Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/36312e36342e3132382e302f31372d3234203d3e203138313832.roa
File: 36312e36342e3132382e302f31372d3234203d3e203138313832.roa (raw, json)
Hash identifier: AP04YgE4U4X0DbCKpFBdjCNZlauxNQuycSDnxfq2LBo=
Subject key identifier: 6A:67:CE:0E:BF:C6:FE:C8:22:DF:BC:DB:5C:5C:38:F4:0D:BF:A2:0F
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 2E45E7D5F9BE203A7EA6861FA8A8B078156752FD
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/36312e36342e3132382e302f31372d3234203d3e203138313832.roa
Signing time: Mon 11 May 2026 16:54:27 +0000
ROA not before: Mon 11 May 2026 16:49:27 +0000
ROA not after: Mon 10 May 2027 16:54:27 +0000
asID: 18182
IP address blocks: 61.64.128.0/17 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:45:e7:d5:f9:be:20:3a:7e:a6:86:1f:a8:a8:b0:78:15:67:52:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 16:49:27 2026 GMT
Not After : May 10 16:54:27 2027 GMT
Subject: CN=6A67CE0EBFC6FEC822DFBCDB5C5C38F40DBFA20F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:96:61:a9:ba:da:8d:77:ed:7a:d6:17:b1:
a5:28:8b:ce:b9:6c:91:af:b1:81:cb:9f:7e:db:1b:
91:df:ba:3a:41:a5:96:6f:9d:6d:91:58:b1:90:85:
86:cd:1f:f3:80:0a:c1:b6:48:1d:d3:80:20:c6:a4:
f6:8c:94:9b:f5:f3:49:4d:40:2a:fd:d9:48:32:f7:
94:8d:d8:0a:12:a9:d4:ca:db:24:65:2e:4b:97:e2:
93:12:d3:00:bf:49:b1:35:7d:b1:8c:bc:38:bd:5c:
49:87:75:c6:1c:cf:9b:86:d1:cf:92:fd:6c:72:b4:
09:fa:c9:f6:fa:da:d5:db:5e:64:64:dc:05:af:44:
03:ad:17:b1:1c:24:e4:b4:8a:c6:63:22:82:25:0f:
d5:7e:39:6a:b6:57:11:d3:c1:8e:9d:11:f0:9f:c7:
71:6b:5f:e0:fa:f5:b0:d2:64:ad:32:aa:e9:bb:c1:
29:0f:08:20:72:95:77:e7:8b:c3:ee:9d:95:72:94:
e8:b1:29:e8:91:c4:a7:a7:d2:25:7f:ff:d0:4a:c0:
0d:88:40:f5:ef:6d:be:64:69:00:e7:d9:e6:51:f2:
1d:a5:2d:77:f7:22:27:d2:dd:e0:b0:19:06:7a:6a:
b1:4f:6f:89:d4:0e:41:f8:83:65:6c:08:0a:b7:99:
0f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:67:CE:0E:BF:C6:FE:C8:22:DF:BC:DB:5C:5C:38:F4:0D:BF:A2:0F
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/36312e36342e3132382e302f31372d3234203d3e203138313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
61.64.128.0/17
Signature Algorithm: sha256WithRSAEncryption
78:0b:59:10:10:3f:0b:96:59:fe:77:a9:b2:ca:bd:d4:32:51:
c0:9f:5e:90:53:2f:f1:f2:0e:3b:b0:78:1f:af:af:26:a5:be:
b7:5a:13:55:d9:ba:6f:40:aa:00:5c:f7:67:9b:e1:2c:ef:f2:
02:a0:72:a4:5f:4e:d8:0a:32:90:c8:7c:ef:c4:ed:69:d9:11:
ae:7f:02:74:40:49:c9:74:96:f0:be:47:b4:3a:e1:2b:e0:43:
7d:f7:1f:b7:d2:b8:9f:ef:7f:c2:6c:46:9b:9e:d6:85:04:cb:
c7:0d:c7:60:03:74:32:3c:da:03:55:b8:19:6f:d6:a8:88:aa:
9f:55:2f:7d:a0:5d:08:31:04:fb:b8:ec:87:43:6e:1d:c3:66:
8b:9c:3f:b9:98:27:04:3c:b5:4b:b9:11:40:67:e6:c0:cb:68:
24:30:1a:d8:4f:d7:70:b3:0c:23:b7:c1:02:b4:d8:98:40:66:
80:fe:e2:06:a6:f3:df:5c:7b:c2:b6:80:f6:0f:42:0e:e7:b7:
07:85:ba:f9:75:f3:3a:d2:60:bb:9d:92:bf:00:27:75:34:56:
58:51:7c:6d:15:22:69:9e:ee:b8:51:ac:07:36:79:80:35:e2:
2f:e6:d8:28:ef:33:72:78:d3:dd:e7:da:a9:39:1a:86:54:10:
c3:8e:be:b4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIULkXn1fm+IDp+poYfqKiweBVnUv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNjQ5MjdaFw0yNzA1MTAxNjU0MjdaMDMxMTAvBgNV
BAMTKDZBNjdDRTBFQkZDNkZFQzgyMkRGQkNEQjVDNUMzOEY0MERCRkEyMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx8pZhqbrajXftetYXsaUoi865
bJGvsYHLn37bG5HfujpBpZZvnW2RWLGQhYbNH/OACsG2SB3TgCDGpPaMlJv180lN
QCr92Ugy95SN2AoSqdTK2yRlLkuX4pMS0wC/SbE1fbGMvDi9XEmHdcYcz5uG0c+S
/WxytAn6yfb62tXbXmRk3AWvRAOtF7EcJOS0isZjIoIlD9V+OWq2VxHTwY6dEfCf
x3FrX+D69bDSZK0yqum7wSkPCCBylXfni8PunZVylOixKeiRxKen0iV//9BKwA2I
QPXvbb5kaQDn2eZR8h2lLXf3IifS3eCwGQZ6arFPb4nUDkH4g2VsCAq3mQ+vAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUamfODr/G/sgi37zbXFw49A2/og8wHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcwC4ZdcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzM2MzEyZTM2MzQyZTMx
MzIzODJlMzAyZjMxMzcyZDMyMzQyMDNkM2UyMDMxMzgzMTM4MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAc9QIAwDQYJKoZIhvcNAQELBQADggEBAHgLWRAQPwuWWf53qbLKvdQyUcCfXpBT
L/HyDjuweB+vryalvrdaE1XZum9AqgBc92eb4Szv8gKgcqRfTtgKMpDIfO/E7WnZ
Ea5/AnRAScl0lvC+R7Q64SvgQ333H7fSuJ/vf8JsRpue1oUEy8cNx2ADdDI82gNV
uBlv1qiIqp9VL32gXQgxBPu47IdDbh3DZoucP7mYJwQ8tUu5EUBn5sDLaCQwGthP
13CzDCO3wQK02JhAZoD+4gam899ce8K2gPYPQg7ntweFuvl18zrSYLudkr8AJ3U0
VlhRfG0VImme7rhRrAc2eYA14i/m2CjvM3J4093n2qk5GoZUEMOOvrQ=
-----END CERTIFICATE-----
Generated at Wed May 13 00:34:16 2026 by rpki-client