Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PUMO/0/3130332e32302e34302e302f32322d3234203d3e203338383433.roa
File: 3130332e32302e34302e302f32322d3234203d3e203338383433.roa (raw, json)
Hash identifier: M6YEgeg0JaTzYDNxI6uRv76NWKHK5aO222QIZrova60=
Subject key identifier: 2C:F4:2A:E2:8A:95:A0:2C:3C:75:46:3F:47:3C:95:92:48:72:3F:A1
Certificate issuer: /CN=1EEC4FA1A8F8ACD40833BD2C3EEDB2B7082C1791
Certificate serial: 6F45AAD9B0DA48861730F64D9E51E629B86501A4
Authority key identifier: 1E:EC:4F:A1:A8:F8:AC:D4:08:33:BD:2C:3E:ED:B2:B7:08:2C:17:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/1EEC4FA1A8F8ACD40833BD2C3EEDB2B7082C1791.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PUMO/0/3130332e32302e34302e302f32322d3234203d3e203338383433.roa
Signing time: Mon 11 May 2026 17:11:02 +0000
ROA not before: Mon 11 May 2026 17:06:02 +0000
ROA not after: Mon 10 May 2027 17:11:02 +0000
asID: 38843
IP address blocks: 103.20.40.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:45:aa:d9:b0:da:48:86:17:30:f6:4d:9e:51:e6:29:b8:65:01:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1EEC4FA1A8F8ACD40833BD2C3EEDB2B7082C1791
Validity
Not Before: May 11 17:06:02 2026 GMT
Not After : May 10 17:11:02 2027 GMT
Subject: CN=2CF42AE28A95A02C3C75463F473C959248723FA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:70:91:c8:13:5c:7f:1e:77:b7:06:37:c8:14:
e9:71:b3:3d:9f:24:37:70:ee:02:28:5c:e3:e2:8d:
d2:21:e7:78:2b:4c:9b:22:ca:89:ed:5f:1f:0a:7e:
02:fa:30:5a:56:b2:10:fb:38:23:e8:b5:b5:3d:b0:
39:8f:3d:c3:f6:5b:64:5f:a8:a8:a9:70:63:6e:bf:
a1:c3:eb:8d:52:13:99:75:c9:9d:f0:13:1b:25:11:
33:6d:0b:0f:89:4a:10:db:4b:93:6d:cc:ff:51:53:
06:76:8f:86:a8:c0:3f:99:0c:02:11:d3:3f:d7:53:
e3:f5:a8:74:da:4f:b7:9f:03:52:92:de:55:d0:7c:
c5:f6:69:8c:b7:8b:36:22:c6:c5:31:74:d1:71:5f:
fd:8c:1a:b6:35:df:94:f2:d9:5e:c7:3c:85:cc:68:
23:32:c5:2d:f4:ef:40:ce:a1:28:b3:8c:d2:29:59:
f5:a3:8d:38:d8:41:8a:6d:cd:df:fe:32:5e:62:af:
c2:d0:3b:78:d7:63:9e:2a:16:1d:7a:87:fb:4d:31:
a6:49:6c:0d:66:46:97:be:29:af:bd:58:6a:06:3b:
31:4e:f4:63:d2:44:60:9e:60:c3:46:5b:3e:c0:d0:
38:89:8b:15:99:84:88:be:d0:36:a3:9f:46:6a:71:
79:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F4:2A:E2:8A:95:A0:2C:3C:75:46:3F:47:3C:95:92:48:72:3F:A1
X509v3 Authority Key Identifier:
keyid:1E:EC:4F:A1:A8:F8:AC:D4:08:33:BD:2C:3E:ED:B2:B7:08:2C:17:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PUMO/0/1EEC4FA1A8F8ACD40833BD2C3EEDB2B7082C1791.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/1EEC4FA1A8F8ACD40833BD2C3EEDB2B7082C1791.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PUMO/0/3130332e32302e34302e302f32322d3234203d3e203338383433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
