Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CLOUDBASE/0/323430323a346432303a3a2f34382d3438203d3e20323133343330.roa
File: 323430323a346432303a3a2f34382d3438203d3e20323133343330.roa (raw, json)
Hash identifier: yXLG5aJYFzJQAOcQmz7saI6BueUDkIVJ2tp9ey7Y/oo=
Subject key identifier: 9F:47:32:4C:36:AA:A3:6C:79:24:EC:71:C0:42:10:BF:F7:0A:3D:02
Certificate issuer: /CN=BED725C413C7A436F5A200F207F3CB3A7A9E05DA
Certificate serial: 6EB461B84B70E7A3EFBA9C58898A5BDBC69B1AA1
Authority key identifier: BE:D7:25:C4:13:C7:A4:36:F5:A2:00:F2:07:F3:CB:3A:7A:9E:05:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/BED725C413C7A436F5A200F207F3CB3A7A9E05DA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CLOUDBASE/0/323430323a346432303a3a2f34382d3438203d3e20323133343330.roa
Signing time: Mon 11 May 2026 17:58:07 +0000
ROA not before: Mon 11 May 2026 17:53:07 +0000
ROA not after: Mon 10 May 2027 17:58:07 +0000
asID: 213430
IP address blocks: 2402:4d20::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:b4:61:b8:4b:70:e7:a3:ef:ba:9c:58:89:8a:5b:db:c6:9b:1a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BED725C413C7A436F5A200F207F3CB3A7A9E05DA
Validity
Not Before: May 11 17:53:07 2026 GMT
Not After : May 10 17:58:07 2027 GMT
Subject: CN=9F47324C36AAA36C7924EC71C04210BFF70A3D02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:73:84:80:b0:bf:c3:08:b7:05:3b:8d:a3:f5:
ee:6f:eb:a5:dc:f2:3d:46:1d:66:e8:d2:5e:28:a0:
87:99:47:57:3b:ec:d2:6e:50:a7:90:56:de:26:fb:
25:4d:5e:5d:0f:a2:ba:25:5d:2a:be:cb:dc:65:7c:
0c:7d:8a:e7:b7:96:7e:50:71:3c:66:58:81:bb:c2:
76:77:f1:80:58:dd:7e:51:20:6a:91:ff:ee:af:2a:
77:53:d6:92:de:a0:02:81:de:af:6a:b4:ce:19:f2:
14:06:a4:dd:51:77:1d:64:05:55:0c:47:2b:a3:61:
87:69:ee:88:f6:e1:06:da:be:0a:ae:b9:6d:de:26:
1a:6a:25:3c:6d:1f:d3:6c:42:92:a6:fa:ae:8d:48:
9f:bc:cc:93:29:93:de:8b:da:c9:8a:06:89:69:68:
aa:e0:b4:aa:dc:7c:88:74:0e:6f:d6:4a:77:a7:26:
3e:66:75:34:55:ac:67:f3:0f:6c:8c:02:a7:b4:3a:
fc:cc:67:ce:1a:33:34:89:16:62:fb:25:c8:c0:c1:
c5:1c:a7:df:03:d0:29:c6:be:51:93:6c:ec:94:9d:
58:65:f2:e9:93:07:06:e2:72:d3:c7:5b:e3:df:0a:
41:3b:1d:73:d6:dd:0a:f4:be:1b:f4:64:8b:43:28:
63:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:47:32:4C:36:AA:A3:6C:79:24:EC:71:C0:42:10:BF:F7:0A:3D:02
X509v3 Authority Key Identifier:
keyid:BE:D7:25:C4:13:C7:A4:36:F5:A2:00:F2:07:F3:CB:3A:7A:9E:05:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CLOUDBASE/0/BED725C413C7A436F5A200F207F3CB3A7A9E05DA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/BED725C413C7A436F5A200F207F3CB3A7A9E05DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CLOUDBASE/0/323430323a346432303a3a2f34382d3438203d3e20323133343330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2402:4d20::/48
