Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130372e302f32342d3234203d3e203139353531.roa
File: 3135372e32302e3130372e302f32342d3234203d3e203139353531.roa (raw, json)
Hash identifier: h885eOx61p3k8wuxUDF9SUB/ZPMTr8/gQVLItFXI4rM=
Subject key identifier: 5B:DF:22:F1:0B:5F:9B:84:80:80:D5:8E:53:F6:93:AE:F4:07:EB:B1
Certificate issuer: /CN=F4194E27E15A4F76E006403795143D4EFDCF022E
Certificate serial: 7B7EAFC0477F300CA8914CCFFD6C7891CC09D138
Authority key identifier: F4:19:4E:27:E1:5A:4F:76:E0:06:40:37:95:14:3D:4E:FD:CF:02:2E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0/F4194E27E15A4F76E006403795143D4EFDCF022E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130372e302f32342d3234203d3e203139353531.roa
Signing time: Mon 11 May 2026 17:36:28 +0000
ROA not before: Mon 11 May 2026 17:31:28 +0000
ROA not after: Mon 10 May 2027 17:36:28 +0000
asID: 19551
IP address blocks: 157.20.107.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:7e:af:c0:47:7f:30:0c:a8:91:4c:cf:fd:6c:78:91:cc:09:d1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F4194E27E15A4F76E006403795143D4EFDCF022E
Validity
Not Before: May 11 17:31:28 2026 GMT
Not After : May 10 17:36:28 2027 GMT
Subject: CN=5BDF22F10B5F9B848080D58E53F693AEF407EBB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d4:35:ff:f1:26:9a:19:8b:02:d3:2c:a8:58:
d1:a5:5d:70:18:87:c6:41:14:e9:6e:99:3c:80:6f:
6b:f7:d8:fc:ff:bb:51:bc:3e:7e:ce:20:bd:5d:ce:
82:44:88:7e:d0:98:02:2f:bc:72:dc:a9:b4:f8:0f:
4b:a8:57:72:42:6c:47:72:f2:fd:05:86:69:c5:57:
f1:a4:e2:46:25:bd:2d:32:ab:06:9e:35:2e:aa:35:
a2:fd:8c:67:3f:00:96:6a:8c:9c:4b:9e:8c:46:64:
1d:75:aa:ea:59:a5:21:00:5e:a1:bf:80:d0:86:69:
1b:99:53:a5:56:5a:cb:e8:a5:f0:cc:e7:b2:fa:c8:
f6:40:b2:87:93:af:30:b1:ab:11:cd:6b:a3:f4:56:
d7:b2:42:d0:82:ee:5e:ad:0f:37:67:59:cf:f6:cc:
30:e3:5a:bd:73:ef:ff:d6:fd:63:31:77:98:c5:bc:
fe:1e:82:b6:62:e2:60:a1:ea:8d:e3:7e:bd:64:06:
15:54:e4:d9:6a:ec:a5:7d:24:7a:4d:3e:54:37:46:
28:dd:7c:0c:74:69:c8:38:f4:c4:9d:b4:1c:52:ef:
1b:f8:70:1c:5a:ef:4c:13:d1:d5:17:26:be:c0:4f:
1c:a1:59:0a:bd:44:68:15:4b:ea:6e:6d:d4:5c:1a:
19:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DF:22:F1:0B:5F:9B:84:80:80:D5:8E:53:F6:93:AE:F4:07:EB:B1
X509v3 Authority Key Identifier:
keyid:F4:19:4E:27:E1:5A:4F:76:E0:06:40:37:95:14:3D:4E:FD:CF:02:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/NCCC/1/F4194E27E15A4F76E006403795143D4EFDCF022E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0/F4194E27E15A4F76E006403795143D4EFDCF022E.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCCC/1/3135372e32302e3130372e302f32342d3234203d3e203139353531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.20.107.0/24
