Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/HST/0/3230322e3132332e3132342e302f32332d3234203d3e20313331363636.roa
File: 3230322e3132332e3132342e302f32332d3234203d3e20313331363636.roa (raw, json)
Hash identifier: G254ASDsdEOL8B4Bo3zdknO7xdbQNcKopBri7j6oisI=
Subject key identifier: 0B:7C:27:27:00:00:63:FA:3A:3B:C4:D8:01:D0:5C:F0:2D:27:53:ED
Certificate issuer: /CN=E87D26C09449CEB4EE5FD7CC200B073CA53BCA44
Certificate serial: 609D23052E0A33D52F78F8E311DB4E5C945262CA
Authority key identifier: E8:7D:26:C0:94:49:CE:B4:EE:5F:D7:CC:20:0B:07:3C:A5:3B:CA:44
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/E87D26C09449CEB4EE5FD7CC200B073CA53BCA44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/HST/0/3230322e3132332e3132342e302f32332d3234203d3e20313331363636.roa
Signing time: Mon 11 May 2026 17:56:37 +0000
ROA not before: Mon 11 May 2026 17:51:37 +0000
ROA not after: Mon 10 May 2027 17:56:37 +0000
asID: 131666
IP address blocks: 202.123.124.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9d:23:05:2e:0a:33:d5:2f:78:f8:e3:11:db:4e:5c:94:52:62:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E87D26C09449CEB4EE5FD7CC200B073CA53BCA44
Validity
Not Before: May 11 17:51:37 2026 GMT
Not After : May 10 17:56:37 2027 GMT
Subject: CN=0B7C2727000063FA3A3BC4D801D05CF02D2753ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:d3:2b:68:c7:ab:63:8f:c4:0b:27:63:5b:
35:ea:1a:69:83:47:2a:01:da:4f:dc:3b:0a:97:f9:
d0:a6:05:a0:77:82:2e:c6:dd:b1:14:d8:b7:72:c4:
dd:96:b8:27:1a:64:6f:29:b8:21:e4:bb:36:51:a9:
ca:31:73:d6:b6:cf:23:28:31:d7:61:47:c7:ed:02:
16:92:55:6e:6e:0a:3a:73:56:db:09:62:13:0c:1f:
b7:0b:91:41:09:83:8c:73:8d:97:ef:2d:6b:86:fa:
cf:30:a3:7e:74:9a:f9:90:de:33:b8:f0:20:6c:3b:
e3:9b:98:fc:b1:f0:62:8c:3e:ab:88:c3:b1:91:37:
2d:6a:59:25:9e:83:03:67:9c:11:bc:d5:fe:47:aa:
71:15:53:96:d9:d1:b2:88:49:81:9f:74:d2:b6:94:
01:29:f7:59:07:5f:1d:5c:c3:5b:78:ee:94:7a:a5:
6e:b1:43:1b:54:1b:5c:27:ee:3a:86:6a:e5:9f:e1:
8a:54:35:aa:22:42:a0:03:b7:8c:0c:15:ad:a1:c5:
e8:c8:4c:9e:c7:6c:23:01:8c:b8:65:3b:40:6d:bb:
e9:69:89:b7:71:c1:70:5a:d8:35:1e:2c:ba:15:e1:
a3:96:8f:9b:2c:15:3b:b4:03:7b:d5:4d:e2:7b:56:
35:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7C:27:27:00:00:63:FA:3A:3B:C4:D8:01:D0:5C:F0:2D:27:53:ED
X509v3 Authority Key Identifier:
keyid:E8:7D:26:C0:94:49:CE:B4:EE:5F:D7:CC:20:0B:07:3C:A5:3B:CA:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/HST/0/E87D26C09449CEB4EE5FD7CC200B073CA53BCA44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/E87D26C09449CEB4EE5FD7CC200B073CA53BCA44.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HST/0/3230322e3132332e3132342e302f32332d3234203d3e20313331363636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.123.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:bd:a6:8c:8c:ac:b9:f6:42:89:29:b5:f1:3e:b9:e7:67:04:
