Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: P/VRc3mKgDpqa0oxXnZb+Wejk0MLOhvIVYZXAyR8RBQ=
Subject key identifier: 58:34:62:18:FE:A9:E1:45:33:10:0A:81:D1:BD:6C:33:C2:3E:F3:27
Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Certificate serial: 552DFF08D2A0F22EA0858ED64C910C89F62C6B71
Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS21859.roa
Signing time: Mon 11 May 2026 17:17:33 +0000
ROA not before: Mon 11 May 2026 17:12:33 +0000
ROA not after: Mon 10 May 2027 17:17:33 +0000
asID: 21859
IP address blocks: 223.26.72.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:2d:ff:08:d2:a0:f2:2e:a0:85:8e:d6:4c:91:0c:89:f6:2c:6b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Validity
Not Before: May 11 17:12:33 2026 GMT
Not After : May 10 17:17:33 2027 GMT
Subject: CN=58346218FEA9E14533100A81D1BD6C33C23EF327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:0e:0c:18:b3:18:3c:96:a4:85:b0:17:f2:
9e:18:32:fd:b8:4e:67:b6:58:98:3c:72:d6:37:58:
d8:3d:48:29:1f:6b:b5:f2:eb:73:a8:7b:f1:2b:e8:
a1:a0:10:90:e6:f9:6a:c2:fb:b7:21:92:f7:e6:0b:
87:56:ba:d3:59:e8:0b:e9:a2:41:bc:df:9d:60:0b:
fe:df:58:59:e2:cf:55:61:99:fe:3d:94:86:e7:54:
2e:0e:a0:9a:f8:ca:b4:72:2f:44:c4:5d:fe:2c:65:
e4:cf:b5:1f:e7:6e:d0:24:0a:65:94:cb:aa:d9:fb:
44:49:5e:7f:ac:0b:a0:90:29:48:6c:30:f6:16:1c:
38:2c:ee:22:b0:e5:46:5e:c0:d9:46:29:da:aa:7d:
4f:b3:9d:48:cb:ba:f6:ad:2e:ca:0e:c8:1a:35:2e:
68:27:63:2d:8e:41:78:2e:c3:f6:7a:e6:b3:06:bc:
00:d2:26:7e:e1:41:e0:44:37:5b:57:16:5f:d4:b2:
90:27:37:ec:9f:54:b9:93:c6:b7:88:82:78:4f:8e:
1d:af:6f:8e:8d:a0:bb:72:24:f7:49:00:84:59:54:
20:9c:23:78:33:23:71:81:27:a9:44:60:39:94:90:
b1:ea:fb:3b:69:fe:22:75:74:0a:cc:2c:a6:41:b7:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:34:62:18:FE:A9:E1:45:33:10:0A:81:D1:BD:6C:33:C2:3E:F3:27
X509v3 Authority Key Identifier:
keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
223.26.72.0/22
Signature Algorithm: sha256WithRSAEncryption
28:16:ec:ed:7f:2a:e7:3e:18:9f:33:f4:27:e5:6d:28:5d:ca:
de:f1:f2:43:1e:aa:1e:f7:5a:66:1a:81:d9:33:56:f9:74:5b:
05:43:8d:4e:69:40:9c:2c:f3:24:90:8a:16:18:ba:97:77:b1:
88:83:a2:58:9e:89:e7:a9:97:f7:ea:fc:61:92:09:74:87:65:
2f:60:44:49:53:03:c5:96:2f:7c:45:17:8f:1b:ad:f3:4a:f3:
d0:58:b9:af:9a:0e:88:5b:96:e3:70:af:06:28:3d:49:49:cf:
e1:56:3e:11:9a:6b:41:24:0a:5a:19:a8:d6:e9:f8:71:5b:c6:
9a:5c:39:ca:af:64:c2:ad:4f:74:d7:75:6b:07:dd:8a:00:9e:
ec:db:92:0c:52:82:03:41:25:37:dc:1a:ab:9e:52:94:0a:d7:
80:0a:f1:fb:16:c6:21:e2:f2:f1:9e:e1:2d:e1:0a:b3:7e:79:
a9:df:e6:92:13:77:07:4b:82:62:9b:ca:54:7c:77:85:35:66:
5c:5d:28:ff:c5:98:dc:b7:31:dc:fb:2c:aa:a0:0d:93:00:98:
d2:ea:35:88:01:6c:b6:f9:5c:f8:1b:8b:0d:55:32:44:56:4a:
2f:a0:fd:fb:a8:26:b8:ac:d1:08:38:bc:52:f6:d4:87:82:1c:
a2:f8:7b:e9
-----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIUVS3/CNKg8i6ghY7WTJEMifYsa3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz
RDFGMDMxNDAeFw0yNjA1MTExNzEyMzNaFw0yNzA1MTAxNzE3MzNaMDMxMTAvBgNV
BAMTKDU4MzQ2MjE4RkVBOUUxNDUzMzEwMEE4MUQxQkQ2QzMzQzIzRUYzMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3WA4MGLMYPJakhbAX8p4YMv24
Tme2WJg8ctY3WNg9SCkfa7Xy63Ooe/Er6KGgEJDm+WrC+7chkvfmC4dWutNZ6Avp
okG8351gC/7fWFniz1Vhmf49lIbnVC4OoJr4yrRyL0TEXf4sZeTPtR/nbtAkCmWU
y6rZ+0RJXn+sC6CQKUhsMPYWHDgs7iKw5UZewNlGKdqqfU+znUjLuvatLsoOyBo1
LmgnYy2OQXguw/Z65rMGvADSJn7hQeBEN1tXFl/UspAnN+yfVLmTxreIgnhPjh2v
b46NoLtyJPdJAIRZVCCcI3gzI3GBJ6lEYDmUkLHq+ztp/iJ1dArMLKZBt56TAgMB
AAGjggG4MIIBtDAdBgNVHQ4EFgQUWDRiGP6p4UUzEAqB0b1sM8I+8ycwHwYDVR0j
BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt
VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx
QzZENzM1M0QxRjAzMTQuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4Yz
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMjE4NTku
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBALfGkgwDQYJKoZIhvcNAQELBQADggEBACgW7O1/Kuc+GJ8z9Cfl
bShdyt7x8kMeqh73WmYagdkzVvl0WwVDjU5pQJws8ySQihYYupd3sYiDolieieep
l/fq/GGSCXSHZS9gRElTA8WWL3xFF48brfNK89BYua+aDohbluNwrwYoPUlJz+FW
PhGaa0EkCloZqNbp+HFbxppcOcqvZMKtT3TXdWsH3YoAnuzbkgxSggNBJTfcGque
UpQK14AK8fsWxiHi8vGe4S3hCrN+eanf5pITdwdLgmKbylR8d4U1ZlxdKP/FmNy3
Mdz7LKqgDZMAmNLqNYgBbLb5XPgbiw1VMkRWSi+g/fuoJris0Qg4vFL21IeCHKL4
e+k=
-----END CERTIFICATE-----
Generated at Wed May 13 00:35:34 2026 by rpki-client