Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/DWINS/0/34332e3232342e32302e302f32342d3234203d3e20313338393135.roa
File: 34332e3232342e32302e302f32342d3234203d3e20313338393135.roa (raw, json)
Hash identifier: qZ1Xl7P/oCReEcW84jHPinXVKHg48mLqWM57olzhxqo=
Subject key identifier: 29:C4:BE:32:F7:3B:28:F6:CC:2B:48:50:B3:AC:2A:4C:70:BA:C2:82
Certificate issuer: /CN=C5DF31D9EEB5DA72668D58FB8DB0E75E3AD7BF93
Certificate serial: 02D2B8321F199E630BFF504A303E90A4F875D454
Authority key identifier: C5:DF:31:D9:EE:B5:DA:72:66:8D:58:FB:8D:B0:E7:5E:3A:D7:BF:93
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/C5DF31D9EEB5DA72668D58FB8DB0E75E3AD7BF93.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/DWINS/0/34332e3232342e32302e302f32342d3234203d3e20313338393135.roa
Signing time: Mon 11 May 2026 17:15:35 +0000
ROA not before: Mon 11 May 2026 17:10:35 +0000
ROA not after: Mon 10 May 2027 17:15:35 +0000
asID: 138915
IP address blocks: 43.224.20.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:d2:b8:32:1f:19:9e:63:0b:ff:50:4a:30:3e:90:a4:f8:75:d4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C5DF31D9EEB5DA72668D58FB8DB0E75E3AD7BF93
Validity
Not Before: May 11 17:10:35 2026 GMT
Not After : May 10 17:15:35 2027 GMT
Subject: CN=29C4BE32F73B28F6CC2B4850B3AC2A4C70BAC282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:c7:a7:c1:38:9c:64:44:c9:26:fc:dc:20:
aa:ed:5f:1a:00:91:ff:d6:cb:12:0f:9d:ce:d6:5a:
b2:1e:c0:07:16:bf:33:f6:b9:57:35:75:58:81:45:
ee:1e:7f:c1:13:2d:9f:60:10:c3:cd:9e:0a:6c:08:
08:1f:7e:e0:cc:d2:1d:53:62:5c:05:a0:c0:a7:5d:
4c:01:01:64:6e:b1:c2:34:a2:24:2e:b7:8f:e2:b9:
42:2e:f0:95:6d:9c:00:f0:ca:59:6f:23:94:76:69:
65:21:bb:58:d4:b6:7d:88:d3:22:71:7a:e9:76:e2:
dd:79:10:dd:b9:2a:c3:5a:56:df:c2:4c:5b:cf:aa:
a3:bb:cc:4f:69:00:64:0a:f3:fd:65:a1:41:10:16:
0e:ae:22:88:f9:93:62:1d:1b:bb:c1:0f:52:17:c7:
6f:ce:ba:ff:20:7e:1e:52:b0:95:74:6b:ec:d7:31:
db:64:ea:a2:eb:73:95:73:63:71:3f:c4:19:d8:ac:
63:55:79:b5:58:9f:68:fa:84:a9:bc:8c:a6:30:5a:
0f:8b:84:c2:81:5c:30:54:57:df:67:3e:be:5d:12:
ce:8a:63:8b:b4:70:a8:93:f8:c0:0e:b8:16:73:dc:
5f:16:b3:a9:a1:9e:fb:37:7d:86:a2:f3:af:98:f9:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C4:BE:32:F7:3B:28:F6:CC:2B:48:50:B3:AC:2A:4C:70:BA:C2:82
X509v3 Authority Key Identifier:
keyid:C5:DF:31:D9:EE:B5:DA:72:66:8D:58:FB:8D:B0:E7:5E:3A:D7:BF:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/DWINS/0/C5DF31D9EEB5DA72668D58FB8DB0E75E3AD7BF93.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/C5DF31D9EEB5DA72668D58FB8DB0E75E3AD7BF93.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/DWINS/0/34332e3232342e32302e302f32342d3234203d3e20313338393135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.20.0/24
