Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/33392e312e34302e302f32322d3234203d3e2039393232.roa
File: 33392e312e34302e302f32322d3234203d3e2039393232.roa (raw, json)
Hash identifier: z5CRvkmrV5KJFcdljtPbVmXZST0Ame/3ck3rEFg8aGM=
Subject key identifier: 73:4C:44:98:9C:FB:83:53:E0:45:E4:81:10:80:CF:46:21:FA:24:86
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 3945C6AF01248611B2310E5EA2D48ECAA8BC9AC9
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34302e302f32322d3234203d3e2039393232.roa
Signing time: Mon 11 May 2026 17:36:57 +0000
ROA not before: Mon 11 May 2026 17:31:57 +0000
ROA not after: Mon 10 May 2027 17:36:57 +0000
asID: 9922
IP address blocks: 39.1.40.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:45:c6:af:01:24:86:11:b2:31:0e:5e:a2:d4:8e:ca:a8:bc:9a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 17:31:57 2026 GMT
Not After : May 10 17:36:57 2027 GMT
Subject: CN=734C44989CFB8353E045E4811080CF4621FA2486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6d:af:11:3d:7c:cd:f7:f3:c8:51:e1:33:55:
bd:b8:82:17:83:50:bf:ce:b3:02:5e:ec:b5:23:17:
2b:0b:48:c7:75:23:0d:6a:e8:81:28:81:81:05:53:
49:53:0b:f9:52:50:f0:65:20:6c:95:b2:90:9b:2a:
7b:07:f9:3f:5e:4c:07:92:7b:97:20:fd:0b:b5:52:
4f:7a:f4:77:8a:2d:1e:bc:c9:4c:e9:86:72:94:f6:
ab:b0:1a:d3:6b:a6:11:e9:22:3d:ed:d8:24:a3:89:
1b:d4:45:bf:be:6e:6c:cf:cf:a6:eb:d0:c1:05:ca:
bc:39:b7:59:48:d4:5d:f8:67:5a:83:ad:e1:b7:f8:
77:84:aa:56:7e:5d:58:0f:f9:99:ff:5c:81:a9:13:
cd:09:ef:ce:fb:78:08:dc:e3:1b:92:1f:a0:af:ed:
b9:7f:a5:52:19:9a:96:b3:2a:31:c2:0b:31:88:88:
3f:34:e5:b3:e5:4e:00:60:cc:38:51:c7:03:94:55:
0b:80:99:a4:72:f4:11:c8:9e:53:fd:41:b3:0a:bb:
27:a0:b9:a6:de:a8:26:6b:37:2d:75:12:3f:d9:c7:
d0:a7:6c:b4:15:d2:1c:99:73:0f:3a:ec:97:3e:22:
f5:21:f3:ec:20:27:42:89:9c:16:a1:2f:54:88:bd:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4C:44:98:9C:FB:83:53:E0:45:E4:81:10:80:CF:46:21:FA:24:86
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34302e302f32322d3234203d3e2039393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
39.1.40.0/22
Signature Algorithm: sha256WithRSAEncryption
79:cc:3d:f1:c6:02:0a:15:1a:b8:6f:ae:b0:e0:21:8e:dc:c4:
3b:de:15:6c:e3:d4:69:33:54:20:b4:be:97:0d:58:bd:f3:6e:
6f:f2:89:5b:9f:45:f0:b5:6c:d8:d3:fe:40:d1:b3:f7:ec:7e:
85:bc:c8:cf:c6:d2:a8:44:7d:fb:9a:b2:a3:20:ef:02:cf:92:
81:df:5c:ae:4a:51:c5:07:be:cd:47:ec:f0:17:ff:33:05:ba:
26:4c:48:83:a7:29:00:f9:a3:8f:37:4d:e1:6e:33:2d:8b:3e:
21:86:45:1b:65:7a:cb:3d:ea:0e:06:63:3d:b2:cf:13:2b:da:
de:5e:50:15:3c:16:ed:ba:fc:78:0d:a7:8a:a2:82:75:af:e4:
d2:44:7f:8d:59:0b:18:66:c4:77:24:54:cb:4d:95:ac:73:4e:
e3:c1:12:85:eb:1b:01:28:bb:b0:fd:b0:98:22:5e:c3:1f:4c:
20:e2:27:94:79:16:8f:da:f4:a3:e8:5a:52:48:f7:03:69:15:
dd:11:a7:fc:56:ee:55:5d:df:34:39:ec:22:c2:e5:53:05:a2:
a1:6e:5b:1f:2d:9d:27:c0:96:93:d6:6a:69:70:5a:db:81:fb:
76:a3:c2:01:0b:f7:21:1b:14:71:18:28:93:06:ad:6b:2f:0d:
37:4c:07:6a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIUOUXGrwEkhhGyMQ5eotSOyqi8mskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNzMxNTdaFw0yNzA1MTAxNzM2NTdaMDMxMTAvBgNV
BAMTKDczNEM0NDk4OUNGQjgzNTNFMDQ1RTQ4MTEwODBDRjQ2MjFGQTI0ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlba8RPXzN9/PIUeEzVb24gheD
UL/OswJe7LUjFysLSMd1Iw1q6IEogYEFU0lTC/lSUPBlIGyVspCbKnsH+T9eTAeS
e5cg/Qu1Uk969HeKLR68yUzphnKU9quwGtNrphHpIj3t2CSjiRvURb++bmzPz6br
0MEFyrw5t1lI1F34Z1qDreG3+HeEqlZ+XVgP+Zn/XIGpE80J7877eAjc4xuSH6Cv
7bl/pVIZmpazKjHCCzGIiD805bPlTgBgzDhRxwOUVQuAmaRy9BHInlP9QbMKuyeg
uabeqCZrNy11Ej/Zx9CnbLQV0hyZcw867Jc+IvUh8+wgJ0KJnBahL1SIvUypAgMB
AAGjggHZMIIB1TAdBgNVHQ4EFgQUc0xEmJz7g1PgReSBEIDPRiH6JIYwHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMzMzkyZTMxMmUzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzkzOTMyMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAInASgw
DQYJKoZIhvcNAQELBQADggEBAHnMPfHGAgoVGrhvrrDgIY7cxDveFWzj1GkzVCC0
vpcNWL3zbm/yiVufRfC1bNjT/kDRs/fsfoW8yM/G0qhEffuasqMg7wLPkoHfXK5K
UcUHvs1H7PAX/zMFuiZMSIOnKQD5o483TeFuMy2LPiGGRRtless96g4GYz2yzxMr
2t5eUBU8Fu26/HgNp4qignWv5NJEf41ZCxhmxHckVMtNlaxzTuPBEoXrGwEou7D9
sJgiXsMfTCDiJ5R5Fo/a9KPoWlJI9wNpFd0Rp/xW7lVd3zQ57CLC5VMFoqFuWx8t
nSfAlpPWamlwWtuB+3ajwgEL9yEbFHEYKJMGrWsvDTdMB2o=
-----END CERTIFICATE-----
Generated at Wed May 13 01:10:54 2026 by rpki-client