Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS131627.roa
File: AS131627.roa (raw, json)
Hash identifier: mlbdIRqRf55MypXj2cJGVvp1JuSSUEhhghB7KrhM6cs=
Subject key identifier: ED:17:CB:5E:49:B1:8D:E5:00:4F:1B:ED:21:31:26:B6:0B:82:04:33
Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB
Certificate serial: 1AEE35F48ADFEDC2E86830F15E4B191B8DD81175
Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131627.roa
Signing time: Tue 12 May 2026 01:49:05 +0000
ROA not before: Tue 12 May 2026 01:44:05 +0000
ROA not after: Tue 11 May 2027 01:49:05 +0000
asID: 131627
IP address blocks: 45.64.228.0/22 maxlen: 24
60.245.96.0/20 maxlen: 24
60.245.112.0/21 maxlen: 24
61.61.69.0/24 maxlen: 24
61.61.70.0/23 maxlen: 24
61.61.70.0/24 maxlen: 24
61.61.144.0/21 maxlen: 24
61.61.168.0/21 maxlen: 24
103.234.40.0/22 maxlen: 24
106.105.0.0/20 maxlen: 24
106.105.96.0/19 maxlen: 24
106.105.96.0/21 maxlen: 24
106.105.104.0/22 maxlen: 24
106.105.108.0/23 maxlen: 24
106.105.164.0/22 maxlen: 24
106.105.249.0/24 maxlen: 24
106.105.250.0/23 maxlen: 24
106.105.252.0/22 maxlen: 24
122.147.16.0/21 maxlen: 24
218.210.32.0/20 maxlen: 24
218.210.116.0/23 maxlen: 24
218.210.118.0/23 maxlen: 24
220.229.65.0/24 maxlen: 24
220.229.66.0/23 maxlen: 24
220.229.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl
rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ee:35:f4:8a:df:ed:c2:e8:68:30:f1:5e:4b:19:1b:8d:d8:11:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB
Validity
Not Before: May 12 01:44:05 2026 GMT
Not After : May 11 01:49:05 2027 GMT
Subject: CN=ED17CB5E49B18DE5004F1BED213126B60B820433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:40:6d:3e:26:75:90:c4:c6:5c:20:cc:89:
e1:1e:c2:37:20:f2:ed:7b:08:a5:11:be:f2:1d:78:
a3:88:6f:97:59:cb:76:48:0e:9d:5e:0b:a1:2a:17:
a5:14:de:81:c3:56:49:20:30:bd:8f:ed:9c:e6:99:
8d:c7:a5:6d:e5:0f:d9:68:e5:d5:98:e7:fc:4a:d0:
c4:02:6d:46:82:4a:47:34:48:e3:a7:a3:a2:b4:1a:
15:81:b3:f6:be:c7:25:1a:d0:68:85:fa:5f:45:75:
d1:9d:94:10:e4:38:1b:c7:e3:d8:ba:d0:d4:6b:16:
39:5b:ab:85:38:fd:65:92:a9:c1:4c:f9:f3:82:6f:
c4:52:cc:44:17:c1:59:c6:92:5d:73:bb:27:98:dc:
c3:ba:cf:32:c6:17:e5:92:a5:22:d3:06:54:89:17:
b5:d7:c9:bb:db:6f:20:5b:d5:f9:66:0e:5c:59:87:
76:15:e7:d3:0f:e0:c1:f0:de:28:72:20:d7:99:e8:
0a:73:42:08:bc:66:36:22:e7:10:33:57:04:50:f6:
8d:f2:70:2f:e4:71:89:c8:16:7f:a7:31:3e:37:4f:
0d:5a:ac:2a:d6:69:8d:49:7e:21:c5:a8:b4:c8:dc:
33:71:ba:bf:56:6a:88:7a:71:78:1f:56:0b:9b:e2:
74:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:17:CB:5E:49:B1:8D:E5:00:4F:1B:ED:21:31:26:B6:0B:82:04:33
X509v3 Authority Key Identifier:
keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131627.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.64.228.0/22
60.245.96.0-60.245.119.255