Signature Algorithm: sha256WithRSAEncryption
50:46:06:c0:01:cc:e5:8b:31:9b:78:30:89:b5:20:32:c9:45:
67:97:8b:c9:59:cd:02:2b:8e:fa:e5:35:73:a4:f9:8c:b8:0f:
ee:02:be:0b:d3:c7:d2:3f:85:23:24:af:80:97:6d:aa:2c:e5:
cf:64:62:80:51:22:28:e9:31:16:07:bd:fd:da:96:36:1f:22:
42:8b:6f:15:90:47:b3:ab:1f:e2:78:90:1f:78:9f:e5:af:15:
50:aa:38:85:ce:91:57:e3:25:b1:21:dc:51:57:4d:28:e7:b0:
d3:4c:62:43:e4:74:a1:41:61:a6:7b:07:b5:41:b9:7a:63:10:
63:89:2d:83:21:6a:8d:2b:5c:a3:9c:3f:93:65:ee:0d:7d:a3:
85:63:27:14:80:0c:65:45:a6:2d:5d:d5:5d:68:e9:6c:4f:bd:
7a:01:2d:68:92:c8:d4:de:52:d0:60:16:99:c1:d2:8a:5e:f3:
38:a3:29:56:d1:39:a1:ff:b9:a6:51:7d:74:1b:2f:06:b2:14:
1d:a0:f6:5f:b2:3a:f6:8b:50:c6:de:4b:5b:7d:c7:dd:8a:fd:
ee:d8:04:34:76:a0:75:0e:8a:cb:e1:3c:a1:c0:07:cf:81:7f:
7f:ce:57:7a:cc:3e:57:cb:c5:51:ff:32:1f:d4:db:44:e1:e0:
60:ee:92:09
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUe36vwEd/MAyokUzP/Wx4kcwJ0TgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjQxOTRFMjdFMTVBNEY3NkUwMDY0MDM3OTUxNDNENEVG
RENGMDIyRTAeFw0yNjA1MTExNzMxMjhaFw0yNzA1MTAxNzM2MjhaMDMxMTAvBgNV
BAMTKDVCREYyMkYxMEI1RjlCODQ4MDgwRDU4RTUzRjY5M0FFRjQwN0VCQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL1DX/8SaaGYsC0yyoWNGlXXAY
h8ZBFOlumTyAb2v32Pz/u1G8Pn7OIL1dzoJEiH7QmAIvvHLcqbT4D0uoV3JCbEdy
8v0FhmnFV/Gk4kYlvS0yqwaeNS6qNaL9jGc/AJZqjJxLnoxGZB11qupZpSEAXqG/
gNCGaRuZU6VWWsvopfDM57L6yPZAsoeTrzCxqxHNa6P0VteyQtCC7l6tDzdnWc/2
zDDjWr1z7//W/WMxd5jFvP4egrZi4mCh6o3jfr1kBhVU5Nlq7KV9JHpNPlQ3Rijd
fAx0acg49MSdtBxS7xv4cBxa70wT0dUXJr7ATxyhWQq9RGgVS+pubdRcGhmHAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUW98i8Qtfm4SAgNWOU/aTrvQH67EwHwYDVR0j
BBgwFoAU9BlOJ+FaT3bgBkA3lRQ9Tv3PAi4wDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNDQy8x
L0Y0MTk0RTI3RTE1QTRGNzZFMDA2NDAzNzk1MTQzRDRFRkRDRjAyMkUuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzAvRjQxOTRFMjdFMTVBNEY3NkUwMDY0MDM3OTUxNDNE
NEVGRENGMDIyRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DQ0MvMS8zMTM1MzcyZTMyMzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzNTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACdFGswDQYJKoZIhvcNAQELBQADggEBAFBGBsABzOWLMZt4MIm1IDLJRWeXi8lZ
zQIrjvrlNXOk+Yy4D+4CvgvTx9I/hSMkr4CXbaos5c9kYoBRIijpMRYHvf3aljYf
IkKLbxWQR7OrH+J4kB94n+WvFVCqOIXOkVfjJbEh3FFXTSjnsNNMYkPkdKFBYaZ7
B7VBuXpjEGOJLYMhao0rXKOcP5Nl7g19o4VjJxSADGVFpi1d1V1o6WxPvXoBLWiS
yNTeUtBgFpnB0ope8zijKVbROaH/uaZRfXQbLwayFB2g9l+yOvaLUMbeS1t9x92K
/e7YBDR2oHUOisvhPKHAB8+Bf3/OV3rMPlfLxVH/Mh/U20Th4GDukgk=
-----END CERTIFICATE-----
Generated at Tue May 12 22:20:17 2026 by rpki-client