44:1c:4d:2a:00:7a:57:94:e0:d2:03:1c:b3:eb:e6:e9:ba:fb:
a5:52:66:97:2a:c7:e2:22:49:e9:7a:da:cb:f1:c3:89:f5:43:
11:6a:a0:5b:f1:39:fd:a7:c6:d2:60:85:3b:5f:13:9c:ad:d4:
ae:65:7e:ca:44:29:ca:55:b2:da:49:db:4f:c1:2d:3f:27:fd:
a4:5f:cd:0f:5a:08:e8:82:40:3e:02:d4:62:3c:b2:31:46:26:
72:d4:6e:e0:0c:a7:1b:36:b3:3c:ed:a5:5a:f0:7c:d9:f5:9d:
ba:02:ae:ba:38:34:ad:0e:eb:7b:ba:03:1c:ae:06:fe:1d:90:
ef:3c:b3:41:59:d0:1f:00:09:fb:e4:8c:4d:b9:e7:65:83:8a:
b3:34:89:18:6d:c1:b0:b3:2f:e2:b0:8c:64:59:88:fb:b9:7c:
d3:64:76:7b:f7:83:1e:ef:98:f9:1e:1e:6a:19:86:e4:2e:40:
74:63:b6:37:3d:59:18:aa:86:82:be:ce:e0:a1:ef:6e:dc:1b:
00:e7:ee:0d:50:6d:83:8d:ff:80:a0:bf:d5:4c:06:20:5d:ee:
19:da:f0:32:b4:a6:f5:48:00:09:69:05:85:27:ca:76:83:38:
aa:0f:6d:ab:39:e0:81:e3:f4:46:40:da:52:37:f9:1a:50:8c:
f4:78:73:cb
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIUb0Wq2bDaSIYXMPZNnlHmKbhlAaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUVFQzRGQTFBOEY4QUNENDA4MzNCRDJDM0VFREIyQjcw
ODJDMTc5MTAeFw0yNjA1MTExNzA2MDJaFw0yNzA1MTAxNzExMDJaMDMxMTAvBgNV
BAMTKDJDRjQyQUUyOEE5NUEwMkMzQzc1NDYzRjQ3M0M5NTkyNDg3MjNGQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDcJHIE1x/Hne3BjfIFOlxsz2f
JDdw7gIoXOPijdIh53grTJsiyontXx8KfgL6MFpWshD7OCPotbU9sDmPPcP2W2Rf
qKipcGNuv6HD641SE5l1yZ3wExslETNtCw+JShDbS5NtzP9RUwZ2j4aowD+ZDAIR
0z/XU+P1qHTaT7efA1KS3lXQfMX2aYy3izYixsUxdNFxX/2MGrY135Ty2V7HPIXM
aCMyxS3070DOoSizjNIpWfWjjTjYQYptzd/+Ml5ir8LQO3jXY54qFh16h/tNMaZJ
bA1mRpe+Ka+9WGoGOzFO9GPSRGCeYMNGWz7A0DiJixWZhIi+0Dajn0ZqcXmFAgMB
AAGjggHdMIIB2TAdBgNVHQ4EFgQULPQq4oqVoCw8dUY/RzyVkkhyP6EwHwYDVR0j
BBgwFoAUHuxPoaj4rNQIM70sPu2ytwgsF5EwDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFVNTy8w
LzFFRUM0RkExQThGOEFDRDQwODMzQkQyQzNFRURCMkI3MDgyQzE3OTEuY3JsMG8G
CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu
dHcvcnBraS9UV05JQ0NBLzEvMUVFQzRGQTFBOEY4QUNENDA4MzNCRDJDM0VFREIy
QjcwODJDMTc5MS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3lu
YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BVTU8vMC8zMTMwMzMyZTMyMzAyZTM0
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzM4MzgzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
ZxQoMA0GCSqGSIb3DQEBCwUAA4IBAQBEHE0qAHpXlODSAxyz6+bpuvulUmaXKsfi
IknpetrL8cOJ9UMRaqBb8Tn9p8bSYIU7XxOcrdSuZX7KRCnKVbLaSdtPwS0/J/2k
X80PWgjogkA+AtRiPLIxRiZy1G7gDKcbNrM87aVa8HzZ9Z26Aq66ODStDut7ugMc
rgb+HZDvPLNBWdAfAAn75IxNuedlg4qzNIkYbcGwsy/isIxkWYj7uXzTZHZ794Me
75j5Hh5qGYbkLkB0Y7Y3PVkYqoaCvs7goe9u3BsA5+4NUG2Djf+AoL/VTAYgXe4Z
2vAytKb1SAAJaQWFJ8p2gziqD22rOeCB4/RGQNpSN/kaUIz0eHPL
-----END CERTIFICATE-----
Generated at Wed May 13 00:54:01 2026 by rpki-client