Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/33392e312e31362e302f32302d3234203d3e2039393232.roa
File: 33392e312e31362e302f32302d3234203d3e2039393232.roa (raw, json)
Hash identifier: o5tck8QLFY02tn9jNvUElQeuTpHy+ammIuF39TN/Cn4=
Subject key identifier: 4A:9C:96:CA:97:BE:B3:6E:55:9C:E6:30:D7:2E:9B:46:5C:87:B3:AB
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 55D4E512148DB2066E1E0F02B714612F488DCB05
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e31362e302f32302d3234203d3e2039393232.roa
Signing time: Mon 11 May 2026 17:32:42 +0000
ROA not before: Mon 11 May 2026 17:27:42 +0000
ROA not after: Mon 10 May 2027 17:32:42 +0000
asID: 9922
IP address blocks: 39.1.16.0/20 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d4:e5:12:14:8d:b2:06:6e:1e:0f:02:b7:14:61:2f:48:8d:cb:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 17:27:42 2026 GMT
Not After : May 10 17:32:42 2027 GMT
Subject: CN=4A9C96CA97BEB36E559CE630D72E9B465C87B3AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:58:34:a3:f0:bc:5a:39:3d:9a:28:5c:a9:42:
23:ad:57:4a:6a:cb:01:fb:31:e3:7b:69:75:79:ec:
b6:31:52:26:13:fd:c8:b8:66:41:14:e2:33:37:c9:
1c:9e:1e:02:5b:39:ea:14:06:93:ce:b6:ee:cc:7f:
92:42:07:36:c8:f2:0a:07:68:a0:ff:fe:d5:31:03:
5a:06:97:5a:ef:3e:08:6c:b4:94:74:b9:31:52:59:
b1:98:73:aa:e3:e5:c8:2f:8a:d3:1d:44:0a:26:c5:
ca:c7:7a:31:2b:ba:a9:97:c5:f5:d4:13:24:78:d0:
9d:3f:6f:17:b3:64:9a:c6:89:54:c2:a8:67:59:86:
e3:3e:17:2b:60:6f:5c:bc:b9:53:bb:b8:50:0d:a8:
1d:e7:87:d4:2b:b8:81:e2:02:d1:a6:b1:2e:3c:cb:
1d:ff:bd:14:b5:23:2a:94:7f:2c:ef:6c:02:a1:6d:
7c:e6:96:e5:e3:6d:2c:92:5b:b3:70:ea:7e:c9:bd:
d1:41:c6:7b:7c:06:94:2a:5b:98:db:94:85:d6:84:
81:56:52:49:7e:6c:f1:4d:e9:0c:61:51:3d:47:b5:
52:6a:06:cb:b8:01:b8:10:53:ad:a3:6d:59:08:7b:
0d:1a:91:10:8b:a9:4b:bd:91:be:3d:03:24:73:a7:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9C:96:CA:97:BE:B3:6E:55:9C:E6:30:D7:2E:9B:46:5C:87:B3:AB
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e31362e302f32302d3234203d3e2039393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
39.1.16.0/20
Signature Algorithm: sha256WithRSAEncryption
25:4c:21:f2:47:81:b2:24:61:e8:45:b0:94:d1:53:9c:5d:d2:
d7:7d:1b:53:2c:c3:af:8f:e9:58:65:59:fd:b0:e0:7f:0c:8b:
1c:b1:c8:c2:57:8a:51:82:61:2a:be:c4:79:78:42:21:7b:a9:
23:91:f3:bb:c2:15:01:8b:e5:ef:c3:d1:42:37:13:38:78:77:
f7:06:27:78:7b:bb:d7:11:e9:2c:bc:4a:f8:24:fc:92:c7:91:
f1:4b:61:68:fb:e9:69:13:c8:f1:d3:0f:a7:a1:a4:1d:11:dc:
d0:01:df:fc:11:ed:ee:39:09:89:8e:20:7f:22:34:0d:6a:f9:
4e:23:c2:bf:fd:81:65:d5:fa:40:63:b4:f3:a3:f0:c6:90:8c:
99:3c:02:c4:8e:07:1c:81:cd:30:de:73:38:bf:9c:7f:0f:1d:
3c:cf:9b:1d:47:5d:4e:50:ec:00:0d:67:d1:f3:53:7e:8d:84:
12:a4:f6:cf:75:b0:db:9f:22:03:ac:cd:99:f5:8d:5a:a4:0c:
55:c8:91:13:0d:60:81:80:26:5a:b1:a0:ae:ba:b0:62:7f:5a:
f7:55:e8:71:b5:1e:54:e4:bb:84:98:fa:2a:34:97:2d:f8:7d:
7b:dc:b3:83:79:01:2b:4f:98:d1:b9:25:5b:2c:87:45:43:c8:
6b:f7:25:09
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIUVdTlEhSNsgZuHg8CtxRhL0iNywUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNzI3NDJaFw0yNzA1MTAxNzMyNDJaMDMxMTAvBgNV
BAMTKDRBOUM5NkNBOTdCRUIzNkU1NTlDRTYzMEQ3MkU5QjQ2NUM4N0IzQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbWDSj8LxaOT2aKFypQiOtV0pq
ywH7MeN7aXV57LYxUiYT/ci4ZkEU4jM3yRyeHgJbOeoUBpPOtu7Mf5JCBzbI8goH
aKD//tUxA1oGl1rvPghstJR0uTFSWbGYc6rj5cgvitMdRAomxcrHejEruqmXxfXU
EyR40J0/bxezZJrGiVTCqGdZhuM+Fytgb1y8uVO7uFANqB3nh9QruIHiAtGmsS48
yx3/vRS1IyqUfyzvbAKhbXzmluXjbSySW7Nw6n7JvdFBxnt8BpQqW5jblIXWhIFW
Ukl+bPFN6QxhUT1HtVJqBsu4AbgQU62jbVkIew0akRCLqUu9kb49AyRzpyYDAgMB
AAGjggHZMIIB1TAdBgNVHQ4EFgQUSpyWype+s25VnOYw1y6bRlyHs6swHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMzMzkyZTMxMmUzMTM2
MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzkzOTMyMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQnARAw
DQYJKoZIhvcNAQELBQADggEBACVMIfJHgbIkYehFsJTRU5xd0td9G1Msw6+P6Vhl
Wf2w4H8MixyxyMJXilGCYSq+xHl4QiF7qSOR87vCFQGL5e/D0UI3Ezh4d/cGJ3h7
u9cR6Sy8Svgk/JLHkfFLYWj76WkTyPHTD6ehpB0R3NAB3/wR7e45CYmOIH8iNA1q
+U4jwr/9gWXV+kBjtPOj8MaQjJk8AsSOBxyBzTDeczi/nH8PHTzPmx1HXU5Q7AAN
Z9HzU36NhBKk9s91sNufIgOszZn1jVqkDFXIkRMNYIGAJlqxoK66sGJ/WvdV6HG1
HlTku4SY+io0ly34fXvcs4N5AStPmNG5JVssh0VDyGv3JQk=
-----END CERTIFICATE-----
Generated at Tue May 12 23:45:50 2026 by rpki-client