Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/DONGFONG/0/3130332e3233342e37362e302f32322d3234203d3e203338383531.roa
File: 3130332e3233342e37362e302f32322d3234203d3e203338383531.roa (raw, json)
Hash identifier: 5s6AN+2Y6dfxR89CSPIb2iNJHpRbEix7TIPfn85Lhig=
Subject key identifier: B0:D2:55:27:7A:87:EC:52:EB:F7:24:C3:2F:39:F1:4D:DA:74:8B:08
Certificate issuer: /CN=B407C8B8FAB2AF785E449F6959A343C11F3C2F7D
Certificate serial: 20ECA430F6587B8EF763DCC338997053AA8D45F4
Authority key identifier: B4:07:C8:B8:FA:B2:AF:78:5E:44:9F:69:59:A3:43:C1:1F:3C:2F:7D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/B407C8B8FAB2AF785E449F6959A343C11F3C2F7D.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/DONGFONG/0/3130332e3233342e37362e302f32322d3234203d3e203338383531.roa
Signing time: Mon 11 May 2026 17:04:08 +0000
ROA not before: Mon 11 May 2026 16:59:08 +0000
ROA not after: Mon 10 May 2027 17:04:08 +0000
asID: 38851
IP address blocks: 103.234.76.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ec:a4:30:f6:58:7b:8e:f7:63:dc:c3:38:99:70:53:aa:8d:45:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B407C8B8FAB2AF785E449F6959A343C11F3C2F7D
Validity
Not Before: May 11 16:59:08 2026 GMT
Not After : May 10 17:04:08 2027 GMT
Subject: CN=B0D255277A87EC52EBF724C32F39F14DDA748B08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0e:55:91:87:ae:03:3d:b0:09:ce:7b:cd:74:
ab:30:23:53:e9:52:68:6f:8f:f4:e1:9c:c5:fb:25:
0d:30:cf:77:4f:fb:36:0a:94:c9:94:13:76:d8:01:
c4:66:59:3e:cb:25:e8:fa:ce:a2:32:68:4c:47:e7:
3a:e6:f1:41:9c:6f:5a:0f:8c:0f:1d:9d:4e:b6:ee:
ca:3a:02:3a:51:9a:c1:f4:68:de:92:13:2e:2c:f8:
8d:03:7f:4b:2f:aa:47:fa:92:3e:35:87:be:47:77:
d7:91:8c:1e:d4:47:b8:a9:6b:82:7a:53:31:76:37:
bf:c7:bd:2f:6b:47:bf:0c:de:90:f6:d4:d9:fe:b7:
c9:b0:b6:9b:73:e8:ab:d6:f3:6c:0b:58:d9:95:72:
0e:ce:93:c1:13:64:81:53:80:aa:51:ca:58:32:a1:
96:a3:dd:f4:cf:d2:5a:3e:a2:b3:23:0f:9b:59:3f:
fd:f7:e8:33:88:07:7f:ed:59:fb:66:b9:6a:3e:4f:
98:a0:5b:70:f9:3a:68:0d:b6:de:41:d3:71:4c:38:
9f:c2:e4:ad:c9:90:7e:22:21:41:46:ff:69:a2:c1:
1b:e9:14:72:3f:ee:c0:77:76:fb:7b:b9:65:87:38:
27:28:87:6d:5c:b9:44:02:7c:4a:f5:18:d7:13:8a:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D2:55:27:7A:87:EC:52:EB:F7:24:C3:2F:39:F1:4D:DA:74:8B:08
X509v3 Authority Key Identifier:
keyid:B4:07:C8:B8:FA:B2:AF:78:5E:44:9F:69:59:A3:43:C1:1F:3C:2F:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/DONGFONG/0/B407C8B8FAB2AF785E449F6959A343C11F3C2F7D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/B407C8B8FAB2AF785E449F6959A343C11F3C2F7D.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DONGFONG/0/3130332e3233342e37362e302f32322d3234203d3e203338383531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.234.76.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:64:40:e5:ca:55:52:1e:d7:5b:17:b9:5b:d0:aa:43:25:fb:
