Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SDCL-TW/0/3230322e3134382e3232302e302f32332d3234203d3e203338303432.roa
File: 3230322e3134382e3232302e302f32332d3234203d3e203338303432.roa (raw, json)
Hash identifier: Qf23TJE1nXjdkeX0xoNGfVGqhO6JSGDcdHqoaJWF4Yw=
Subject key identifier: 20:FE:94:63:AE:CF:5D:34:37:BE:F6:57:FE:C9:76:26:25:48:9E:30
Certificate issuer: /CN=CE11BDD44F66776624C4D9BE145C499FD144FEAE
Certificate serial: 1EB63BF2321E23BCBC3A183DB92FCB3DCBBFBA5C
Authority key identifier: CE:11:BD:D4:4F:66:77:66:24:C4:D9:BE:14:5C:49:9F:D1:44:FE:AE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CE11BDD44F66776624C4D9BE145C499FD144FEAE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SDCL-TW/0/3230322e3134382e3232302e302f32332d3234203d3e203338303432.roa
Signing time: Mon 11 May 2026 17:57:42 +0000
ROA not before: Mon 11 May 2026 17:52:42 +0000
ROA not after: Mon 10 May 2027 17:57:42 +0000
asID: 38042
IP address blocks: 202.148.220.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b6:3b:f2:32:1e:23:bc:bc:3a:18:3d:b9:2f:cb:3d:cb:bf:ba:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE11BDD44F66776624C4D9BE145C499FD144FEAE
Validity
Not Before: May 11 17:52:42 2026 GMT
Not After : May 10 17:57:42 2027 GMT
Subject: CN=20FE9463AECF5D3437BEF657FEC9762625489E30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:75:cc:8a:c2:1e:f0:c0:89:fa:f6:85:2a:
1d:57:21:7d:6e:04:59:db:f3:86:f0:39:c6:43:07:
8c:75:2a:7d:b2:94:b2:09:95:85:00:6d:49:83:2f:
72:bc:3e:20:16:75:5f:c9:59:38:31:80:e8:ba:16:
a0:a7:dd:e7:7d:ca:a5:14:d1:ea:d6:d5:3e:62:91:
12:30:81:d2:f8:63:b6:9f:4c:94:27:c0:25:cf:fa:
6b:e6:11:2a:1a:f6:42:9d:dd:7c:45:72:0f:ec:3d:
ff:47:b5:fd:a6:b0:ec:f1:b8:c3:4b:9f:5e:59:79:
4e:18:41:cf:66:74:0a:19:3e:93:94:58:65:87:a7:
91:34:f7:2f:9f:5c:52:c9:a9:57:d9:5b:c3:8a:6a:
03:2a:b3:46:a5:f9:0d:08:f3:03:94:fe:89:21:53:
11:a4:bd:bc:cb:72:ac:ca:a6:91:74:43:86:12:9e:
97:d0:c3:17:28:ca:8b:79:57:0a:71:85:fe:22:db:
80:d3:0d:f7:e2:3b:5a:4d:2d:28:61:ef:94:f8:a5:
18:3c:57:7e:8a:87:cd:a5:18:03:15:71:1f:ad:35:
0d:6a:35:7e:f6:f2:80:53:e8:6e:91:8c:6d:59:10:
2e:d8:b9:b2:a7:90:bb:3a:55:98:10:f7:d9:02:ed:
b9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FE:94:63:AE:CF:5D:34:37:BE:F6:57:FE:C9:76:26:25:48:9E:30
X509v3 Authority Key Identifier:
keyid:CE:11:BD:D4:4F:66:77:66:24:C4:D9:BE:14:5C:49:9F:D1:44:FE:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SDCL-TW/0/CE11BDD44F66776624C4D9BE145C499FD144FEAE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CE11BDD44F66776624C4D9BE145C499FD144FEAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SDCL-TW/0/3230322e3134382e3232302e302f32332d3234203d3e203338303432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.148.220.0/23
