Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32342d3332203d3e20313331363537.roa
File: 3231302e312e3233342e302f32342d3332203d3e20313331363537.roa (raw, json)
Hash identifier: pYVK17zAbMWT4djhepdkPZ+a4SmhzlWvmNCdXixNe1Y=
Subject key identifier: 78:EB:25:EC:4B:9F:9F:CD:ED:3A:A9:36:C8:AE:F7:FB:00:47:18:0B
Certificate issuer: /CN=9D0F6D536F053C3BB5233E68E0636F8A6FADA460
Certificate serial: 4367AF4E99EAA90B60B0FD547CBA6954F72036D7
Authority key identifier: 9D:0F:6D:53:6F:05:3C:3B:B5:23:3E:68:E0:63:6F:8A:6F:AD:A4:60
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32342d3332203d3e20313331363537.roa
Signing time: Mon 11 May 2026 17:55:35 +0000
ROA not before: Mon 11 May 2026 17:50:35 +0000
ROA not after: Mon 10 May 2027 17:55:35 +0000
asID: 131657
IP address blocks: 210.1.234.0/24 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:67:af:4e:99:ea:a9:0b:60:b0:fd:54:7c:ba:69:54:f7:20:36:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9D0F6D536F053C3BB5233E68E0636F8A6FADA460
Validity
Not Before: May 11 17:50:35 2026 GMT
Not After : May 10 17:55:35 2027 GMT
Subject: CN=78EB25EC4B9F9FCDED3AA936C8AEF7FB0047180B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f5:8a:28:70:f7:78:12:64:85:88:5e:5a:81:
32:9a:fc:0a:e9:42:dc:e7:b4:16:ff:62:11:a8:64:
91:98:a5:22:73:6c:dc:be:f1:31:51:d7:58:a6:0a:
9b:3d:b6:28:a1:ce:d0:fc:b3:65:8c:b8:f6:f2:62:
2f:54:fd:af:0b:46:ea:5f:27:6e:29:9a:7d:6e:2e:
0a:8a:87:cd:b2:f3:2f:f1:83:b0:3f:c1:21:51:70:
bf:5f:69:75:ae:57:01:56:65:76:36:da:c4:75:5c:
e4:b0:56:4e:2b:ac:c2:c8:18:03:f3:4f:d5:93:f2:
10:6b:fe:21:11:a2:d6:cb:1b:cc:72:74:df:16:a3:
11:4b:e3:5a:1c:2b:24:a4:4d:98:18:7e:25:b4:26:
9a:2a:67:69:cc:89:95:c6:ca:10:c2:82:9f:62:de:
08:c8:40:e4:5a:73:13:4d:b4:ce:a3:4e:9f:7f:30:
3b:79:b0:be:92:7f:8c:9e:31:aa:ec:1e:e3:3f:fc:
86:07:83:15:16:99:2d:eb:89:7f:d4:93:19:bb:f5:
52:f8:f1:b8:3c:dc:da:63:c9:54:17:49:5d:d3:cd:
fd:42:78:d9:fb:27:c4:d6:57:7a:7d:22:fd:04:90:
3f:a3:0f:b4:db:7f:dd:2d:ab:b5:d7:46:63:4e:87:
28:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:EB:25:EC:4B:9F:9F:CD:ED:3A:A9:36:C8:AE:F7:FB:00:47:18:0B
X509v3 Authority Key Identifier:
keyid:9D:0F:6D:53:6F:05:3C:3B:B5:23:3E:68:E0:63:6F:8A:6F:AD:A4:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/DAFU/0/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9D0F6D536F053C3BB5233E68E0636F8A6FADA460.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DAFU/0/3231302e312e3233342e302f32342d3332203d3e20313331363537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.1.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:47:c7:92:2c:78:19:12:61:1b:de:7c:b7:cb:80:90:d7:63:
