Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/3231392e38342e302e302f31362d3234203d3e203138313832.roa
File: 3231392e38342e302e302f31362d3234203d3e203138313832.roa (raw, json)
Hash identifier: 8fiqTkiu9MOMh1suF5MiCOJuDwIsVQ34W7YS4b6Ylb8=
Subject key identifier: 81:37:14:97:7F:B6:D9:F4:61:8E:1C:C3:D4:8B:30:1B:58:2A:D2:81
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 6088419D2AA25B5794FA607DBBCFC039E9EB9D13
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/3231392e38342e302e302f31362d3234203d3e203138313832.roa
Signing time: Mon 11 May 2026 17:11:01 +0000
ROA not before: Mon 11 May 2026 17:06:01 +0000
ROA not after: Mon 10 May 2027 17:11:01 +0000
asID: 18182
IP address blocks: 219.84.0.0/16 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:88:41:9d:2a:a2:5b:57:94:fa:60:7d:bb:cf:c0:39:e9:eb:9d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 17:06:01 2026 GMT
Not After : May 10 17:11:01 2027 GMT
Subject: CN=813714977FB6D9F4618E1CC3D48B301B582AD281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:77:88:1a:d8:3f:68:9d:6a:4f:aa:d6:eb:5a:
79:44:87:0b:61:81:c5:0b:63:46:68:15:50:01:98:
32:7a:a7:a5:09:a6:2b:8d:3f:3c:67:7f:25:8b:6a:
50:47:01:a0:d6:b5:a2:9e:c1:8b:80:4b:16:76:cf:
8f:8c:8f:e8:d4:d6:87:e6:12:b7:82:42:a2:d5:26:
b9:ba:97:9b:f4:16:58:96:a9:a4:0a:1e:56:bb:5f:
ea:05:0a:0d:c2:fb:91:c3:5a:8e:f3:4c:25:bc:65:
c4:03:e6:bf:83:80:50:45:d6:4b:4f:7e:31:a9:6c:
16:08:4d:71:ea:67:09:e3:7d:5f:a3:b2:04:43:27:
27:e0:81:f2:cb:47:95:0f:88:07:ea:03:e6:27:13:
3e:36:bd:19:c2:82:ae:d2:8c:e1:65:f0:3c:cf:b7:
3b:cb:87:a1:41:a8:f3:7e:62:2a:59:83:62:aa:ff:
3f:5d:85:97:af:5e:6a:ca:d3:2d:99:7c:f9:2a:6a:
e3:ef:ee:fc:80:6e:aa:a6:dc:f0:38:24:58:a9:ac:
28:6b:31:26:f1:a9:9e:37:40:81:15:0e:cd:c3:a5:
53:58:63:e6:98:55:b4:4f:c1:71:a3:eb:25:43:43:
c9:16:12:0f:18:8d:4b:54:71:c9:0e:c1:11:0a:da:
f5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:37:14:97:7F:B6:D9:F4:61:8E:1C:C3:D4:8B:30:1B:58:2A:D2:81
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3231392e38342e302e302f31362d3234203d3e203138313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
219.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:be:df:90:97:e5:5b:60:8b:61:5b:f8:8b:90:f2:3d:7c:71:
68:f3:01:e4:f0:13:4e:37:0a:9f:d7:07:b9:fd:dd:08:7a:92:
20:a5:01:ff:7b:bb:39:8e:5f:c8:6f:9f:09:4b:c0:c8:b5:87:
35:4d:1f:36:1e:3d:51:03:15:c4:8c:d0:13:fb:d8:a0:96:87:
cf:30:5a:6a:fa:7b:95:a3:3c:0d:95:48:92:ad:d9:25:69:7e:
d7:b9:31:27:d2:8f:f2:f0:3d:5b:8b:d5:bd:c7:8f:c2:83:d8:
6f:94:79:99:6c:63:20:fe:0c:08:cd:a3:d9:84:89:08:fa:a3:
74:00:e1:d7:e3:56:b2:39:2c:20:22:02:d7:31:44:61:dc:a3:
5f:bc:40:26:ca:af:82:c3:3e:d2:46:96:d1:2d:73:1f:a8:4e:
96:25:d8:be:6c:b1:97:0d:2e:8d:b4:1b:17:2e:1f:ee:bf:3f:
c5:70:64:78:8b:a3:61:d5:56:36:37:6b:8e:a4:98:1a:38:1d:
4a:d7:06:b5:d8:24:be:5b:f0:f4:21:ce:73:70:bd:3b:85:87:
ff:09:e1:ca:f2:f0:d8:aa:d8:29:9e:9b:d4:0a:ae:d6:10:3a:
f0:8f:c1:d0:ca:7f:2b:3a:c2:54:9b:93:df:ed:8b:01:42:7b:
dc:4e:b2:1a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIUYIhBnSqiW1eU+mB9u8/AOenrnRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNzA2MDFaFw0yNzA1MTAxNzExMDFaMDMxMTAvBgNV
BAMTKDgxMzcxNDk3N0ZCNkQ5RjQ2MThFMUNDM0Q0OEIzMDFCNTgyQUQyODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZd4ga2D9onWpPqtbrWnlEhwth
gcULY0ZoFVABmDJ6p6UJpiuNPzxnfyWLalBHAaDWtaKewYuASxZ2z4+Mj+jU1ofm
EreCQqLVJrm6l5v0FliWqaQKHla7X+oFCg3C+5HDWo7zTCW8ZcQD5r+DgFBF1ktP
fjGpbBYITXHqZwnjfV+jsgRDJyfggfLLR5UPiAfqA+YnEz42vRnCgq7SjOFl8DzP
tzvLh6FBqPN+YipZg2Kq/z9dhZevXmrK0y2ZfPkqauPv7vyAbqqm3PA4JFiprChr
MSbxqZ43QIEVDs3DpVNYY+aYVbRPwXGj6yVDQ8kWEg8YjUtUcckOwREK2vVBAgMB
AAGjggHcMIIB2DAdBgNVHQ4EFgQUgTcUl3+22fRhjhzD1IswG1gq0oEwHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHcGCCsGAQUFBwELBGswaTBnBggrBgEFBQcwC4ZbcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMyMzEzOTJlMzgzNDJl
MzAyZTMwMmYzMTM2MmQzMjM0MjAzZDNlMjAzMTM4MzEzODMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
21QwDQYJKoZIhvcNAQELBQADggEBAG6+35CX5Vtgi2Fb+IuQ8j18cWjzAeTwE043
Cp/XB7n93Qh6kiClAf97uzmOX8hvnwlLwMi1hzVNHzYePVEDFcSM0BP72KCWh88w
Wmr6e5WjPA2VSJKt2SVpfte5MSfSj/LwPVuL1b3Hj8KD2G+UeZlsYyD+DAjNo9mE
iQj6o3QA4dfjVrI5LCAiAtcxRGHco1+8QCbKr4LDPtJGltEtcx+oTpYl2L5ssZcN
Lo20GxcuH+6/P8VwZHiLo2HVVjY3a46kmBo4HUrXBrXYJL5b8PQhznNwvTuFh/8J
4cry8Niq2Cmem9QKrtYQOvCPwdDKfys6wlSbk9/tiwFCe9xOsho=
-----END CERTIFICATE-----
Generated at Wed May 13 01:41:18 2026 by rpki-client