp379up6TduDjERcI0RzNvcVIgpWJHhvrJNB2IrHgEtnf
lUBMhwDjKVLuwrlUwsoT29lCwrg+zkNdj4CETXWX9Lnq/GS5Mn7SnabEa0vLAgMB
AAGjggG/MIIBuzAdBgNVHQ4EFgQUCW9bKe+EXey5BMw3qYbZYM3Y5gMwHwYDVR0j
BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt
VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx
QzZENzM1M0QxRjAzMTQuY2VyMFAGCCsGAQUFBwELBEQwQjBABggrBgEFBQcwC4Y0
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMTMxNjAw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYw
FDASBAIAATAMAwQDlnV4AwQA3xpEMA0GCSqGSIb3DQEBCwUAA4IBAQAjXFCwC7Pn
guB5+Tk9LJ1vFrbrbOvRhSzTm1psYmYosL+1dFCtP2OfLcrhwqLjJRZ6r7btHJBx
oRPF9RtYzj/9yyigjsJRowR3K3MFCTAu1HqfzYeXXsbpNU7moFsrvwplCraDVo1w
G0zgCJuSW+wFImPAtuaqySXnYmGvHB++QKqHy0asokH3ztJ3ocRDJuWoN5XNTNC5
JYqTPlJVWuTDVMyGd6NGJkSC5LnSaHVl1XhX2n2RgD2YbTb+yxUGFSIfsbjnyiAP
d41MlEvSf7xMS8G15uWTc8XKRPGpYzJWezmBQ8nTLyL8n30Gr00WCtAYTBag+Inp
tyZZCUbCQh3g
-----END CERTIFICATE-----
Generated at Wed May 13 02:48:50 2026 by rpki-client