61.61.69.0-61.61.71.255
61.61.144.0/21
61.61.168.0/21
103.234.40.0/22
106.105.0.0/20
106.105.96.0/19
106.105.164.0/22
106.105.249.0-106.105.255.255
122.147.16.0/21
218.210.32.0/20
218.210.116.0/22
220.229.65.0-220.229.71.255
Signature Algorithm: sha256WithRSAEncryption
26:f3:e7:ba:6a:72:ca:47:5d:96:38:90:ba:bd:f9:34:23:7d:
af:74:8e:60:2c:25:18:8d:3e:82:7e:00:8c:d5:0f:5f:52:3f:
98:b6:de:72:0c:0a:a4:fe:e0:b6:3a:0d:8c:a8:ff:cc:c3:1e:
a4:01:c4:56:fb:40:9c:88:81:1f:b6:be:27:32:22:0a:46:67:
62:5d:55:5c:9b:c6:5f:36:29:fd:af:32:a5:ff:5a:ce:90:41:
e1:f6:1f:6b:10:e1:3b:e6:15:58:4d:84:a2:80:13:18:47:01:
96:3d:f5:37:3e:c3:b3:8f:b4:be:90:fc:4c:51:e3:b3:b8:c0:
88:6e:20:a7:af:b3:43:54:77:f3:cd:a1:13:f9:5f:b9:e6:9f:
39:3a:00:b4:9c:a6:31:82:14:c6:32:41:78:96:4e:2d:18:ac:
19:99:df:4a:06:9d:3e:a1:b2:aa:b6:72:0c:fd:31:6e:c6:63:
78:d6:08:04:a4:38:34:41:85:c7:e8:eb:a7:15:ec:9f:88:25:
08:e9:b4:34:34:6d:58:df:36:69:62:3a:41:4c:f4:90:c0:b3:
76:73:02:de:02:16:58:02:4a:73:e2:00:70:19:fe:27:4d:76:
49:17:7b:5c:e8:c6:95:48:87:3d:ee:e7:8a:72:e7:e7:33:e3:
db:5e:74:c5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIUGu419Irf7cLoaDDxXksZG43YEXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC
NDc0RTdGQjAeFw0yNjA1MTIwMTQ0MDVaFw0yNzA1MTEwMTQ5MDVaMDMxMTAvBgNV
BAMTKEVEMTdDQjVFNDlCMThERTUwMDRGMUJFRDIxMzEyNkI2MEI4MjA0MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmdEBtPiZ1kMTGXCDMieEewjcg
8u17CKURvvIdeKOIb5dZy3ZIDp1eC6EqF6UU3oHDVkkgML2P7ZzmmY3HpW3lD9lo
5dWY5/xK0MQCbUaCSkc0SOOno6K0GhWBs/a+xyUa0GiF+l9FddGdlBDkOBvH49i6
0NRrFjlbq4U4/WWSqcFM+fOCb8RSzEQXwVnGkl1zuyeY3MO6zzLGF+WSpSLTBlSJ
F7XXybvbbyBb1flmDlxZh3YV59MP4MHw3ihyINeZ6ApzQgi8ZjYi5xAzVwRQ9o3y
cC/kcYnIFn+nMT43Tw1arCrWaY1JfiHFqLTI3DNxur9Waoh6cXgfVgub4nQfAgMB
AAGjggIfMIICGzAdBgNVHQ4EFgQU7RfLXkmxjeUATxvtITEmtguCBDMwHwYDVR0j
BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w
L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC
MkNCNDc0RTdGQi5jZXIwTAYIKwYBBQUHAQsEQDA+MDwGCCsGAQUFBzALhjByc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzEzMTYyNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBjAYIKwYBBQUHAQcBAf8EfTB7MHkEAgAB
MHMDBAItQOQwDAMEBTz1YAMEAzz1cDAMAwQAPT1FAwQDPT1AAwQDPT2QAwQDPT2o
AwQCZ+ooAwQEamkAAwQFamlgAwQCammkMAsDBABqafkDAwFqaAMEA3qTEAMEBNrS
IAMEAtrSdDAMAwQA3OVBAwQD3OVAMA0GCSqGSIb3DQEBCwUAA4IBAQAm8+e6anLK
R12WOJC6vfk0I32vdI5gLCUYjT6CfgCM1Q9fUj+Ytt5yDAqk/uC2Og2MqP/Mwx6k
AcRW+0CciIEftr4nMiIKRmdiXVVcm8ZfNin9rzKl/1rOkEHh9h9rEOE75hVYTYSi
gBMYRwGWPfU3PsOzj7S+kPxMUeOzuMCIbiCnr7NDVHfzzaET+V+55p85OgC0nKYx
ghTGMkF4lk4tGKwZmd9KBp0+obKqtnIM/TFuxmN41ggEpDg0QYXH6OunFeyfiCUI
6bQ0NG1Y3zZpYjpBTPSQwLN2cwLeAhZYAkpz4gBwGf4nTXZJF3tc6MaVSIc97ueK
cufnM+PbXnTF
-----END CERTIFICATE-----
Generated at Tue May 12 22:53:28 2026 by rpki-client