Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130362e302f32332d3233203d3e2033343632.roa
File: 3135372e32302e3130362e302f32332d3233203d3e2033343632.roa (raw, json)
Hash identifier: U1maVebHqNxJOM61IipjwHfKGQHfW803fIcL92PP6U4=
Subject key identifier: 9A:EB:B9:8A:59:09:CC:88:82:CB:C5:74:17:76:A3:40:A8:5A:47:81
Certificate issuer: /CN=F4194E27E15A4F76E006403795143D4EFDCF022E
Certificate serial: 6DCD1B697E5E4E6AB61960C3BA8074D985FBD28B
Authority key identifier: F4:19:4E:27:E1:5A:4F:76:E0:06:40:37:95:14:3D:4E:FD:CF:02:2E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/F4194E27E15A4F76E006403795143D4EFDCF022E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130362e302f32332d3233203d3e2033343632.roa
Signing time: Mon 11 May 2026 17:36:29 +0000
ROA not before: Mon 11 May 2026 17:31:29 +0000
ROA not after: Mon 10 May 2027 17:36:29 +0000
asID: 3462
IP address blocks: 157.20.106.0/23 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:cd:1b:69:7e:5e:4e:6a:b6:19:60:c3:ba:80:74:d9:85:fb:d2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F4194E27E15A4F76E006403795143D4EFDCF022E
Validity
Not Before: May 11 17:31:29 2026 GMT
Not After : May 10 17:36:29 2027 GMT
Subject: CN=9AEBB98A5909CC8882CBC5741776A340A85A4781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:79:f2:77:0a:ad:96:d7:ed:94:17:67:10:b6:
c6:5a:14:cd:31:1b:90:ef:4f:20:c6:16:59:15:6f:
ed:7e:6d:ca:d2:f8:35:f6:37:45:88:74:ee:01:30:
1b:c7:11:25:16:1f:f1:1e:9d:1a:c5:dc:85:2e:8f:
8d:c1:ff:96:fb:b0:42:7a:a4:0c:4d:50:35:d5:cc:
fb:14:4e:bd:d3:8a:47:88:32:32:8a:23:d8:c4:e7:
a5:ca:9c:50:31:03:ac:7d:f9:81:2a:a9:65:7a:03:
34:5c:91:cc:a4:a9:f2:41:2b:bb:58:d3:f8:a1:9c:
c0:76:03:a7:00:52:49:c2:f3:23:9a:ad:31:02:42:
27:40:4c:44:de:db:b0:67:e3:45:b9:26:ef:30:7b:
2a:1b:c2:e4:da:2c:26:f3:f2:78:a2:3b:a2:5a:99:
a3:08:7a:59:57:eb:bc:07:a0:de:05:91:41:dc:92:
a1:b6:28:39:b3:f6:e9:b5:d4:87:a0:16:10:3f:f1:
8b:4f:e2:22:ad:84:e7:e5:cf:13:d7:7b:1c:b1:6c:
fd:11:62:f3:9f:46:dc:15:5a:f8:6b:77:9d:52:88:
1e:8b:75:79:99:d2:9b:c6:a9:c7:c1:93:bf:c2:06:
58:2e:47:c2:f4:68:e1:32:51:41:ef:d3:51:62:4f:
20:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EB:B9:8A:59:09:CC:88:82:CB:C5:74:17:76:A3:40:A8:5A:47:81
X509v3 Authority Key Identifier:
keyid:F4:19:4E:27:E1:5A:4F:76:E0:06:40:37:95:14:3D:4E:FD:CF:02:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/NCCC/1/F4194E27E15A4F76E006403795143D4EFDCF022E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/F4194E27E15A4F76E006403795143D4EFDCF022E.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130362e302f32332d3233203d3e2033343632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/23
