Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/HINET/0/AS3462.roa
File: AS3462.roa (raw, json)
Hash identifier: gTUoVGimVz0LoRqD2wd8aOo5CKtEWt49bYp9Id0rcOY=
Subject key identifier: 56:0E:41:F8:1D:9B:03:F9:2E:10:7E:D9:BA:DC:D9:A8:B4:E6:0E:43
Certificate issuer: /CN=6276AF5AEFB216534D76803A45D67CADC23447BD
Certificate serial: 7491275D2A48BEF9AFD87EC3E878C8D2636BD243
Authority key identifier: 62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/HINET/0/AS3462.roa
Signing time: Tue 12 May 2026 01:28:27 +0000
ROA not before: Tue 12 May 2026 01:23:27 +0000
ROA not after: Tue 11 May 2027 01:28:27 +0000
asID: 3462
IP address blocks: 1.34.0.0/15 maxlen: 24
1.160.0.0/12 maxlen: 24
36.224.0.0/12 maxlen: 24
43.255.92.0/22 maxlen: 24
59.112.0.0/13 maxlen: 24
59.120.0.0/14 maxlen: 24
59.124.0.0/14 maxlen: 24
60.248.0.0/16 maxlen: 24
60.249.0.0/16 maxlen: 24
60.250.0.0/15 maxlen: 24
61.216.0.0/16 maxlen: 24
61.217.0.0/16 maxlen: 24
61.218.0.0/15 maxlen: 24
61.220.0.0/14 maxlen: 24
61.224.0.0/14 maxlen: 24
61.228.0.0/14 maxlen: 24
103.25.236.0/22 maxlen: 24
111.240.0.0/12 maxlen: 24
114.24.0.0/14 maxlen: 24
114.30.44.0/24 maxlen: 24
114.32.0.0/12 maxlen: 24
118.160.0.0/13 maxlen: 24
118.168.0.0/14 maxlen: 24
122.116.0.0/15 maxlen: 24
122.118.0.0/16 maxlen: 24
122.120.0.0/13 maxlen: 24
125.224.0.0/13 maxlen: 24
125.232.0.0/15 maxlen: 24
202.39.0.0/18 maxlen: 24
202.39.64.0/19 maxlen: 24
202.39.128.0/17 maxlen: 24
203.66.0.0/16 maxlen: 24
203.69.0.0/16 maxlen: 24
203.69.47.224/27 maxlen: 27
203.74.0.0/16 maxlen: 24
203.75.0.0/16 maxlen: 24
203.160.242.0/24 maxlen: 24
203.160.253.0/24 maxlen: 24
210.59.128.0/17 maxlen: 24
210.59.138.128/27 maxlen: 27
210.61.0.0/16 maxlen: 24
210.62.248.0/21 maxlen: 24
210.65.0.0/16 maxlen: 24
210.71.128.0/17 maxlen: 24
210.241.224.0/19 maxlen: 24
210.242.0.0/16 maxlen: 24
211.20.0.0/16 maxlen: 24
211.21.0.0/16 maxlen: 24
211.22.0.0/16 maxlen: 24
211.23.0.0/16 maxlen: 24
211.72.0.0/16 maxlen: 24
211.75.0.0/16 maxlen: 24
218.160.0.0/14 maxlen: 24
218.164.0.0/15 maxlen: 24
218.166.0.0/15 maxlen: 24
218.168.0.0/13 maxlen: 24
220.128.0.0/18 maxlen: 24
220.128.61.0/24 maxlen: 24
220.128.64.0/18 maxlen: 24
220.128.67.0/24 maxlen: 24
220.128.71.0/24 maxlen: 24
220.128.72.0/24 maxlen: 24
220.128.79.0/24 maxlen: 24
220.128.80.0/24 maxlen: 24
220.128.128.0/17 maxlen: 24
220.129.0.0/16 maxlen: 24
220.130.0.0/15 maxlen: 24
220.132.0.0/14 maxlen: 24
220.136.0.0/13 maxlen: 24
221.120.21.0/24 maxlen: 24
221.120.25.0/24 maxlen: 24
2001:b000::/21 maxlen: 48
