Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS18049.roa
File: AS18049.roa (raw, json)
Hash identifier: CHLtc29780Zk5kFwqAQd4YWTHebbB+RFrMUGxKh+qnw=
Subject key identifier: F5:73:2B:BF:35:B4:35:B0:FB:A4:FF:39:9A:16:B6:7B:2D:5A:77:3A
Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB
Certificate serial: 79675073D33DC8B7853D86923EF5AAD90FFCAE4C
Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS18049.roa
Signing time: Tue 12 May 2026 01:49:08 +0000
ROA not before: Tue 12 May 2026 01:44:08 +0000
ROA not after: Tue 11 May 2027 01:49:08 +0000
asID: 18049
IP address blocks: 61.61.8.0/21 maxlen: 24
61.61.16.0/20 maxlen: 24
61.61.36.0/22 maxlen: 24
61.61.44.0/22 maxlen: 24
61.61.52.0/22 maxlen: 24
61.61.56.0/22 maxlen: 24
61.61.60.0/22 maxlen: 24
61.61.64.0/22 maxlen: 24
61.61.72.0/22 maxlen: 24
61.61.176.0/20 maxlen: 24
106.104.224.0/22 maxlen: 24
106.105.0.0/21 maxlen: 24
106.105.64.0/19 maxlen: 24
106.105.72.0/21 maxlen: 24
106.105.80.0/21 maxlen: 24
106.105.88.0/21 maxlen: 24
106.105.112.0/20 maxlen: 24
106.105.164.0/22 maxlen: 24
106.105.224.0/19 maxlen: 24
106.107.128.0/17 maxlen: 24
106.107.128.0/20 maxlen: 24
106.107.144.0/21 maxlen: 24
106.107.152.0/21 maxlen: 24
106.107.160.0/21 maxlen: 24
106.107.175.0/24 maxlen: 24
106.107.176.0/20 maxlen: 24
106.107.192.0/20 maxlen: 24
106.107.208.0/20 maxlen: 24
106.107.240.0/20 maxlen: 24
112.105.0.0/18 maxlen: 24
112.105.0.0/19 maxlen: 24
112.105.32.0/19 maxlen: 24
112.105.56.0/22 maxlen: 24
123.205.0.0/17 maxlen: 24
123.205.0.0/18 maxlen: 24
175.183.0.0/18 maxlen: 24
175.183.0.0/19 maxlen: 24
175.183.32.0/19 maxlen: 24
175.183.64.0/19 maxlen: 24
175.183.64.0/20 maxlen: 24
175.183.80.0/20 maxlen: 24
211.78.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl
rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:67:50:73:d3:3d:c8:b7:85:3d:86:92:3e:f5:aa:d9:0f:fc:ae:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB
Validity
Not Before: May 12 01:44:08 2026 GMT
Not After : May 11 01:49:08 2027 GMT
Subject: CN=F5732BBF35B435B0FBA4FF399A16B67B2D5A773A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:c8:06:1e:2a:d2:b7:31:83:c3:92:f1:21:
61:cd:da:f5:a6:7f:9e:a4:05:1a:a6:f7:78:1c:16:
4c:65:43:bd:b8:5a:da:e3:8a:33:86:19:93:1a:2e:
62:0d:6e:cf:ff:52:9f:de:f2:08:df:a1:4f:59:08:
f3:13:78:0a:1c:1a:9c:bd:1d:99:96:75:53:4f:76:
92:5c:84:ea:ea:39:4c:7c:bc:13:20:50:7b:c9:c0:
48:12:2b:fc:06:e1:a9:c0:ee:5c:6d:9a:9e:a4:8d:
5a:91:d3:5b:ec:01:90:96:1e:ff:0b:4e:20:24:48:
e0:f5:d3:12:8b:5b:d6:59:15:15:b9:66:51:f7:8f:
8a:70:8d:4f:ca:6e:1c:e4:03:c6:c6:7f:95:aa:4c:
f3:c6:f8:83:01:cb:3f:a9:42:5f:33:fa:b7:44:a2:
fa:04:e5:ee:67:2a:1d:04:f6:f7:26:01:77:52:92:
d1:1e:0f:59:17:4d:8d:20:73:cf:43:e8:19:2a:42:
45:92:08:81:3e:cf:c2:00:f2:ff:61:f4:13:12:89:
be:51:d0:0b:58:3d:e6:13:72:c6:7b:47:73:49:df:
48:a3:95:f8:ba:3f:ec:e5:89:16:e9:a8:a0:e7:90:
81:79:15:c9:aa:b9:fe:17:f0:c1:2d:02:5c:7e:d3:
e7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:73:2B:BF:35:B4:35:B0:FB:A4:FF:39:9A:16:B6:7B:2D:5A:77:3A
