Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/33392e312e302e302f31362d3234203d3e203138313832.roa
File: 33392e312e302e302f31362d3234203d3e203138313832.roa (raw, json)
Hash identifier: CffvCFfDEQybZwp62g5aXFZex+pvcH1gSZG/H/2FRO0=
Subject key identifier: BA:BB:35:B5:BF:96:E0:BE:BC:8E:ED:46:8A:2A:FF:A5:54:CD:F8:B0
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 70FC05459E06C3AD3C0935E574385FBEC28C5FB0
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e302e302f31362d3234203d3e203138313832.roa
Signing time: Mon 11 May 2026 16:54:26 +0000
ROA not before: Mon 11 May 2026 16:49:26 +0000
ROA not after: Mon 10 May 2027 16:54:26 +0000
asID: 18182
IP address blocks: 39.1.0.0/16 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:fc:05:45:9e:06:c3:ad:3c:09:35:e5:74:38:5f:be:c2:8c:5f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 16:49:26 2026 GMT
Not After : May 10 16:54:26 2027 GMT
Subject: CN=BABB35B5BF96E0BEBC8EED468A2AFFA554CDF8B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:f7:56:ee:c2:3c:16:25:38:42:16:17:a9:
7c:a6:94:f7:89:69:65:c9:ac:c4:51:79:da:ba:a5:
8f:26:fc:05:1a:7b:4f:72:ad:b7:61:b9:0c:a6:7a:
89:d1:70:2c:57:24:e0:05:a3:7c:c1:8c:2c:f1:73:
d8:1b:75:06:bf:68:e3:97:41:3b:4e:fd:35:55:26:
02:3a:e4:e4:c6:46:19:49:f9:de:92:6a:63:39:11:
98:87:f3:4c:9f:79:61:da:39:5e:5d:4d:8c:65:f7:
0a:00:cc:89:7b:52:ca:2f:f0:ef:3d:26:f4:bb:d5:
51:69:80:98:26:4d:8b:f3:27:45:7d:e7:94:3e:5e:
ec:5b:34:41:1d:cc:86:47:d1:c3:e0:5b:c2:36:43:
27:39:7d:14:25:92:e7:55:b2:83:16:aa:1a:5e:c9:
73:e8:c3:a4:46:5f:ae:0e:fa:1e:38:23:93:5f:9c:
32:64:8c:8e:18:ca:1d:07:65:1f:20:cc:9c:e4:8b:
aa:dc:30:27:f2:c2:99:8b:f1:b3:ef:cd:f8:4a:02:
3d:ec:6c:de:6c:5b:11:18:eb:40:e7:b0:29:db:f7:
84:37:33:c7:b1:ac:59:da:a2:de:3b:2a:5e:48:5d:
61:53:96:6a:82:41:f8:97:99:fb:b0:32:b2:5b:66:
be:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BB:35:B5:BF:96:E0:BE:BC:8E:ED:46:8A:2A:FF:A5:54:CD:F8:B0
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e302e302f31362d3234203d3e203138313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
39.1.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:91:7f:a3:23:b8:ef:24:9b:85:c7:cb:78:59:03:44:01:1d:
33:b5:57:b6:25:36:6c:fa:b7:2a:ef:af:50:c3:14:2f:43:e5:
80:19:eb:51:33:2a:72:40:e7:e5:99:1a:3a:5f:94:28:ec:69:
bf:88:75:3f:86:b6:12:12:be:b6:0c:c4:b6:fe:4c:a2:f6:9d:
2e:f8:18:b2:cf:94:42:fb:da:e0:49:03:3a:fb:a7:1b:f2:98:
eb:09:ad:c4:55:f9:da:bf:07:81:6b:2f:87:9d:5f:34:1c:ec:
86:27:c4:11:43:ba:69:41:a3:f4:21:28:72:61:95:c6:04:a3:
ee:fd:16:8c:4e:72:4d:87:e2:0a:4b:69:07:7d:e8:a4:02:f3:
ef:50:45:c0:b9:68:55:fa:61:84:8f:71:ae:05:c2:13:d9:93:
a2:d3:d2:0c:98:dd:1b:ef:71:a9:06:6b:2e:c0:ff:42:cd:fb:
36:f9:76:47:29:f0:61:7b:2a:4b:5f:fe:3f:bf:d5:d9:b4:a5:
f0:88:64:a8:18:71:ff:6f:db:95:30:b4:21:5d:17:65:53:91:
a8:05:55:15:10:39:f9:5c:dd:3c:4c:4e:e5:f5:cf:a5:32:86:
9d:ff:a2:be:cd:99:ce:b0:73:fd:21:b9:6d:ce:b5:2c:33:a6:
cb:f6:98:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIUcPwFRZ4Gw608CTXldDhfvsKMX7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNjQ5MjZaFw0yNzA1MTAxNjU0MjZaMDMxMTAvBgNV
BAMTKEJBQkIzNUI1QkY5NkUwQkVCQzhFRUQ0NjhBMkFGRkE1NTRDREY4QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1afdW7sI8FiU4QhYXqXymlPeJ
aWXJrMRRedq6pY8m/AUae09yrbdhuQymeonRcCxXJOAFo3zBjCzxc9gbdQa/aOOX
QTtO/TVVJgI65OTGRhlJ+d6SamM5EZiH80yfeWHaOV5dTYxl9woAzIl7Usov8O89
JvS71VFpgJgmTYvzJ0V955Q+XuxbNEEdzIZH0cPgW8I2Qyc5fRQlkudVsoMWqhpe
yXPow6RGX64O+h44I5NfnDJkjI4Yyh0HZR8gzJzki6rcMCfywpmL8bPvzfhKAj3s
bN5sWxEY60DnsCnb94Q3M8exrFnaot47Kl5IXWFTlmqCQfiXmfuwMrJbZr5dAgMB
AAGjggHYMIIB1DAdBgNVHQ4EFgQUurs1tb+W4L68ju1Giir/pVTN+LAwHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMzMzkyZTMxMmUzMDJl
MzAyZjMxMzYyZDMyMzQyMDNkM2UyMDMxMzgzMTM4MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwAnATAN
BgkqhkiG9w0BAQsFAAOCAQEAOpF/oyO47ySbhcfLeFkDRAEdM7VXtiU2bPq3Ku+v
UMMUL0PlgBnrUTMqckDn5ZkaOl+UKOxpv4h1P4a2EhK+tgzEtv5MovadLvgYss+U
Qvva4EkDOvunG/KY6wmtxFX52r8HgWsvh51fNBzshifEEUO6aUGj9CEocmGVxgSj
7v0WjE5yTYfiCktpB33opALz71BFwLloVfphhI9xrgXCE9mTotPSDJjdG+9xqQZr
LsD/Qs37Nvl2RynwYXsqS1/+P7/V2bSl8IhkqBhx/2/blTC0IV0XZVORqAVVFRA5
+VzdPExO5fXPpTKGnf+ivs2ZzrBz/SG5bc61LDOmy/aYbw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:21:01 2026 by rpki-client