bd:8b:c0:93:8b:6c:97:34:05:d2:22:2f:1e:92:ba:21:c7:1e:
59:a3:57:67:88:49:3a:7c:44:11:78:b5:66:41:f7:10:26:b4:
f4:9f:0c:1a:08:8a:83:cc:61:d3:26:2c:fb:90:86:ac:f0:9e:
b1:83:76:23:b5:de:12:0f:ef:d1:5a:19:b1:11:f4:20:82:f4:
47:38:24:3a:4b:f6:b0:c8:36:30:29:a8:cc:5c:a4:06:61:f4:
b2:7d:3b:0c:ca:d4:47:6b:89:7f:97:f8:9c:1b:0b:22:c9:49:
38:19:24:b3:41:cf:fd:24:3b:21:fc:bb:87:0e:13:ca:bb:ea:
ef:78:60:f8:bd:6d:1e:d7:b1:42:d2:25:2d:de:d7:b5:0f:23:
83:d4:39:49:80:92:45:db:84:0a:4c:78:03:64:51:71:44:a3:
41:5c:fa:23:c1:98:65:e3:8d:c7:cf:4c:96:8a:5f:8f:0c:1f:
17:7b:bc:a1:3a:9d:44:29:8f:86:fb:80:a1:9e:14:4d:05:00:
cf:51:9d:63:58:c6:37:5c:f7:7c:93:c3:9d:27:d9:2e:fe:71:
52:cc:9b:86:7e:5d:a5:69:d8:d7:7c:54:02:7a:9e:33:9e:5f:
a6:a4:43:86
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUYJ0jBS4KM9UvePjjEdtOXJRSYsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTg3RDI2QzA5NDQ5Q0VCNEVFNUZEN0NDMjAwQjA3M0NB
NTNCQ0E0NDAeFw0yNjA1MTExNzUxMzdaFw0yNzA1MTAxNzU2MzdaMDMxMTAvBgNV
BAMTKDBCN0MyNzI3MDAwMDYzRkEzQTNCQzREODAxRDA1Q0YwMkQyNzUzRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ONMraMerY4/ECydjWzXqGmmD
RyoB2k/cOwqX+dCmBaB3gi7G3bEU2LdyxN2WuCcaZG8puCHkuzZRqcoxc9a2zyMo
MddhR8ftAhaSVW5uCjpzVtsJYhMMH7cLkUEJg4xzjZfvLWuG+s8wo350mvmQ3jO4
8CBsO+ObmPyx8GKMPquIw7GRNy1qWSWegwNnnBG81f5HqnEVU5bZ0bKISYGfdNK2
lAEp91kHXx1cw1t47pR6pW6xQxtUG1wn7jqGauWf4YpUNaoiQqADt4wMFa2hxejI
TJ7HbCMBjLhlO0Btu+lpibdxwXBa2DUeLLoV4aOWj5ssFTu0A3vVTeJ7VjWfAgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUC3wnJwAAY/o6O8TYAdBc8C0nU+0wHwYDVR0j
BBgwFoAU6H0mwJRJzrTuX9fMIAsHPKU7ykQwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSFNULzAv
RTg3RDI2QzA5NDQ5Q0VCNEVFNUZEN0NDMjAwQjA3M0NBNTNCQ0E0NC5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS9FODdEMjZDMDk0NDlDRUI0RUU1RkQ3Q0MyMDBCMDcz
Q0E1M0JDQTQ0LmNlcjB9BggrBgEFBQcBCwRxMG8wbQYIKwYBBQUHMAuGYXJzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSFNULzAvMzIzMDMyMmUzMTMyMzMyZTMx
MzIzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzMzMTM2MzYzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAcp7fDANBgkqhkiG9w0BAQsFAAOCAQEAXL2mjIysufZCiSm18T6552cEvYvA
k4tslzQF0iIvHpK6IcceWaNXZ4hJOnxEEXi1ZkH3ECa09J8MGgiKg8xh0yYs+5CG
rPCesYN2I7XeEg/v0VoZsRH0IIL0RzgkOkv2sMg2MCmozFykBmH0sn07DMrUR2uJ
f5f4nBsLIslJOBkks0HP/SQ7Ify7hw4Tyrvq73hg+L1tHtexQtIlLd7XtQ8jg9Q5
SYCSRduECkx4A2RRcUSjQVz6I8GYZeONx89MlopfjwwfF3u8oTqdRCmPhvuAoZ4U
TQUAz1GdY1jGN1z3fJPDnSfZLv5xUsybhn5dpWnY13xUAnqeM55fpqRDhg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:20:58 2026 by rpki-client