Signature Algorithm: sha256WithRSAEncryption
68:a1:a9:b6:a0:5d:e7:d5:3b:4e:88:1d:16:ce:f0:06:dd:76:
50:5b:3d:d2:d2:de:f5:ff:68:13:7d:48:ac:ef:c1:56:8b:7c:
42:39:1d:47:ac:cb:71:e1:52:9a:02:72:76:cb:88:f8:75:c3:
5b:b0:d4:c8:72:bf:f0:1f:23:56:dd:1e:4a:c4:f3:41:15:37:
f9:00:11:3a:6b:8c:6e:b0:bf:e1:67:6a:5a:c1:4e:c0:7d:ea:
24:a5:fb:63:82:25:5b:19:69:91:88:39:ad:0a:dc:b0:e4:19:
bb:9b:50:1f:42:eb:cf:40:3d:f1:68:62:3c:e6:5f:f2:58:c1:
ab:2b:ae:61:95:08:de:f4:a1:97:a1:cd:c7:fa:f4:5e:47:03:
ee:cf:a3:d9:19:d0:32:1f:ac:ca:c4:10:e1:d6:e4:2d:e0:ef:
5e:cf:93:85:47:33:0b:a8:02:67:4b:af:e9:87:72:84:56:7b:
a3:c8:7e:c5:42:b0:c1:90:5f:fd:63:da:39:da:e5:f1:99:13:
96:41:cd:4a:81:fa:b2:f3:bc:d0:61:91:f1:d1:b1:fe:b7:5d:
2a:0c:5b:49:f9:02:48:bf:a1:01:6e:4e:8a:4b:6c:0b:5b:62:
a3:b1:61:91:ad:c0:c1:a4:14:84:1c:3c:c5:4e:a0:f8:d3:11:
b9:45:68:a1
-----BEGIN CERTIFICATE-----
MIIE4jCCA8qgAwIBAgIUbrRhuEtw56PvupxYiYpb28abGqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkVENzI1QzQxM0M3QTQzNkY1QTIwMEYyMDdGM0NCM0E3
QTlFMDVEQTAeFw0yNjA1MTExNzUzMDdaFw0yNzA1MTAxNzU4MDdaMDMxMTAvBgNV
BAMTKDlGNDczMjRDMzZBQUEzNkM3OTI0RUM3MUMwNDIxMEJGRjcwQTNEMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoc4SAsL/DCLcFO42j9e5v66Xc
8j1GHWbo0l4ooIeZR1c77NJuUKeQVt4m+yVNXl0PorolXSq+y9xlfAx9iue3ln5Q
cTxmWIG7wnZ38YBY3X5RIGqR/+6vKndT1pLeoAKB3q9qtM4Z8hQGpN1Rdx1kBVUM
RyujYYdp7oj24QbavgquuW3eJhpqJTxtH9NsQpKm+q6NSJ+8zJMpk96L2smKBolp
aKrgtKrcfIh0Dm/WSnenJj5mdTRVrGfzD2yMAqe0OvzMZ84aMzSJFmL7JcjAwcUc
p98D0CnGvlGTbOyUnVhl8umTBwbictPHW+PfCkE7HXPW3Qr0vhv0ZItDKGOjAgMB
AAGjggHsMIIB6DAdBgNVHQ4EFgQUn0cyTDaqo2x5JOxxwEIQv/cKPQIwHwYDVR0j
BBgwFoAUvtclxBPHpDb1ogDyB/PLOnqeBdowDgYDVR0PAQH/BAQDAgeAMGYGA1Ud
HwRfMF0wW6BZoFeGVXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0xPVURC
QVNFLzAvQkVENzI1QzQxM0M3QTQzNkY1QTIwMEYyMDdGM0NCM0E3QTlFMDVEQS5j
cmwwbwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvMS9CRUQ3MjVDNDEzQzdBNDM2RjVBMjAwRjIw
N0YzQ0IzQTdBOUUwNURBLmNlcjB/BggrBgEFBQcBCwRzMHEwbwYIKwYBBQUHMAuG
Y3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0xPVURCQVNFLzAvMzIzNDMw
MzIzYTM0NjQzMjMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTMzMzQzMzMw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMw
ETAPBAIAAjAJAwcAJAJNIAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBooam2oF3n1TtO
iB0WzvAG3XZQWz3S0t71/2gTfUis78FWi3xCOR1HrMtx4VKaAnJ2y4j4dcNbsNTI
cr/wHyNW3R5KxPNBFTf5ABE6a4xusL/hZ2pawU7AfeokpftjgiVbGWmRiDmtCtyw
5Bm7m1AfQuvPQD3xaGI85l/yWMGrK65hlQje9KGXoc3H+vReRwPuz6PZGdAyH6zK
xBDh1uQt4O9ez5OFRzMLqAJnS6/ph3KEVnujyH7FQrDBkF/9Y9o52uXxmROWQc1K
gfqy87zQYZHx0bH+t10qDFtJ+QJIv6EBbk6KS2wLW2KjsWGRrcDBpBSEHDzFTqD4
0xG5RWih
-----END CERTIFICATE-----
Generated at Wed May 13 01:14:31 2026 by rpki-client