c5:c6:69:22:c9:c7:f7:4f:7b:cb:e1:97:51:b9:84:1d:f6:b7:
a2:b7:2b:b4:71:da:4f:d1:19:b6:f8:3a:a2:ba:d7:ba:10:32:
35:fc:b0:40:d0:21:22:e0:a3:12:d5:3e:a9:3d:72:35:17:3c:
45:d5:4d:39:f0:bd:85:13:1e:22:1f:6c:19:33:ec:a8:69:1c:
86:9a:3d:f2:bc:8e:fd:51:d0:cd:39:f7:a7:18:1f:87:ec:ef:
06:42:d4:99:d5:1f:a0:fc:0e:d3:74:a9:b4:75:13:d2:0b:b8:
8c:34:eb:78:28:ff:26:37:68:98:01:b3:92:d9:76:f5:4e:8b:
b9:77:f8:75:0b:9f:1f:3b:bb:12:0d:75:2e:b1:6f:dc:20:d3:
fb:0d:0c:7b:bb:73:30:2e:bf:4c:af:c4:d6:af:cd:aa:84:d1:
c3:a9:da:4b:a4:e5:4b:7c:e3:54:17:d9:aa:08:71:73:3f:84:
db:39:c6:83:7d:ba:ee:3b:b7:25:2a:cf:8d:49:cd:5b:98:b2:
da:23:48:77:d0:b6:c1:c6:b1:61:96:98:3c:02:f5:90:66:97:
48:74:61:88:a3:ef:76:36:02:f3:86:31:7d:96:74:72:aa:73:
8a:e7:e9:c3
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUIOykMPZYe473Y9zDOJlwU6qNRfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjQwN0M4QjhGQUIyQUY3ODVFNDQ5RjY5NTlBMzQzQzEx
RjNDMkY3RDAeFw0yNjA1MTExNjU5MDhaFw0yNzA1MTAxNzA0MDhaMDMxMTAvBgNV
BAMTKEIwRDI1NTI3N0E4N0VDNTJFQkY3MjRDMzJGMzlGMTREREE3NDhCMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDlWRh64DPbAJznvNdKswI1Pp
Umhvj/ThnMX7JQ0wz3dP+zYKlMmUE3bYAcRmWT7LJej6zqIyaExH5zrm8UGcb1oP
jA8dnU627so6AjpRmsH0aN6SEy4s+I0Df0svqkf6kj41h75Hd9eRjB7UR7ipa4J6
UzF2N7/HvS9rR78M3pD21Nn+t8mwtptz6KvW82wLWNmVcg7Ok8ETZIFTgKpRylgy
oZaj3fTP0lo+orMjD5tZP/336DOIB3/tWftmuWo+T5igW3D5OmgNtt5B03FMOJ/C
5K3JkH4iIUFG/2miwRvpFHI/7sB3dvt7uWWHOCcoh21cuUQCfEr1GNcTipHtAgMB
AAGjggHnMIIB4zAdBgNVHQ4EFgQUsNJVJ3qH7FLr9yTDLznxTdp0iwgwHwYDVR0j
BBgwFoAUtAfIuPqyr3heRJ9pWaNDwR88L30wDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRE9OR0ZP
TkcvMC9CNDA3QzhCOEZBQjJBRjc4NUU0NDlGNjk1OUEzNDNDMTFGM0MyRjdELmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xL0I0MDdDOEI4RkFCMkFGNzg1RTQ0OUY2OTU5
QTM0M0MxMUYzQzJGN0QuY2VyMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcwC4Zi
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ET05HRk9ORy8wLzMxMzAzMzJl
MzIzMzM0MmUzNzM2MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzMzODM4MzUzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAmfqTDANBgkqhkiG9w0BAQsFAAOCAQEALmRA5cpVUh7XWxe5W9Cq
QyX7xcZpIsnH9097y+GXUbmEHfa3orcrtHHaT9EZtvg6orrXuhAyNfywQNAhIuCj
EtU+qT1yNRc8RdVNOfC9hRMeIh9sGTPsqGkchpo98ryO/VHQzTn3pxgfh+zvBkLU
mdUfoPwO03SptHUT0gu4jDTreCj/JjdomAGzktl29U6LuXf4dQufHzu7Eg11LrFv
3CDT+w0Me7tzMC6/TK/E1q/NqoTRw6naS6TlS3zjVBfZqghxcz+E2znGg3267ju3
JSrPjUnNW5iy2iNId9C2wcaxYZaYPAL1kGaXSHRhiKPvdjYC84YxfZZ0cqpziufp
ww==
-----END CERTIFICATE-----
Generated at Tue May 12 22:56:39 2026 by rpki-client