Signature Algorithm: sha256WithRSAEncryption
50:59:cf:57:e3:0f:a8:ee:cf:5f:6c:a1:6f:6d:ef:01:1d:71:
23:3e:f3:e0:8b:78:e8:88:28:c3:7e:5f:10:9c:c4:26:2b:05:
e0:be:9e:65:d5:e1:6b:bd:8e:fd:45:9e:da:ae:ca:f5:7a:40:
7c:b9:98:b9:da:3f:d5:84:1b:d3:c4:ef:7d:e3:d7:2f:c4:68:
57:a9:12:a2:73:91:0d:c6:76:e6:45:24:7a:8e:ea:e0:d1:3b:
6b:5c:ff:86:c7:78:4b:f0:95:37:bd:b9:e1:b2:17:31:42:a9:
26:20:88:08:71:57:b9:82:4d:4e:4c:0e:45:4a:9e:a9:74:45:
ba:de:c0:20:3c:95:72:e8:9a:d2:6d:9f:a8:44:cf:ac:0d:88:
9c:4b:b9:2e:62:94:a9:d8:10:f5:cd:53:96:47:ca:5f:04:03:
53:78:73:6e:64:2f:8f:41:8b:a5:6c:75:5b:f6:c4:bb:1a:84:
22:67:24:fa:39:d8:53:00:ba:bb:3f:74:d3:f7:54:18:61:2e:
84:26:bc:1d:8d:73:d5:dd:b4:eb:84:0d:1b:5c:d7:21:e3:8c:
4c:a1:07:94:0e:50:6f:b0:9a:7c:9a:4d:5a:52:a5:9c:04:aa:
81:71:07:1f:49:61:ff:5e:65:4d:4a:8f:96:f5:28:de:ba:d8:
d7:2f:7d:a8
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUHrY78jIeI7y8Ohg9uS/LPcu/ulwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0UxMUJERDQ0RjY2Nzc2NjI0QzREOUJFMTQ1QzQ5OUZE
MTQ0RkVBRTAeFw0yNjA1MTExNzUyNDJaFw0yNzA1MTAxNzU3NDJaMDMxMTAvBgNV
BAMTKDIwRkU5NDYzQUVDRjVEMzQzN0JFRjY1N0ZFQzk3NjI2MjU0ODlFMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDqHXMisIe8MCJ+vaFKh1XIX1u
BFnb84bwOcZDB4x1Kn2ylLIJlYUAbUmDL3K8PiAWdV/JWTgxgOi6FqCn3ed9yqUU
0erW1T5ikRIwgdL4Y7afTJQnwCXP+mvmESoa9kKd3XxFcg/sPf9Htf2msOzxuMNL
n15ZeU4YQc9mdAoZPpOUWGWHp5E09y+fXFLJqVfZW8OKagMqs0al+Q0I8wOU/okh
UxGkvbzLcqzKppF0Q4YSnpfQwxcoyot5Vwpxhf4i24DTDffiO1pNLShh75T4pRg8
V36Kh82lGAMVcR+tNQ1qNX728oBT6G6RjG1ZEC7YubKnkLs6VZgQ99kC7bnJAgMB
AAGjggHnMIIB4zAdBgNVHQ4EFgQUIP6UY67PXTQ3vvZX/sl2JiVInjAwHwYDVR0j
BBgwFoAUzhG91E9md2YkxNm+FFxJn9FE/q4wDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU0RDTC1U
Vy8wL0NFMTFCREQ0NEY2Njc3NjYyNEM0RDlCRTE0NUM0OTlGRDE0NEZFQUUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvQ0UxMUJERDQ0RjY2Nzc2NjI0QzREOUJFMTQ1
QzQ5OUZEMTQ0RkVBRS5jZXIwfwYIKwYBBQUHAQsEczBxMG8GCCsGAQUFBzALhmNy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1NEQ0wtVFcvMC8zMjMwMzIyZTMx
MzQzODJlMzIzMjMwMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzODMwMzQzMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAcqU3DANBgkqhkiG9w0BAQsFAAOCAQEAUFnPV+MPqO7PX2yhb23v
AR1xIz7z4It46Igow35fEJzEJisF4L6eZdXha72O/UWe2q7K9XpAfLmYudo/1YQb
08TvfePXL8RoV6kSonORDcZ25kUkeo7q4NE7a1z/hsd4S/CVN7254bIXMUKpJiCI
CHFXuYJNTkwORUqeqXRFut7AIDyVcuia0m2fqETPrA2InEu5LmKUqdgQ9c1TlkfK
XwQDU3hzbmQvj0GLpWx1W/bEuxqEImck+jnYUwC6uz900/dUGGEuhCa8HY1z1d20
64QNG1zXIeOMTKEHlA5Qb7CafJpNWlKlnASqgXEHH0lh/15lTUqPlvUo3rrY1y99
qA==
-----END CERTIFICATE-----
Generated at Wed May 13 02:12:51 2026 by rpki-client