Signature Algorithm: sha256WithRSAEncryption
79:3e:8e:de:59:67:76:aa:18:45:10:90:a3:b3:0a:c0:21:8e:
ca:f6:72:cb:05:16:11:c1:93:10:58:81:8d:8f:d7:55:e5:9e:
b1:ee:c8:36:65:01:52:18:2d:49:77:4e:3a:39:62:7f:ad:87:
94:c0:cf:61:5e:3c:57:fc:3f:cf:78:da:5d:fd:85:d6:fe:0f:
e5:ae:97:74:76:f8:24:bf:4f:d6:3a:65:52:d8:e9:5d:49:16:
4f:57:25:fb:ef:cb:0f:9a:8e:0a:bc:04:0a:51:1e:39:a9:c9:
f1:29:c9:eb:bd:12:ca:54:5a:ed:1d:80:d6:b0:63:b8:62:1b:
16:81:e2:5a:7b:9d:f5:0a:32:a4:24:a3:b8:66:9b:6f:56:d2:
9a:2c:e6:88:78:ad:84:37:dd:f8:ca:ca:55:20:3d:93:06:fb:
b6:86:69:bc:14:a8:66:28:e1:bf:3c:6a:98:6e:f7:88:c5:32:
94:6c:ce:70:fd:37:7d:45:22:fb:74:a3:2e:65:a1:a8:4d:60:
eb:3e:fb:6d:05:dd:2d:17:f5:df:fd:a8:dd:cd:58:47:ae:86:
c9:f2:43:51:81:55:b6:65:61:f5:c4:0b:63:a8:ef:62:6a:75:
ae:ad:6c:d0:1a:5d:92:9b:3d:36:1d:c6:4f:d0:e4:ef:21:88:
91:8b:48:5c
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIUbc0baX5eTmq2GWDDuoB02YX70oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjQxOTRFMjdFMTVBNEY3NkUwMDY0MDM3OTUxNDNENEVG
RENGMDIyRTAeFw0yNjA1MTExNzMxMjlaFw0yNzA1MTAxNzM2MjlaMDMxMTAvBgNV
BAMTKDlBRUJCOThBNTkwOUNDODg4MkNCQzU3NDE3NzZBMzQwQTg1QTQ3ODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUefJ3Cq2W1+2UF2cQtsZaFM0x
G5DvTyDGFlkVb+1+bcrS+DX2N0WIdO4BMBvHESUWH/EenRrF3IUuj43B/5b7sEJ6
pAxNUDXVzPsUTr3TikeIMjKKI9jE56XKnFAxA6x9+YEqqWV6AzRckcykqfJBK7tY
0/ihnMB2A6cAUknC8yOarTECQidATETe27Bn40W5Ju8weyobwuTaLCbz8niiO6Ja
maMIellX67wHoN4FkUHckqG2KDmz9um11IegFhA/8YtP4iKthOflzxPXexyxbP0R
YvOfRtwVWvhrd51SiB6LdXmZ0pvGqcfBk7/CBlguR8L0aOEyUUHv01FiTyB9AgMB
AAGjggHdMIIB2TAdBgNVHQ4EFgQUmuu5ilkJzIiCy8V0F3ajQKhaR4EwHwYDVR0j
BBgwFoAU9BlOJ+FaT3bgBkA3lRQ9Tv3PAi4wDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNDQy8x
L0Y0MTk0RTI3RTE1QTRGNzZFMDA2NDAzNzk1MTQzRDRFRkRDRjAyMkUuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzAvRjQxOTRFMjdFMTVBNEY3NkUwMDY0MDM3OTUxNDNE
NEVGRENGMDIyRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DQ0MvMS8zMTM1MzcyZTMyMzAyZTMx
MzAzNjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMzMzQzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
nRRqMA0GCSqGSIb3DQEBCwUAA4IBAQB5Po7eWWd2qhhFEJCjswrAIY7K9nLLBRYR
wZMQWIGNj9dV5Z6x7sg2ZQFSGC1Jd046OWJ/rYeUwM9hXjxX/D/PeNpd/YXW/g/l
rpd0dvgkv0/WOmVS2OldSRZPVyX778sPmo4KvAQKUR45qcnxKcnrvRLKVFrtHYDW
sGO4YhsWgeJae531CjKkJKO4ZptvVtKaLOaIeK2EN934yspVID2TBvu2hmm8FKhm
KOG/PGqYbveIxTKUbM5w/Td9RSL7dKMuZaGoTWDrPvttBd0tF/Xf/ajdzVhHrobJ
8kNRgVW2ZWH1xAtjqO9ianWurWzQGl2Smz02HcZP0OTvIYiRi0hc
-----END CERTIFICATE-----
Generated at Tue May 12 22:13:30 2026 by rpki-client