2001:b000::/23 maxlen: 64
2001:b400:e9f0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl
rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:91:27:5d:2a:48:be:f9:af:d8:7e:c3:e8:78:c8:d2:63:6b:d2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6276AF5AEFB216534D76803A45D67CADC23447BD
Validity
Not Before: May 12 01:23:27 2026 GMT
Not After : May 11 01:28:27 2027 GMT
Subject: CN=560E41F81D9B03F92E107ED9BADCD9A8B4E60E43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:8d:94:10:a3:ad:a6:21:d8:ae:be:f0:c1:
d7:43:9a:ad:5c:5a:d0:79:66:3d:ac:5b:05:2e:93:
98:74:34:af:79:a2:0a:76:c8:e0:03:40:ce:de:81:
4e:f1:9c:26:db:c5:42:a3:9a:0d:46:38:5d:3b:4d:
f4:ca:d8:c5:fa:7c:15:02:92:fc:7b:bc:08:71:b5:
1e:6e:7b:67:53:11:87:c4:1d:4d:7e:28:98:ee:86:
5f:37:b4:49:c5:f8:5e:b4:bd:b2:1f:a5:80:ba:e5:
3f:c9:78:98:18:54:67:fa:83:7b:2e:27:af:dc:e0:
71:11:0c:8c:02:f2:c8:db:3a:d7:5c:96:e7:bd:5a:
06:9f:fd:52:f8:fa:1f:8a:38:d4:37:5e:3d:b5:9a:
eb:e4:6f:1f:c9:98:90:94:b2:9c:fd:f8:7f:d9:df:
b9:2b:80:cc:85:d5:e8:e7:2b:fc:0a:aa:58:80:7a:
fd:10:32:b4:70:a5:92:14:21:30:0a:d5:52:b9:6c:
57:5f:cc:97:5d:a2:8f:34:75:4e:82:81:34:4a:98:
62:7b:51:07:05:7c:08:42:a3:b4:a4:66:2c:78:10:
87:de:57:b4:5e:a6:be:b5:2d:f4:f1:c8:86:88:fc:
58:c0:0c:24:f8:b7:81:25:53:19:e7:5b:81:c5:1c:
db:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0E:41:F8:1D:9B:03:F9:2E:10:7E:D9:BA:DC:D9:A8:B4:E6:0E:43
X509v3 Authority Key Identifier:
keyid:62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HINET/0/AS3462.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.34.0.0/15
1.160.0.0/12
36.224.0.0/12
43.255.92.0/22
59.112.0.0/12
60.248.0.0/14
61.216.0.0-61.231.255.255
103.25.236.0/22
111.240.0.0/12
114.24.0.0/14
114.30.44.0/24
114.32.0.0/12
118.160.0.0-118.171.255.255
122.116.0.0-122.118.255.255
122.120.0.0/13
125.224.0.0-125.233.255.255
202.39.0.0-202.39.95.255
202.39.128.0/17
203.66.0.0/16
203.69.0.0/16
203.74.0.0/15
203.160.242.0/24
203.160.253.0/24
210.59.128.0/17
210.61.0.0/16
210.62.248.0/21
210.65.0.0/16
210.71.128.0/17
210.241.224.0-210.242.255.255
211.20.0.0/14
211.72.0.0/16
211.75.0.0/16
218.160.0.0/12
220.128.0.0/12
221.120.21.0/24
221.120.25.0/24
IPv6:
2001:b000::/21
Signature Algorithm: sha256WithRSAEncryption
43:92:be:49:2f:c1:cd:34:ec:bd:fb:52:f1:e4:85:ec:19:86:
7e:cc:b8:c0:f7:e2:a0:39:10:e4:d5:b3:7f:14:61:38:ad:b6:
a7:13:80:72:ec:3b:31:45:94:cb:bd:66:ac:c6:da:cc:db:77:
5e:80:54:a9:f8:31:52:99:74:0a:b8:f2:8c:f4:41:fb:7f:02:
63:dc:31:75:9c:c6:3c:f2:d0:2c:cc:5d:72:4d:0a:b0:a7:24:
df:16:cd:37:da:4a:e6:c3:0a:77:de:ee:46:7d:55:2d:13:5b:
76:a6:25:0d:55:e5:54:f3:de:9c:75:30:d5:00:ce:23:27:74:
76:4f:6d:75:72:ed:28:2c:66:79:fc:8e:7e:bc:f3:37:fd:37:
0e:c2:4c:38:bc:cb:3f:f6:92:14:2b:1b:0d:0d:94:c6:56:b1:
f0:4f:2a:e7:d1:ff:70:38:3d:53:3b:e1:4e:90:bb:0e:01:40:
33:9b:e4:a0:c0:d7:b2:59:05:67:1d:e0:7b:c7:5a:7d:9f:65:
1f:a6:29:da:44:fb:a1:d3:de:8f:85:29:8c:56:10:df:68:72:
f8:44:e2:d5:be:f9:a3:48:43:08:96:e3:6d:9b:5d:f2:47:9c:
f2:41:0e:61:02:dd:cf:ee:b9:2e:84:cd:c9:86:b5:37:73:5e:
ed:da:23:3c
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIUdJEnXSpIvvmv2H7D6HjI0mNr0kMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjI3NkFGNUFFRkIyMTY1MzRENzY4MDNBNDVENjdDQURD
MjM0NDdCRDAeFw0yNjA1MTIwMTIzMjdaFw0yNzA1MTEwMTI4MjdaMDMxMTAvBgNV
BAMTKDU2MEU0MUY4MUQ5QjAzRjkyRTEwN0VEOUJBRENEOUE4QjRFNjBFNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEtY2UEKOtpiHYrr7wwddDmq1c
WtB5Zj2sWwUuk5h0NK95ogp2yOADQM7egU7xnCbbxUKjmg1GOF07TfTK2MX6fBUC
kvx7vAhxtR5ue2dTEYfEHU1+KJjuhl83tEnF+F60vbIfpYC65T/JeJgYVGf6g3su
J6/c4HERDIwC8sjbOtdclue9Wgaf/VL4+h+KONQ3Xj21muvkbx/JmJCUspz9+H/Z
37krgMyF1ejnK/wKqliAev0QMrRwpZIUITAK1VK5bFdfzJddoo80dU6CgTRKmGJ7
UQcFfAhCo7SkZix4EIfeV7Repr61LfTxyIaI/FjADCT4t4ElUxnnW4HFHNtDAgMB
AAGjggKsMIICqDAdBgNVHQ4EFgQUVg5B+B2bA/kuEH7ZutzZqLTmDkMwHwYDVR0j
BBgwFoAUYnavWu+yFlNNdoA6RdZ8rcI0R70wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSElORVQv
MC82Mjc2QUY1QUVGQjIxNjUzNEQ3NjgwM0E0NUQ2N0NBREMyMzQ0N0JELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzYyNzZBRjVBRUZCMjE2NTM0RDc2ODAzQTQ1RDY3
Q0FEQzIzNDQ3QkQuY2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ISU5FVC8wL0FTMzQ2Mi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjCCARgGCCsGAQUFBwEHAQH/BIIBBzCCAQMw
gfIEAgABMIHrAwMBASIDAwQBoAMDBCTgAwQCK/9cAwMEO3ADAwI8+DAKAwMDPdgD
AwM94AMEAmcZ7AMDBG/wAwMCchgDBAByHiwDAwRyIDAKAwMFdqADAwJ2qDAKAwMC
enQDAwB6dgMDA3p4MAoDAwV94AMDAX3oMAsDAwDKJwMEBconQAMEB8ongAMDAMtC
AwMAy0UDAwHLSgMEAMug8gMEAMug/QMEB9I7gAMDANI9AwQD0j74AwMA0kEDBAfS
R4AwCwMEBdLx4AMDANLyAwMC0xQDAwDTSAMDANNLAwME2qADAwTcgAMEAN14FQME
AN14GTAMBAIAAjAGAwQDIAGwMA0GCSqGSIb3DQEBCwUAA4IBAQBDkr5JL8HNNOy9
+1Lx5IXsGYZ+zLjA9+KgORDk1bN/FGE4rbanE4By7DsxRZTLvWasxtrM23degFSp
+DFSmXQKuPKM9EH7fwJj3DF1nMY88tAszF1yTQqwpyTfFs032krmwwp33u5GfVUt
E1t2piUNVeVU896cdTDVAM4jJ3R2T211cu0oLGZ5/I5+vPM3/TcOwkw4vMs/9pIU
KxsNDZTGVrHwTyrn0f9wOD1TO+FOkLsOAUAzm+SgwNeyWQVnHeB7x1p9n2Ufpina
RPuh096PhSmMVhDfaHL4ROLVvvmjSEMIluNtm13yR5zyQQ5hAt3P7rkuhM3JhrU3
c17t2iM8
-----END CERTIFICATE-----
Generated at Tue May 12 22:53:32 2026 by rpki-client