Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/33392e312e34362e302f32342d3234203d3e2039393232.roa
File: 33392e312e34362e302f32342d3234203d3e2039393232.roa (raw, json)
Hash identifier: onwq6khytNt8j9JeiESYQPMZkrctbzkf2UmQhqWpjYw=
Subject key identifier: 38:E0:53:00:40:E0:CC:F0:74:74:FF:4B:D0:88:4A:CA:3B:A3:EF:CF
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 6C2B9E355C5C521D5647E3CCE4A44461E2036181
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34362e302f32342d3234203d3e2039393232.roa
Signing time: Mon 11 May 2026 17:38:12 +0000
ROA not before: Mon 11 May 2026 17:33:12 +0000
ROA not after: Mon 10 May 2027 17:38:12 +0000
asID: 9922
IP address blocks: 39.1.46.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:2b:9e:35:5c:5c:52:1d:56:47:e3:cc:e4:a4:44:61:e2:03:61:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 17:33:12 2026 GMT
Not After : May 10 17:38:12 2027 GMT
Subject: CN=38E0530040E0CCF07474FF4BD0884ACA3BA3EFCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4c:1a:93:9d:78:81:61:dd:48:30:fa:af:fd:
50:11:ee:87:75:04:14:7a:30:89:39:8e:e4:06:e7:
7f:35:eb:08:0a:b0:b2:47:b3:a4:69:a4:88:ed:96:
fa:ae:7f:76:6d:d8:53:d1:5c:3d:36:4a:07:71:94:
22:d7:cf:be:dc:43:b5:56:1e:6e:3b:b7:3c:04:88:
1d:26:63:3c:9f:6e:9c:79:b6:1a:08:65:1e:81:64:
1f:78:d2:2e:9f:f0:57:69:cf:f0:47:94:0d:68:ff:
58:4b:f4:47:ea:64:c3:0e:62:03:02:aa:3d:59:a3:
86:f0:59:d5:2a:d8:b0:21:86:84:a9:8f:88:01:70:
ea:fa:40:6b:29:a5:05:89:e0:23:20:82:20:29:e8:
1f:d5:86:ee:d6:14:e8:62:92:26:2b:4e:89:b6:e3:
11:d2:c2:5a:a4:a5:a8:ca:e9:9b:b1:6c:04:e1:4b:
00:0c:ad:76:2f:2c:c2:67:37:5c:09:b1:7a:a5:54:
ea:bb:ff:72:51:42:c9:41:30:84:43:df:2d:9d:59:
4f:3e:f3:95:b5:f0:02:68:13:65:a6:1b:34:7b:cc:
8f:d0:2c:89:96:f4:8a:9c:6a:e6:4a:2b:67:ad:28:
24:92:6b:5b:2a:ed:13:74:1f:00:c5:e3:77:2b:db:
36:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E0:53:00:40:E0:CC:F0:74:74:FF:4B:D0:88:4A:CA:3B:A3:EF:CF
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/33392e312e34362e302f32342d3234203d3e2039393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
39.1.46.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f4:ff:4d:4b:99:79:a0:c2:2a:a7:c3:63:3c:04:32:eb:88:
8b:5e:91:56:e1:e3:5c:77:9d:11:15:e3:44:1e:4d:12:3c:16:
6a:d1:24:4e:34:06:9f:db:8c:2a:43:bd:77:fa:b5:c0:eb:ba:
7a:51:23:ab:0a:ca:14:19:da:b5:bc:2e:73:ad:1c:bf:51:7f:
d0:42:cf:4e:1b:d7:c0:d8:0b:07:39:70:9d:28:d0:1f:0c:24:
e3:fd:32:9c:58:8b:5d:3e:cf:4f:8b:2f:bf:c2:8f:af:35:f1:
46:cb:53:1c:08:c5:63:65:db:db:31:3f:69:65:25:99:a3:4a:
55:13:9f:8a:5c:48:c9:03:10:5e:8f:88:d5:1a:9d:85:8c:6b:
b9:5e:48:88:d1:85:e6:f1:4d:01:cb:68:59:e7:f8:b1:20:4a:
d5:f6:33:4c:f6:5f:e2:a7:8a:d4:dc:38:7c:cf:07:87:f7:ef:
09:1a:0a:e3:69:b2:b3:33:b4:8c:79:f5:8b:ce:3d:66:f6:89:
1e:2a:21:e0:17:5e:6e:7a:5d:c2:4b:88:b8:48:5a:d4:92:07:
23:ff:ea:e7:1f:aa:2e:7c:b6:99:f6:6d:66:9a:0d:3c:c7:46:
1f:a4:14:9f:11:e5:c3:5c:a2:aa:55:6f:98:43:4c:91:0f:bc:
fa:e2:aa:de
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIUbCueNVxcUh1WR+PM5KREYeIDYYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNzMzMTJaFw0yNzA1MTAxNzM4MTJaMDMxMTAvBgNV
BAMTKDM4RTA1MzAwNDBFMENDRjA3NDc0RkY0QkQwODg0QUNBM0JBM0VGQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTTBqTnXiBYd1IMPqv/VAR7od1
BBR6MIk5juQG53816wgKsLJHs6RppIjtlvquf3Zt2FPRXD02SgdxlCLXz77cQ7VW
Hm47tzwEiB0mYzyfbpx5thoIZR6BZB940i6f8Fdpz/BHlA1o/1hL9EfqZMMOYgMC
qj1Zo4bwWdUq2LAhhoSpj4gBcOr6QGsppQWJ4CMggiAp6B/Vhu7WFOhikiYrTom2
4xHSwlqkpajK6ZuxbAThSwAMrXYvLMJnN1wJsXqlVOq7/3JRQslBMIRD3y2dWU8+
85W18AJoE2WmGzR7zI/QLImW9IqcauZKK2etKCSSa1sq7RN0HwDF43cr2zY1AgMB
AAGjggHZMIIB1TAdBgNVHQ4EFgQUOOBTAEDgzPB0dP9L0IhKyjuj788wHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHMGCCsGAQUFBwELBGcwZTBjBggrBgEFBQcwC4ZXcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMzMzkyZTMxMmUzNDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzOTMyMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAnAS4w
DQYJKoZIhvcNAQELBQADggEBACn0/01LmXmgwiqnw2M8BDLriItekVbh41x3nREV
40QeTRI8FmrRJE40Bp/bjCpDvXf6tcDrunpRI6sKyhQZ2rW8LnOtHL9Rf9BCz04b
18DYCwc5cJ0o0B8MJOP9MpxYi10+z0+LL7/Cj6818UbLUxwIxWNl29sxP2llJZmj
SlUTn4pcSMkDEF6PiNUanYWMa7leSIjRhebxTQHLaFnn+LEgStX2M0z2X+KnitTc
OHzPB4f37wkaCuNpsrMztIx59YvOPWb2iR4qIeAXXm56XcJLiLhIWtSSByP/6ucf
qi58tpn2bWaaDTzHRh+kFJ8R5cNcoqpVb5hDTJEPvPriqt4=
-----END CERTIFICATE-----
Generated at Wed May 13 00:45:12 2026 by rpki-client