Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/HINET/0/AS33717.roa
File: AS33717.roa (raw, json)
Hash identifier: oIr81whVqdVoLKt2RIG93RhtVNlorI3Og2MHmZ/EAq0=
Subject key identifier: 8D:8E:1A:74:51:3B:EE:6E:DC:0E:78:45:E3:2D:65:17:45:37:72:09
Certificate issuer: /CN=6276AF5AEFB216534D76803A45D67CADC23447BD
Certificate serial: 5022603FBDC081D5BA7592DC6CB66045142B08E1
Authority key identifier: 62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/HINET/0/AS33717.roa
Signing time: Mon 11 May 2026 16:34:07 +0000
ROA not before: Mon 11 May 2026 16:29:07 +0000
ROA not after: Mon 10 May 2027 16:34:07 +0000
asID: 33717
IP address blocks: 220.128.51.0/24 maxlen: 24
220.128.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:22:60:3f:bd:c0:81:d5:ba:75:92:dc:6c:b6:60:45:14:2b:08:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6276AF5AEFB216534D76803A45D67CADC23447BD
Validity
Not Before: May 11 16:29:07 2026 GMT
Not After : May 10 16:34:07 2027 GMT
Subject: CN=8D8E1A74513BEE6EDC0E7845E32D651745377209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d5:43:b6:f6:df:d2:6f:d1:61:08:8b:6b:07:
21:ac:d1:b7:e2:1a:f9:c2:f5:05:ca:87:95:79:ab:
51:cf:22:36:2b:6b:7c:40:f0:e1:18:14:d9:0d:93:
cc:99:6e:c9:8a:af:01:95:89:57:99:af:af:1f:41:
10:a6:88:96:59:ed:ba:cc:73:8a:60:9c:bd:78:40:
60:04:89:a3:19:da:cf:3c:89:0b:04:eb:b6:a4:8e:
2d:ec:2c:30:84:1b:61:0c:0c:9c:f0:28:55:21:0f:
42:92:e0:00:c3:ab:e7:a9:c5:9a:2b:f8:0e:e1:e7:
5a:f1:e7:4a:1f:35:af:3f:16:4c:ac:13:52:9f:e2:
32:93:c1:03:29:aa:3d:b9:ba:20:90:99:74:35:95:
6c:5e:33:70:72:55:d2:1e:d5:ae:16:8e:d0:77:f3:
51:d5:4c:f4:3d:4a:64:52:2a:3d:54:f1:b9:2f:05:
71:53:d5:de:fe:2e:ac:de:46:e8:61:b8:a4:16:ee:
e3:97:b3:31:2c:f6:9b:ce:97:cc:70:3f:6e:59:25:
72:f5:a4:98:52:94:b9:ca:ce:d6:27:31:e7:ba:4e:
d8:70:d2:27:ee:1b:7c:be:be:34:68:16:89:c1:0b:
53:74:d3:04:35:e9:ec:41:e3:69:ca:a6:6e:69:a2:
7a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8E:1A:74:51:3B:EE:6E:DC:0E:78:45:E3:2D:65:17:45:37:72:09
X509v3 Authority Key Identifier:
keyid:62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HINET/0/AS33717.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
220.128.51.0/24
220.128.55.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:4c:6f:df:2a:57:ca:6c:ba:9b:65:94:00:76:e7:b2:01:09:
ac:b5:3e:37:b5:3f:db:78:a6:9f:f1:af:96:4b:64:bc:90:9a:
2d:35:a8:b3:0a:e1:02:6d:26:fa:90:93:30:60:59:83:b9:f8:
d1:53:49:cf:1e:8d:55:27:6b:e3:b2:fc:a0:60:39:b4:c7:ba:
6e:a8:13:85:c2:b2:c3:0a:4a:53:ec:f8:82:58:90:53:3d:13:
b7:43:33:73:e9:97:37:6b:78:05:e4:86:b9:34:63:68:9c:4b:
3b:8b:e9:55:13:aa:59:ba:72:e0:c4:b2:0d:ac:cc:3a:7d:f0:
44:6a:bf:a5:b4:2f:e1:86:ac:4e:84:6a:c4:40:f1:b4:69:93:
52:bf:59:5a:e5:94:ea:7c:4d:cf:15:64:9a:90:7e:8a:be:dc:
b1:a1:84:ed:12:73:cc:47:e7:75:c1:a6:60:fd:47:92:b5:63:
7c:c1:31:df:c6:e5:da:83:b7:bd:68:61:3f:fe:77:54:0f:ca:
19:d6:9d:cb:13:d8:94:70:b5:18:75:52:b8:24:f7:93:d9:2a:
cd:44:6e:81:b3:c6:6d:45:4b:dd:8f:b7:34:94:fd:11:ef:d2:
81:1a:25:72:99:93:4a:22:7c:c9:bb:fb:27:c6:91:ae:27:c3:
d1:a0:7b:70
-----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIUUCJgP73AgdW6dZLcbLZgRRQrCOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjI3NkFGNUFFRkIyMTY1MzRENzY4MDNBNDVENjdDQURD
MjM0NDdCRDAeFw0yNjA1MTExNjI5MDdaFw0yNzA1MTAxNjM0MDdaMDMxMTAvBgNV
BAMTKDhEOEUxQTc0NTEzQkVFNkVEQzBFNzg0NUUzMkQ2NTE3NDUzNzcyMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC71UO29t/Sb9FhCItrByGs0bfi
GvnC9QXKh5V5q1HPIjYra3xA8OEYFNkNk8yZbsmKrwGViVeZr68fQRCmiJZZ7brM
c4pgnL14QGAEiaMZ2s88iQsE67akji3sLDCEG2EMDJzwKFUhD0KS4ADDq+epxZor
+A7h51rx50ofNa8/FkysE1Kf4jKTwQMpqj25uiCQmXQ1lWxeM3ByVdIe1a4WjtB3
81HVTPQ9SmRSKj1U8bkvBXFT1d7+LqzeRuhhuKQW7uOXszEs9pvOl8xwP25ZJXL1
pJhSlLnKztYnMee6Tthw0ifuG3y+vjRoFonBC1N00wQ16exB42nKpm5ponrBAgMB
AAGjggG4MIIBtDAdBgNVHQ4EFgQUjY4adFE77m7cDnhF4y1lF0U3cgkwHwYDVR0j
BBgwFoAUYnavWu+yFlNNdoA6RdZ8rcI0R70wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSElORVQv
MC82Mjc2QUY1QUVGQjIxNjUzNEQ3NjgwM0E0NUQ2N0NBREMyMzQ0N0JELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzYyNzZBRjVBRUZCMjE2NTM0RDc2ODAzQTQ1RDY3
Q0FEQzIzNDQ3QkQuY2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ISU5FVC8wL0FTMzM3MTcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgAB
MAwDBADcgDMDBADcgDcwDQYJKoZIhvcNAQELBQADggEBALRMb98qV8psuptllAB2
57IBCay1Pje1P9t4pp/xr5ZLZLyQmi01qLMK4QJtJvqQkzBgWYO5+NFTSc8ejVUn
a+Oy/KBgObTHum6oE4XCssMKSlPs+IJYkFM9E7dDM3PplzdreAXkhrk0Y2icSzuL
6VUTqlm6cuDEsg2szDp98ERqv6W0L+GGrE6EasRA8bRpk1K/WVrllOp8Tc8VZJqQ
foq+3LGhhO0Sc8xH53XBpmD9R5K1Y3zBMd/G5dqDt71oYT/+d1QPyhnWncsT2JRw
tRh1Urgk95PZKs1EboGzxm1FS92PtzSU/RHv0oEaJXKZk0oifMm7+yfGka4nw9Gg
e3A=
-----END CERTIFICATE-----
Generated at Wed May 13 02:52:29 2026 by rpki-client