Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32332d3332203d3e20313331363537.roa
File: 3231302e312e3233342e302f32332d3332203d3e20313331363537.roa (raw, json)
Hash identifier: XhpQ+C1tVRKngGZ94cXlaeW9/WXKoL5qCwvg98P9HFY=
Subject key identifier: C0:33:D5:EF:76:70:BC:02:A9:92:F4:B0:B9:DC:3D:5A:2D:06:99:0C
Certificate issuer: /CN=9D0F6D536F053C3BB5233E68E0636F8A6FADA460
Certificate serial: 548D13DFF489DA037D43E75373FD56B1B47DE47D
Authority key identifier: 9D:0F:6D:53:6F:05:3C:3B:B5:23:3E:68:E0:63:6F:8A:6F:AD:A4:60
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32332d3332203d3e20313331363537.roa
Signing time: Mon 11 May 2026 17:55:34 +0000
ROA not before: Mon 11 May 2026 17:50:34 +0000
ROA not after: Mon 10 May 2027 17:55:34 +0000
asID: 131657
IP address blocks: 210.1.234.0/23 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:8d:13:df:f4:89:da:03:7d:43:e7:53:73:fd:56:b1:b4:7d:e4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9D0F6D536F053C3BB5233E68E0636F8A6FADA460
Validity
Not Before: May 11 17:50:34 2026 GMT
Not After : May 10 17:55:34 2027 GMT
Subject: CN=C033D5EF7670BC02A992F4B0B9DC3D5A2D06990C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1d:7e:fd:4a:bc:e9:51:11:8f:73:e8:87:2a:
81:6d:74:2e:16:16:ba:17:98:3c:7c:46:d6:25:49:
ee:d8:69:b2:71:a0:43:ad:20:73:25:44:3e:8f:d2:
cf:28:5a:1c:6d:8f:36:fc:85:38:bb:fb:bb:30:f7:
41:9d:d8:4a:bd:09:a9:1f:ed:89:cc:80:1e:2c:ac:
df:b7:ad:85:c6:68:95:db:ea:49:9e:fc:64:5c:86:
f4:f2:2f:3f:52:cc:1e:d3:e0:69:23:5d:e9:1f:fd:
d3:60:16:7a:97:88:03:2e:47:b0:53:3d:8c:4f:b2:
3b:84:64:1d:e7:e6:5d:69:40:71:a1:8a:ff:45:13:
45:e9:4e:22:40:ec:df:b2:be:89:60:49:ad:0f:3d:
ae:e0:b6:2a:67:05:1b:ad:01:db:33:13:26:4f:95:
18:48:90:61:a7:e4:d0:31:7f:08:33:9c:da:3a:03:
89:d8:79:bb:8f:40:cb:7d:30:f4:e4:94:15:03:8e:
1a:0e:2a:8c:31:cd:ee:87:ca:34:51:1a:da:39:47:
fb:a8:0a:ac:61:0c:bf:56:be:7d:fb:89:a9:43:cb:
2c:81:13:1c:ae:7b:cf:03:39:75:c4:ea:8b:6a:24:
9d:f0:22:ff:59:d1:0c:8a:e4:6a:b0:3f:c9:60:1a:
0f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:33:D5:EF:76:70:BC:02:A9:92:F4:B0:B9:DC:3D:5A:2D:06:99:0C
X509v3 Authority Key Identifier:
keyid:9D:0F:6D:53:6F:05:3C:3B:B5:23:3E:68:E0:63:6F:8A:6F:AD:A4:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/DAFU/0/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32332d3332203d3e20313331363537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.1.234.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:c7:85:9c:e0:cf:bf:40:4c:a9:5e:9c:cc:ed:05:39:27:e7:
a1:8d:af:8f:38:1a:04:00:88:cb:f2:a2:46:18:a5:0b:65:c1:
40:ec:ae:47:30:01:65:6a:f6:19:c1:fc:27:4c:59:cc:fd:62:
4c:e9:d4:c6:83:da:cf:d7:88:c0:09:41:54:83:6a:c2:11:90:
3e:7b:3f:d9:12:46:9a:e0:71:19:c0:7f:3e:37:60:0c:24:90:
1f:cb:5f:dc:48:a7:95:a6:b7:21:1d:b8:73:9f:34:ab:4b:5a:
55:a0:dd:9a:e5:2c:b4:e2:0a:c1:89:ce:5d:c8:0c:a7:84:fd:
3e:e6:6f:cc:bb:7c:35:c4:8a:64:60:36:76:68:c7:ca:14:3d:
fd:ff:0d:0d:16:86:1e:3c:0e:a4:7d:79:8d:0c:af:7b:1e:89:
9e:9f:12:3b:63:c9:de:99:92:f7:8e:e6:c2:50:36:ca:7c:18:
80:57:25:aa:ba:58:b3:a3:c1:cc:f8:a1:1f:f5:1f:84:3f:eb:
a5:8e:e4:8b:41:3a:af:96:d7:3c:83:e2:c0:b3:a5:fe:11:d6:
ce:0f:04:e1:13:dc:5c:7d:27:22:8f:7d:c1:e4:e7:ff:cf:dd:
2f:f4:24:d7:17:d6:1e:fd:0c:df:7d:c4:8f:af:7a:1c:49:95:
fe:af:f6:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUVI0T3/SJ2gN9Q+dTc/1WsbR95H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQwRjZENTM2RjA1M0MzQkI1MjMzRTY4RTA2MzZGOEE2
RkFEQTQ2MDAeFw0yNjA1MTExNzUwMzRaFw0yNzA1MTAxNzU1MzRaMDMxMTAvBgNV
BAMTKEMwMzNENUVGNzY3MEJDMDJBOTkyRjRCMEI5REMzRDVBMkQwNjk5MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWHX79SrzpURGPc+iHKoFtdC4W
FroXmDx8RtYlSe7YabJxoEOtIHMlRD6P0s8oWhxtjzb8hTi7+7sw90Gd2Eq9Cakf
7YnMgB4srN+3rYXGaJXb6kme/GRchvTyLz9SzB7T4GkjXekf/dNgFnqXiAMuR7BT
PYxPsjuEZB3n5l1pQHGhiv9FE0XpTiJA7N+yvolgSa0PPa7gtipnBRutAdszEyZP
lRhIkGGn5NAxfwgznNo6A4nYebuPQMt9MPTklBUDjhoOKowxze6HyjRRGto5R/uo
CqxhDL9Wvn37ialDyyyBExyue88DOXXE6otqJJ3wIv9Z0QyK5GqwP8lgGg/tAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUwDPV73ZwvAKpkvSwudw9Wi0GmQwwHwYDVR0j
BBgwFoAUnQ9tU28FPDu1Iz5o4GNvim+tpGAwDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvREFGVS8w
LzlEMEY2RDUzNkYwNTNDM0JCNTIzM0U2OEUwNjM2RjhBNkZBREE0NjAuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzEvOUQwRjZENTM2RjA1M0MzQkI1MjMzRTY4RTA2MzZG
OEE2RkFEQTQ2MC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL0RBRlUvMC8zMjMxMzAyZTMxMmUzMjMz
MzQyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzMTMzMzEzNjM1Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHSAeowDQYJKoZIhvcNAQELBQADggEBAJrHhZzgz79ATKlenMztBTkn56GNr484
GgQAiMvyokYYpQtlwUDsrkcwAWVq9hnB/CdMWcz9Ykzp1MaD2s/XiMAJQVSDasIR
kD57P9kSRprgcRnAfz43YAwkkB/LX9xIp5WmtyEduHOfNKtLWlWg3ZrlLLTiCsGJ
zl3IDKeE/T7mb8y7fDXEimRgNnZox8oUPf3/DQ0Whh48DqR9eY0Mr3seiZ6fEjtj
yd6ZkveO5sJQNsp8GIBXJaq6WLOjwcz4oR/1H4Q/66WO5ItBOq+W1zyD4sCzpf4R
1s4PBOET3Fx9JyKPfcHk5//P3S/0JNcX1h79DN99xI+vehxJlf6v9qY=
-----END CERTIFICATE-----
Generated at Tue May 12 23:45:50 2026 by rpki-client