Signature Algorithm: sha256WithRSAEncryption
81:1a:bf:48:36:38:c4:52:ae:d8:c9:0e:e5:a8:c6:68:23:27:
09:2d:32:0c:f5:61:9c:fd:01:56:89:a5:b4:93:41:17:c9:e9:
33:57:c1:8a:53:8b:e7:12:54:e0:b0:c6:4c:e3:6e:15:14:2d:
7e:c9:89:18:da:d7:d1:fd:b2:c0:b5:30:4f:e6:5d:54:7f:6d:
d2:eb:b7:94:32:3c:92:7d:a1:e8:49:5e:c5:ea:60:31:f0:52:
4d:78:03:8d:02:ce:30:33:04:5e:03:1a:97:01:aa:4c:66:a2:
81:70:54:c0:3c:c5:e4:95:d1:14:bf:5d:54:57:09:67:88:ea:
49:2f:fc:00:ad:e2:b4:36:82:88:ec:71:88:a8:b5:1a:c8:5e:
af:59:3f:b3:6d:03:03:8c:0b:27:92:41:ac:84:16:6d:c7:b2:
96:a5:99:b8:c1:34:49:0d:f0:28:b5:c6:b8:3e:3f:f5:52:f8:
7c:64:4c:ae:a1:2a:5c:83:90:1e:a1:a8:3b:8b:61:dd:13:6e:
31:4f:58:b5:71:e7:eb:6d:54:c6:c9:50:b2:2a:ed:a3:5f:71:
f4:66:e6:4e:09:d0:c2:07:5a:81:81:de:8a:2a:50:b2:4c:bc:
d2:f4:a7:a0:29:70:85:06:44:79:f4:b1:72:9b:3e:d2:d3:22:
c3:c8:5c:0f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUAtK4Mh8ZnmML/1BKMD6QpPh11FQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzVERjMxRDlFRUI1REE3MjY2OEQ1OEZCOERCMEU3NUUz
QUQ3QkY5MzAeFw0yNjA1MTExNzEwMzVaFw0yNzA1MTAxNzE1MzVaMDMxMTAvBgNV
BAMTKDI5QzRCRTMyRjczQjI4RjZDQzJCNDg1MEIzQUMyQTRDNzBCQUMyODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCscenwTicZETJJvzcIKrtXxoA
kf/WyxIPnc7WWrIewAcWvzP2uVc1dViBRe4ef8ETLZ9gEMPNngpsCAgffuDM0h1T
YlwFoMCnXUwBAWRuscI0oiQut4/iuUIu8JVtnADwyllvI5R2aWUhu1jUtn2I0yJx
eul24t15EN25KsNaVt/CTFvPqqO7zE9pAGQK8/1loUEQFg6uIoj5k2IdG7vBD1IX
x2/Ouv8gfh5SsJV0a+zXMdtk6qLrc5VzY3E/xBnYrGNVebVYn2j6hKm8jKYwWg+L
hMKBXDBUV99nPr5dEs6KY4u0cKiT+MAOuBZz3F8Ws6mhnvs3fYai86+Y+UZ/AgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUKcS+Mvc7KPbMK0hQs6wqTHC6woIwHwYDVR0j
BBgwFoAUxd8x2e612nJmjVj7jbDnXjrXv5MwDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRFdJTlMv
MC9DNURGMzFEOUVFQjVEQTcyNjY4RDU4RkI4REIwRTc1RTNBRDdCRjkzLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xL0M1REYzMUQ5RUVCNURBNzI2NjhENThGQjhEQjBF
NzVFM0FEN0JGOTMuY2VyMHsGCCsGAQUFBwELBG8wbTBrBggrBgEFBQcwC4ZfcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9EV0lOUy8wLzM0MzMyZTMyMzIzNDJl
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzODM5MzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEACvgFDANBgkqhkiG9w0BAQsFAAOCAQEAgRq/SDY4xFKu2MkO5ajGaCMnCS0y
DPVhnP0BVomltJNBF8npM1fBilOL5xJU4LDGTONuFRQtfsmJGNrX0f2ywLUwT+Zd
VH9t0uu3lDI8kn2h6ElexepgMfBSTXgDjQLOMDMEXgMalwGqTGaigXBUwDzF5JXR
FL9dVFcJZ4jqSS/8AK3itDaCiOxxiKi1Gsher1k/s20DA4wLJ5JBrIQWbceylqWZ
uME0SQ3wKLXGuD4/9VL4fGRMrqEqXIOQHqGoO4th3RNuMU9YtXHn621UxslQsirt
o19x9GbmTgnQwgdagYHeiipQsky80vSnoClwhQZEefSxcps+0tMiw8hcDw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:02 2026 by rpki-client