Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SYSNET/0/3231302e36372e3133362e302f32322d3234203d3e2034373833.roa
File: 3231302e36372e3133362e302f32322d3234203d3e2034373833.roa (raw, json)
Hash identifier: NxbEYku6+Yeb1boQaTVe2CO1V589t+LUg0puIeCsP4U=
Subject key identifier: 7E:02:C1:17:64:02:13:D0:F9:67:94:A5:23:12:FF:0C:E4:F6:89:DA
Certificate issuer: /CN=EDE7389B6D9A335D6B6FDD4286DB79011F87554B
Certificate serial: 76DF9FA18676938330D3EE230B35CF078C3F1EBC
Authority key identifier: ED:E7:38:9B:6D:9A:33:5D:6B:6F:DD:42:86:DB:79:01:1F:87:55:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/EDE7389B6D9A335D6B6FDD4286DB79011F87554B.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SYSNET/0/3231302e36372e3133362e302f32322d3234203d3e2034373833.roa
Signing time: Mon 11 May 2026 17:40:22 +0000
ROA not before: Mon 11 May 2026 17:35:22 +0000
ROA not after: Mon 10 May 2027 17:40:22 +0000
asID: 4783
IP address blocks: 210.67.136.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:df:9f:a1:86:76:93:83:30:d3:ee:23:0b:35:cf:07:8c:3f:1e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EDE7389B6D9A335D6B6FDD4286DB79011F87554B
Validity
Not Before: May 11 17:35:22 2026 GMT
Not After : May 10 17:40:22 2027 GMT
Subject: CN=7E02C117640213D0F96794A52312FF0CE4F689DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c7:50:46:ee:0b:81:6a:bb:fd:da:6b:dd:3c:
8c:46:14:6d:a5:1f:48:cb:ed:ef:c6:fe:b7:73:17:
7a:96:3d:81:09:13:05:81:6d:b0:bb:59:a8:dc:aa:
57:c3:e6:7d:94:cd:9d:97:50:c8:0c:64:79:7a:1e:
b4:13:68:e2:73:42:f7:11:ba:77:d3:de:75:28:06:
d9:63:96:f3:0c:09:13:56:ab:65:59:59:3f:69:b6:
38:ee:c8:44:12:d4:a4:a9:d5:43:55:7e:0c:53:b0:
78:61:a5:2d:13:18:3a:ae:71:97:f3:53:50:19:77:
37:63:2c:cb:8f:01:5c:83:55:5d:9b:95:90:7d:db:
77:d1:0f:78:6a:cb:37:9c:e0:e6:cf:cd:64:28:2c:
30:03:71:78:22:f0:bd:bc:41:d1:be:59:8d:c2:e3:
f1:62:3c:22:f4:95:f3:56:81:22:69:cb:f3:cd:7f:
1e:99:32:d1:5d:38:8e:80:60:55:c1:9d:2f:b6:d9:
2c:d0:21:32:77:f0:a8:55:a2:80:88:75:9c:8d:a8:
6a:be:38:ea:b1:af:0c:6b:2d:9c:da:4e:6a:2d:9e:
8a:1c:ad:be:c9:81:c4:3a:16:5a:fa:dc:1f:09:36:
41:5d:49:e0:04:f8:51:e7:42:c6:48:ae:22:be:ca:
3a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:02:C1:17:64:02:13:D0:F9:67:94:A5:23:12:FF:0C:E4:F6:89:DA
X509v3 Authority Key Identifier:
keyid:ED:E7:38:9B:6D:9A:33:5D:6B:6F:DD:42:86:DB:79:01:1F:87:55:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SYSNET/0/EDE7389B6D9A335D6B6FDD4286DB79011F87554B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/EDE7389B6D9A335D6B6FDD4286DB79011F87554B.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SYSNET/0/3231302e36372e3133362e302f32322d3234203d3e2034373833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