11:c8:d8:34:a6:2a:56:5b:30:cd:c0:06:9e:45:be:3d:01:fa:
a4:0b:4e:85:70:9e:a7:4c:e0:31:d6:20:82:3a:4a:0b:a2:cf:
0a:e3:ad:c9:cc:03:09:94:07:91:52:41:20:43:86:16:91:59:
ce:36:0e:8c:b6:a7:1a:9c:a1:dd:3d:e5:55:89:ae:47:d4:fd:
64:dd:8f:73:d9:c4:d5:46:18:35:7b:62:16:62:36:7f:37:95:
61:24:b7:b6:eb:c2:69:b4:90:42:f9:1d:4e:67:95:26:57:57:
ed:41:ba:47:30:84:88:a1:69:8e:b9:74:55:74:1d:5f:4e:25:
4e:8a:c2:33:94:dd:68:df:27:24:96:93:92:89:38:08:3b:3f:
5c:b9:0a:54:bb:06:f8:5a:bd:56:05:58:80:b9:39:5e:9e:ed:
22:31:4e:fa:9a:44:33:2e:25:3f:0a:7e:70:12:6a:6b:ce:f7:
7e:0f:58:c9:49:72:fd:2e:af:4e:5c:34:80:74:6b:2c:19:44:
61:9d:50:33:60:26:67:13:59:e5:bd:57:c3:85:19:96:e1:83:
f8:69:eb:74:94:fd:17:62:b8:66:16:b7:ef:1c:b4:76:92:b9:
a2:97:52:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUQ2evTpnqqQtgsP1UfLppVPcgNtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQwRjZENTM2RjA1M0MzQkI1MjMzRTY4RTA2MzZGOEE2
RkFEQTQ2MDAeFw0yNjA1MTExNzUwMzVaFw0yNzA1MTAxNzU1MzVaMDMxMTAvBgNV
BAMTKDc4RUIyNUVDNEI5RjlGQ0RFRDNBQTkzNkM4QUVGN0ZCMDA0NzE4MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK9YoocPd4EmSFiF5agTKa/Arp
QtzntBb/YhGoZJGYpSJzbNy+8TFR11imCps9tiihztD8s2WMuPbyYi9U/a8LRupf
J24pmn1uLgqKh82y8y/xg7A/wSFRcL9faXWuVwFWZXY22sR1XOSwVk4rrMLIGAPz
T9WT8hBr/iERotbLG8xydN8WoxFL41ocKySkTZgYfiW0JpoqZ2nMiZXGyhDCgp9i
3gjIQORacxNNtM6jTp9/MDt5sL6Sf4yeMarsHuM//IYHgxUWmS3riX/Ukxm79VL4
8bg83NpjyVQXSV3Tzf1CeNn7J8TWV3p9Iv0EkD+jD7Tbf90tq7XXRmNOhyiFAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUeOsl7Eufn83tOqk2yK73+wBHGAswHwYDVR0j
BBgwFoAUnQ9tU28FPDu1Iz5o4GNvim+tpGAwDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvREFGVS8w
LzlEMEY2RDUzNkYwNTNDM0JCNTIzM0U2OEUwNjM2RjhBNkZBREE0NjAuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzEvOUQwRjZENTM2RjA1M0MzQkI1MjMzRTY4RTA2MzZG
OEE2RkFEQTQ2MC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL0RBRlUvMC8zMjMxMzAyZTMxMmUzMjMz
MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzEzNjM1Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADSAeowDQYJKoZIhvcNAQELBQADggEBAAtHx5IseBkSYRvefLfLgJDXYxHI2DSm
KlZbMM3ABp5Fvj0B+qQLToVwnqdM4DHWIII6SguizwrjrcnMAwmUB5FSQSBDhhaR
Wc42Doy2pxqcod095VWJrkfU/WTdj3PZxNVGGDV7YhZiNn83lWEkt7brwmm0kEL5
HU5nlSZXV+1BukcwhIihaY65dFV0HV9OJU6KwjOU3WjfJySWk5KJOAg7P1y5ClS7
BvhavVYFWIC5OV6e7SIxTvqaRDMuJT8KfnASamvO934PWMlJcv0ur05cNIB0aywZ
RGGdUDNgJmcTWeW9V8OFGZbhg/hp63SU/RdiuGYWt+8ctHaSuaKXUnk=
-----END CERTIFICATE-----
Generated at Tue May 12 23:20:57 2026 by rpki-client