Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS38851.roa
File: AS38851.roa (raw, json)
Hash identifier: YHsM/Rq4XjgIDmV2IQ8QRia9ohmb8bF1nSfYLTD2C8w=
Subject key identifier: C3:8F:C5:A4:02:3D:FF:D9:10:99:43:80:84:BF:66:54:76:04:B0:DC
Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Certificate serial: 76029A0B03C6A85EE70D1FF95BEA9E966F6CB315
Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS38851.roa
Signing time: Mon 11 May 2026 17:17:32 +0000
ROA not before: Mon 11 May 2026 17:12:32 +0000
ROA not after: Mon 10 May 2027 17:17:32 +0000
asID: 38851
IP address blocks: 103.5.100.0/22 maxlen: 24
150.116.120.0/21 maxlen: 24
150.117.0.0/20 maxlen: 24
223.26.80.0/22 maxlen: 24
223.26.108.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:02:9a:0b:03:c6:a8:5e:e7:0d:1f:f9:5b:ea:9e:96:6f:6c:b3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Validity
Not Before: May 11 17:12:32 2026 GMT
Not After : May 10 17:17:32 2027 GMT
Subject: CN=C38FC5A4023DFFD91099438084BF66547604B0DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:19:14:97:dd:9c:b7:7c:d2:74:af:b2:a6:cc:
25:06:5d:d5:41:da:94:18:70:dd:6b:cf:58:a6:c2:
bc:37:f2:4b:9e:b3:4a:96:08:4b:e8:29:63:e4:5d:
4a:17:86:1f:ff:dc:a0:b5:a6:4e:66:ed:41:01:1f:
69:63:32:eb:e8:98:e1:46:1a:6c:8e:f3:6e:b9:95:
1e:db:5f:9d:36:ba:00:a8:17:8b:51:47:cf:9e:49:
67:38:62:67:ee:70:e3:d3:3a:9a:b2:67:11:3b:e8:
09:3a:ae:28:b1:56:e6:15:62:6e:26:80:b5:c7:66:
c4:14:eb:38:7e:f0:34:51:f5:f8:52:ff:13:5e:90:
37:7f:04:55:78:9c:f7:1e:42:fd:29:c8:66:92:53:
35:d6:3b:c4:58:6f:c7:b5:2c:b4:02:3d:14:a9:e6:
4d:5e:34:35:2e:85:20:02:f8:86:97:92:55:53:bc:
0f:37:f3:13:50:45:b1:e9:e4:98:fa:27:80:8e:ac:
71:2e:e9:b3:49:a5:7a:34:e2:b3:c1:70:c7:10:0c:
5a:73:05:ff:89:77:a6:15:22:3f:11:e7:53:4d:fc:
3b:91:5a:ba:48:4a:56:02:e8:1d:1c:7d:03:b8:20:
75:8f:b2:7e:f0:d3:bc:45:8c:21:c0:25:35:bc:f5:
e9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8F:C5:A4:02:3D:FF:D9:10:99:43:80:84:BF:66:54:76:04:B0:DC
X509v3 Authority Key Identifier:
keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS38851.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.5.100.0/22
150.116.120.0/21
150.117.0.0/20
223.26.80.0/22
223.26.108.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:ef:4e:1d:29:25:a2:d9:4e:d3:a4:40:a0:ce:7e:47:01:ec:
53:3b:54:de:01:b4:03:55:01:75:be:62:ef:b1:91:06:eb:08:
92:e2:78:76:66:0d:b2:18:59:ee:cf:94:89:a9:fe:c5:53:79:
85:bf:32:26:c3:c9:2b:96:36:cc:36:ce:54:b4:31:0c:23:4f:
4b:f8:f1:4d:b1:41:22:ec:31:44:39:06:35:bb:71:8d:51:7f:
26:45:dd:14:88:e0:2c:32:67:0e:c1:24:ab:72:33:99:57:5e:
9a:d2:6e:7b:21:30:29:e0:2f:e6:fc:a2:b7:65:39:2b:20:be:
ed:ac:e7:a3:03:26:1e:47:be:40:16:29:99:b7:71:a3:c7:42:
91:3d:47:73:4a:43:90:a1:2c:5b:48:ea:21:a1:59:97:0b:4f:
b8:26:15:3a:c5:4f:60:37:d7:ce:30:e6:76:f4:ad:41:cf:35:
50:a5:97:2f:56:6c:84:33:f0:cc:6a:35:a7:d1:07:0c:50:19:
24:10:50:55:aa:97:74:c3:1e:de:00:fd:c2:0a:d1:ce:39:66:
b7:66:24:7c:55:02:88:31:65:b4:cf:fc:dd:0c:46:ab:82:44:
bf:07:c8:5b:32:b9:64:8a:ea:b2:8f:e7:b6:49:2a:f4:ba:c9:
3c:ab:dc:4a
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUdgKaCwPGqF7nDR/5W+qelm9ssxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz
RDFGMDMxNDAeFw0yNjA1MTExNzEyMzJaFw0yNzA1MTAxNzE3MzJaMDMxMTAvBgNV
BAMTKEMzOEZDNUE0MDIzREZGRDkxMDk5NDM4MDg0QkY2NjU0NzYwNEIwREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTGRSX3Zy3fNJ0r7KmzCUGXdVB
2pQYcN1rz1imwrw38kues0qWCEvoKWPkXUoXhh//3KC1pk5m7UEBH2ljMuvomOFG
GmyO8265lR7bX502ugCoF4tRR8+eSWc4YmfucOPTOpqyZxE76Ak6riixVuYVYm4m
gLXHZsQU6zh+8DRR9fhS/xNekDd/BFV4nPceQv0pyGaSUzXWO8RYb8e1LLQCPRSp
5k1eNDUuhSAC+IaXklVTvA838xNQRbHp5Jj6J4COrHEu6bNJpXo04rPBcMcQDFpz
Bf+Jd6YVIj8R51NN/DuRWrpISlYC6B0cfQO4IHWPsn7w07xFjCHAJTW89en1AgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUw4/FpAI9/9kQmUOAhL9mVHYEsNwwHwYDVR0j
BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt
VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx
QzZENzM1M0QxRjAzMTQuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4Yz
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMzg4NTEu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAm
MCQEAgABMB4DBAJnBWQDBAOWdHgDBASWdQADBALfGlADBALfGmwwDQYJKoZIhvcN
AQELBQADggEBAKrvTh0pJaLZTtOkQKDOfkcB7FM7VN4BtANVAXW+Yu+xkQbrCJLi
eHZmDbIYWe7PlImp/sVTeYW/MibDySuWNsw2zlS0MQwjT0v48U2xQSLsMUQ5BjW7
cY1RfyZF3RSI4CwyZw7BJKtyM5lXXprSbnshMCngL+b8ordlOSsgvu2s56MDJh5H
vkAWKZm3caPHQpE9R3NKQ5ChLFtI6iGhWZcLT7gmFTrFT2A3184w5nb0rUHPNVCl
ly9WbIQz8MxqNafRBwxQGSQQUFWql3TDHt4A/cIK0c45ZrdmJHxVAogxZbTP/N0M
RquCRL8HyFsyuWSK6rKP57ZJKvS6yTyr3Eo=
-----END CERTIFICATE-----
Generated at Wed May 13 00:35:16 2026 by rpki-client