210.67.136.0/22
Signature Algorithm: sha256WithRSAEncryption
15:2f:55:40:ea:79:02:d7:fc:a9:2b:f5:f5:1d:bd:1f:4f:58:
69:e3:6a:37:71:06:18:f2:da:26:c7:ee:48:7f:6d:3e:dc:c7:
ea:9a:37:bb:9f:d0:95:0a:11:70:8e:ce:d5:10:52:c1:c2:09:
1a:04:72:9a:17:60:52:9d:e6:5e:b5:ba:15:b9:54:ef:c7:31:
e8:13:2c:77:a9:4d:06:c5:f8:1b:0b:84:d1:de:4e:d3:69:d0:
8a:04:42:78:c8:19:c7:70:07:ae:45:07:5e:73:57:b7:12:a2:
ca:a9:74:13:3e:53:93:e3:e0:a3:bd:55:d1:5b:00:e3:ec:37:
99:6d:1a:cf:19:71:07:7e:c3:88:a6:25:d7:61:fb:95:3e:87:
c5:eb:77:07:71:fd:79:6a:61:48:c6:6d:3c:72:ef:fa:cc:8d:
70:82:14:72:d3:d6:5c:83:d4:0c:10:95:46:0a:72:a3:7d:51:
f2:25:a0:17:b9:52:ca:e9:dd:f0:2b:e3:8a:94:94:89:ee:c9:
01:de:df:e1:c8:fa:b2:a2:bf:4c:e5:ba:b1:5c:f8:98:52:d1:
35:0b:65:00:01:40:fd:d3:fb:89:8c:96:83:65:31:f5:d3:1e:
c6:f4:ec:b2:52:e8:39:7e:9f:a8:65:19:ab:2c:4e:d5:83:c2:
61:f7:d0:2e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUdt+foYZ2k4Mw0+4jCzXPB4w/HrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRURFNzM4OUI2RDlBMzM1RDZCNkZERDQyODZEQjc5MDEx
Rjg3NTU0QjAeFw0yNjA1MTExNzM1MjJaFw0yNzA1MTAxNzQwMjJaMDMxMTAvBgNV
BAMTKDdFMDJDMTE3NjQwMjEzRDBGOTY3OTRBNTIzMTJGRjBDRTRGNjg5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyx1BG7guBarv92mvdPIxGFG2l
H0jL7e/G/rdzF3qWPYEJEwWBbbC7WajcqlfD5n2UzZ2XUMgMZHl6HrQTaOJzQvcR
unfT3nUoBtljlvMMCRNWq2VZWT9ptjjuyEQS1KSp1UNVfgxTsHhhpS0TGDqucZfz
U1AZdzdjLMuPAVyDVV2blZB923fRD3hqyzec4ObPzWQoLDADcXgi8L28QdG+WY3C
4/FiPCL0lfNWgSJpy/PNfx6ZMtFdOI6AYFXBnS+22SzQITJ38KhVooCIdZyNqGq+
OOqxrwxrLZzaTmotnoocrb7JgcQ6Flr63B8JNkFdSeAE+FHnQsZIriK+yjr3AgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUfgLBF2QCE9D5Z5SlIxL/DOT2idowHwYDVR0j
BBgwFoAU7ec4m22aM11rb91Chtt5AR+HVUswDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU1lTTkVU
LzAvRURFNzM4OUI2RDlBMzM1RDZCNkZERDQyODZEQjc5MDExRjg3NTU0Qi5jcmww
bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p
Yy50dy9ycGtpL1RXTklDQ0EvMS9FREU3Mzg5QjZEOUEzMzVENkI2RkRENDI4NkRC
NzkwMTFGODc1NTRCLmNlcjB6BggrBgEFBQcBCwRuMGwwagYIKwYBBQUHMAuGXnJz
eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU1lTTkVULzAvMzIzMTMwMmUzNjM3
MmUzMTMzMzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzgzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtJDiDANBgkqhkiG9w0BAQsFAAOCAQEAFS9VQOp5Atf8qSv19R29H09YaeNq
N3EGGPLaJsfuSH9tPtzH6po3u5/QlQoRcI7O1RBSwcIJGgRymhdgUp3mXrW6FblU
78cx6BMsd6lNBsX4GwuE0d5O02nQigRCeMgZx3AHrkUHXnNXtxKiyql0Ez5Tk+Pg
o71V0VsA4+w3mW0azxlxB37DiKYl12H7lT6Hxet3B3H9eWphSMZtPHLv+syNcIIU
ctPWXIPUDBCVRgpyo31R8iWgF7lSyund8CvjipSUie7JAd7f4cj6sqK/TOW6sVz4
mFLRNQtlAAFA/dP7iYyWg2Ux9dMexvTsslLoOX6fqGUZqyxO1YPCYffQLg==
-----END CERTIFICATE-----
Generated at Tue May 12 22:59:33 2026 by rpki-client