Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/33392e312e34352e302f32342d3234203d3e2039393232.roa
File: 33392e312e34352e302f32342d3234203d3e2039393232.roa (raw, json)
Hash identifier: ryqYKYb9ZEnNDprKt9KNFJe6hMX8qggWXnAtJIFQzic=
Subject key identifier: CA:3F:82:A5:AA:74:A4:64:C6:98:84:58:CC:DC:41:C4:B1:A8:44:DE
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 3A286D248515B24C7C826508AFAF1B114139072F
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34352e302f32342d3234203d3e2039393232.roa
Signing time: Mon 11 May 2026 17:38:11 +0000
ROA not before: Mon 11 May 2026 17:33:11 +0000
ROA not after: Mon 10 May 2027 17:38:11 +0000
asID: 9922
IP address blocks: 39.1.45.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:28:6d:24:85:15:b2:4c:7c:82:65:08:af:af:1b:11:41:39:07:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 17:33:11 2026 GMT
Not After : May 10 17:38:11 2027 GMT
Subject: CN=CA3F82A5AA74A464C6988458CCDC41C4B1A844DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bb:c8:26:00:20:a8:e9:ec:13:80:1c:1b:9e:
c4:c5:79:d5:8a:1b:e2:8e:32:b0:b0:24:89:a7:5f:
36:71:e7:7d:7e:96:f2:dd:38:d7:39:3d:a9:06:b3:
82:c1:78:e5:35:bf:f8:02:64:20:43:0e:9f:df:b8:
bd:1a:34:7d:19:06:90:73:60:e3:32:8b:ae:be:62:
bc:65:0d:d0:14:42:00:d0:15:a9:df:dd:fa:f8:70:
ac:7d:78:86:4c:f7:bd:aa:95:5f:1e:0e:0e:14:3f:
ed:3a:d4:cd:51:04:ab:30:88:7b:29:15:36:bf:5b:
24:82:f7:2b:ce:78:b7:fa:7c:b0:8b:4a:45:a4:81:
bf:38:88:5d:70:ab:31:38:19:79:52:3f:6c:10:10:
bc:f9:d6:c8:cb:5e:0a:9a:06:6b:0e:2c:31:40:16:
6b:75:16:bc:20:e9:99:70:fd:f0:f1:46:e3:81:87:
51:f5:d7:60:93:84:9a:0c:22:81:f0:6f:b1:27:10:
38:9d:e0:8a:3f:4e:57:42:c4:b5:a6:80:17:b2:39:
cc:9c:b5:bd:b5:b7:31:63:83:d8:4e:18:03:fd:a7:
fe:93:f2:6b:8c:7e:b3:de:49:8e:e5:42:ae:f3:b8:
62:18:2e:8b:27:ab:06:54:52:b3:a7:aa:1d:22:22:
02:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3F:82:A5:AA:74:A4:64:C6:98:84:58:CC:DC:41:C4:B1:A8:44:DE
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34352e302f32342d3234203d3e2039393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
39.1.45.0/24
Signature Algorithm: sha256WithRSAEncryption
31:0e:c6:74:d3:98:8f:95:8e:43:37:03:98:9e:af:fe:3d:6c:
69:79:0c:20:7d:4c:99:89:a4:65:16:fe:36:6d:69:f4:c7:5f:
83:f7:d2:72:d5:77:16:9b:e9:07:7b:d5:fa:0d:e3:d7:12:c9:
f6:70:12:2f:b8:72:13:ff:f5:8f:ce:51:c3:56:98:16:4b:56:
a9:2f:d5:69:b2:9a:f8:0e:be:87:76:9b:6a:84:a4:fd:d0:c1:
26:3b:68:7c:9e:c5:4e:32:4a:5c:bf:68:e8:54:94:a7:eb:5e:
ec:67:d7:43:a9:41:38:1f:53:ec:99:f7:78:64:e2:df:75:cb:
bd:0b:80:ef:49:a5:39:77:b2:1e:4b:7f:fd:c4:e2:ea:ad:69:
16:80:cc:0d:ef:6d:62:34:37:9e:01:bf:ae:75:86:34:0b:c4:
aa:49:1a:f0:46:ae:66:8d:4a:7a:83:b9:5b:9a:99:22:c2:69:
1f:09:4e:fc:e5:c0:c5:52:e2:39:f1:ec:b5:5a:39:94:c3:d1:
09:4c:0e:9d:9e:61:f9:35:c8:d6:5b:93:62:30:2f:f3:f1:24:
02:b1:e1:b7:6d:ec:e3:71:17:e7:71:76:a4:4a:f7:7d:4a:31:
14:ba:91:37:6f:7f:de:65:13:bc:f9:b1:ca:5a:35:38:b5:d6:
ac:90:fa:44
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIUOihtJIUVskx8gmUIr68bEUE5By8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNzMzMTFaFw0yNzA1MTAxNzM4MTFaMDMxMTAvBgNV
BAMTKENBM0Y4MkE1QUE3NEE0NjRDNjk4ODQ1OENDREM0MUM0QjFBODQ0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChu8gmACCo6ewTgBwbnsTFedWK
G+KOMrCwJImnXzZx531+lvLdONc5PakGs4LBeOU1v/gCZCBDDp/fuL0aNH0ZBpBz
YOMyi66+YrxlDdAUQgDQFanf3fr4cKx9eIZM972qlV8eDg4UP+061M1RBKswiHsp
FTa/WySC9yvOeLf6fLCLSkWkgb84iF1wqzE4GXlSP2wQELz51sjLXgqaBmsOLDFA
Fmt1Frwg6Zlw/fDxRuOBh1H112CThJoMIoHwb7EnEDid4Io/TldCxLWmgBeyOcyc
tb21tzFjg9hOGAP9p/6T8muMfrPeSY7lQq7zuGIYLosnqwZUUrOnqh0iIgK/AgMB
AAGjggHZMIIB1TAdBgNVHQ4EFgQUyj+Cpap0pGTGmIRYzNxBxLGoRN4wHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMzMzkyZTMxMmUzNDM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzOTMyMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAnAS0w
DQYJKoZIhvcNAQELBQADggEBADEOxnTTmI+VjkM3A5ier/49bGl5DCB9TJmJpGUW
/jZtafTHX4P30nLVdxab6Qd71foN49cSyfZwEi+4chP/9Y/OUcNWmBZLVqkv1Wmy
mvgOvod2m2qEpP3QwSY7aHyexU4ySly/aOhUlKfrXuxn10OpQTgfU+yZ93hk4t91
y70LgO9JpTl3sh5Lf/3E4uqtaRaAzA3vbWI0N54Bv651hjQLxKpJGvBGrmaNSnqD
uVuamSLCaR8JTvzlwMVS4jnx7LVaOZTD0QlMDp2eYfk1yNZbk2IwL/PxJAKx4bdt
7ONxF+dxdqRK931KMRS6kTdvf95lE7z5scpaNTi11qyQ+kQ=
-----END CERTIFICATE-----
Generated at Wed May 13 01:14:38 2026 by rpki-client