X509v3 Authority Key Identifier:
keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS18049.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
61.61.8.0-61.61.31.255
61.61.36.0/22
61.61.44.0/22
61.61.52.0-61.61.67.255
61.61.72.0/22
61.61.176.0/20
106.104.224.0/22
106.105.0.0/21
106.105.64.0/19
106.105.112.0/20
106.105.164.0/22
106.105.224.0/19
106.107.128.0/17
112.105.0.0/18
123.205.0.0/17
175.183.0.0-175.183.95.255
211.78.32.0/19
Signature Algorithm: sha256WithRSAEncryption
7c:4a:c6:8b:40:71:e2:ed:de:f2:df:61:4a:a3:fa:78:f5:5a:
28:4d:f5:49:a7:cf:b3:85:9f:bc:27:b8:86:8b:76:3f:72:4a:
a3:59:31:86:8c:5f:fb:8b:f7:5f:75:83:66:2d:a1:d8:0c:d2:
7b:f0:63:14:57:b2:6f:7c:dc:83:10:d9:38:b4:9a:01:53:c5:
4f:1f:b4:31:88:63:70:61:d8:7a:5a:b3:20:43:fd:77:d3:9f:
b1:58:ee:e6:c8:49:71:80:7e:b2:2f:2a:67:fe:ee:52:f2:51:
6b:52:a5:31:a3:fd:64:f3:8f:51:3f:75:1d:21:b2:80:ae:4f:
50:29:fc:c2:17:06:30:64:0e:e0:9b:5b:38:7f:cc:b2:ed:fa:
8f:65:87:c6:48:27:01:86:07:03:67:45:f9:ee:7d:da:42:8a:
ba:9e:d8:ff:aa:5f:dc:14:11:a4:bd:25:77:97:47:00:e9:29:
9b:39:55:68:f0:4b:2b:ee:93:80:38:bc:bf:a7:bb:41:54:0f:
98:c6:f9:69:54:7d:d0:66:a5:f9:85:06:d6:a7:2b:b7:91:0c:
a6:a6:14:d2:3c:e5:62:6f:5a:c9:cf:b4:01:0e:c8:53:cf:a0:
38:4d:09:9a:0b:8b:a6:c8:97:91:f2:c1:51:aa:3d:e3:d6:63:
6b:65:3d:5b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUeWdQc9M9yLeFPYaSPvWq2Q/8rkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC
NDc0RTdGQjAeFw0yNjA1MTIwMTQ0MDhaFw0yNzA1MTEwMTQ5MDhaMDMxMTAvBgNV
BAMTKEY1NzMyQkJGMzVCNDM1QjBGQkE0RkYzOTlBMTZCNjdCMkQ1QTc3M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmZcgGHirStzGDw5LxIWHN2vWm
f56kBRqm93gcFkxlQ724WtrjijOGGZMaLmINbs//Up/e8gjfoU9ZCPMTeAocGpy9
HZmWdVNPdpJchOrqOUx8vBMgUHvJwEgSK/wG4anA7lxtmp6kjVqR01vsAZCWHv8L
TiAkSOD10xKLW9ZZFRW5ZlH3j4pwjU/KbhzkA8bGf5WqTPPG+IMByz+pQl8z+rdE
ovoE5e5nKh0E9vcmAXdSktEeD1kXTY0gc89D6BkqQkWSCIE+z8IA8v9h9BMSib5R
0AtYPeYTcsZ7R3NJ30ijlfi6P+zliRbpqKDnkIF5Fcmquf4X8MEtAlx+0+dzAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQU9XMrvzW0NbD7pP85mha2ey1adzowHwYDVR0j
BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w
L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC
MkNCNDc0RTdGQi5jZXIwSwYIKwYBBQUHAQsEPzA9MDsGCCsGAQUFBzALhi9yc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzE4MDQ5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQC
AAEwfTAMAwQDPT0IAwQFPT0AAwQCPT0kAwQCPT0sMAwDBAI9PTQDBAI9PUADBAI9
PUgDBAQ9PbADBAJqaOADBANqaQADBAVqaUADBARqaXADBAJqaaQDBAVqaeADBAdq
a4ADBAZwaQADBAd7zQAwCwMDAK+3AwQFr7dAAwQF004gMA0GCSqGSIb3DQEBCwUA
A4IBAQB8SsaLQHHi7d7y32FKo/p49VooTfVJp8+zhZ+8J7iGi3Y/ckqjWTGGjF/7
i/dfdYNmLaHYDNJ78GMUV7JvfNyDENk4tJoBU8VPH7QxiGNwYdh6WrMgQ/1305+x
WO7myElxgH6yLypn/u5S8lFrUqUxo/1k849RP3UdIbKArk9QKfzCFwYwZA7gm1s4
f8yy7fqPZYfGSCcBhgcDZ0X57n3aQoq6ntj/ql/cFBGkvSV3l0cA6SmbOVVo8Esr
7pOAOLy/p7tBVA+YxvlpVH3QZqX5hQbWpyu3kQymphTSPOVib1rJz7QBDshTz6A4
TQmaC4umyJeR8sFRqj3j1mNrZT1b
-----END CERTIFICATE-----
Generated at Tue May 12 22:53:29 2026 by rpki-client