Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TANET/0/AS1659.roa
File: AS1659.roa (raw, json)
Hash identifier: M7vlJ+pOYnQc6ZvkQ07/yOT39egw6Apz1FV4LHusFGM=
Subject key identifier: E9:75:03:6C:6E:D2:1B:7B:CE:66:37:AA:9C:8D:60:E8:45:C2:9B:16
Certificate issuer: /CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Certificate serial: 6582B2219BFC33C84495E46545ECD8A9674F3150
Authority key identifier: 6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TANET/0/AS1659.roa
Signing time: Tue 12 May 2026 01:50:08 +0000
ROA not before: Tue 12 May 2026 01:45:08 +0000
ROA not after: Tue 11 May 2027 01:50:08 +0000
asID: 1659
IP address blocks: 120.96.0.0/11 maxlen: 11
120.107.0.0/16 maxlen: 16
120.108.0.0/16 maxlen: 16
120.109.0.0/16 maxlen: 16
120.110.0.0/16 maxlen: 16
120.124.0.0/16 maxlen: 16
120.125.0.0/16 maxlen: 16
163.13.0.0/16 maxlen: 16
163.14.0.0/15 maxlen: 15
163.16.0.0/13 maxlen: 19
163.22.41.0/24 maxlen: 24
163.22.44.0/22 maxlen: 22
163.22.48.0/24 maxlen: 24
163.22.177.0/24 maxlen: 24
163.22.178.0/24 maxlen: 24
163.22.228.0/22 maxlen: 22
163.22.232.0/21 maxlen: 21
163.22.240.0/20 maxlen: 20
163.24.0.0/14 maxlen: 14
163.25.0.0/18 maxlen: 18
163.25.64.0/20 maxlen: 20
163.25.80.0/22 maxlen: 22
163.25.85.0/24 maxlen: 24
163.25.120.0/21 maxlen: 21
163.25.128.0/17 maxlen: 17
163.28.0.0/16 maxlen: 16
163.28.48.0/20 maxlen: 20
163.28.80.0/20 maxlen: 20
163.30.0.0/15 maxlen: 15
163.30.0.0/16 maxlen: 16
163.32.0.0/16 maxlen: 16
203.64.0.0/16 maxlen: 16
203.64.8.0/21 maxlen: 21
203.64.44.0/23 maxlen: 23
203.64.155.0/24 maxlen: 24
203.64.158.0/23 maxlen: 23
203.64.191.0/24 maxlen: 24
203.68.0.0/16 maxlen: 16
203.68.32.0/22 maxlen: 22
203.68.36.0/23 maxlen: 23
203.68.75.0/24 maxlen: 24
203.68.203.0/24 maxlen: 24
203.68.204.0/23 maxlen: 23
203.68.243.0/24 maxlen: 24
203.68.244.0/23 maxlen: 23
203.68.248.0/23 maxlen: 23
203.68.250.0/24 maxlen: 24
203.71.0.0/16 maxlen: 16
203.71.2.0/24 maxlen: 24
203.71.16.0/23 maxlen: 23
203.71.100.0/22 maxlen: 22
203.71.118.0/23 maxlen: 23
203.71.120.0/23 maxlen: 23
203.71.136.0/22 maxlen: 22
203.71.152.0/22 maxlen: 22
203.71.156.0/24 maxlen: 24
203.71.181.0/24 maxlen: 24
203.71.186.0/23 maxlen: 23
203.71.204.0/23 maxlen: 23
203.71.212.0/24 maxlen: 24
203.71.234.0/24 maxlen: 24
203.71.236.0/24 maxlen: 24
203.71.245.0/24 maxlen: 24
203.72.0.0/16 maxlen: 24
210.59.0.0/17 maxlen: 24
210.60.0.0/16 maxlen: 24
210.62.64.0/19 maxlen: 19
210.62.224.0/20 maxlen: 20
210.62.224.0/21 maxlen: 21
210.62.240.0/21 maxlen: 21
210.67.248.0/21 maxlen: 21
210.70.0.0/16 maxlen: 16
210.70.0.0/24 maxlen: 24
210.70.26.0/23 maxlen: 23
210.70.28.0/24 maxlen: 24
210.70.72.0/21 maxlen: 21
210.70.99.0/24 maxlen: 24
210.70.125.0/24 maxlen: 24
210.70.126.0/24 maxlen: 24
210.71.0.0/17 maxlen: 17
210.71.44.0/23 maxlen: 23
210.71.46.0/24 maxlen: 24
210.240.0.0/16 maxlen: 16
210.240.187.0/24 maxlen: 24
210.240.188.0/22 maxlen: 22
210.240.192.0/22 maxlen: 22
210.240.196.0/23 maxlen: 23
210.240.212.0/23 maxlen: 23
210.240.214.0/23 maxlen: 23
210.240.224.0/21 maxlen: 21
210.243.0.0/18 maxlen: 18
210.243.49.0/24 maxlen: 24
210.243.50.0/24 maxlen: 24
2001:288::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:82:b2:21:9b:fc:33:c8:44:95:e4:65:45:ec:d8:a9:67:4f:31:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Validity
Not Before: May 12 01:45:08 2026 GMT
Not After : May 11 01:50:08 2027 GMT
Subject: CN=E975036C6ED21B7BCE6637AA9C8D60E845C29B16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:4c:41:47:9e:ab:2f:1f:2b:0f:a3:10:9c:
31:6e:41:ce:bc:58:8e:d3:f3:b5:9d:80:d5:e7:da:
8a:e5:fe:02:3d:cf:90:d7:12:dc:a2:d8:c4:83:b9:
24:71:61:ef:b8:46:2d:22:da:b2:99:af:0e:37:88:
20:7f:15:e2:b9:00:42:72:7b:3f:c7:f8:04:e7:39:
25:bc:a0:bb:64:9c:2f:c6:62:19:ef:d7:a5:de:82:
17:eb:91:65:76:e5:99:ac:42:c3:cd:87:bf:2b:ec:
c6:e1:37:58:52:61:24:5d:29:a9:00:03:22:f9:fc:
7f:36:10:c8:1b:4d:78:1d:1f:49:82:ad:5d:20:7b:
4c:42:c5:99:8e:8a:2b:e6:0a:f4:cd:d1:2f:c8:d8:
d7:4d:6f:91:7b:30:8b:06:59:09:2e:c4:75:01:e9:
b6:fa:0b:cc:ec:33:05:4a:39:18:e7:ce:6e:9b:5a:
39:52:d2:93:fe:dd:a0:59:50:2a:b6:0f:45:39:c9:
b2:c6:b2:8b:f6:f0:00:07:41:d4:32:d7:d4:12:83:
00:51:a4:11:f4:82:a2:1a:c8:f8:5e:6a:75:cd:55:
ba:32:fa:db:cf:e1:46:3f:8e:53:1f:fc:91:12:7c:
a1:66:4a:e4:f4:aa:05:e8:d3:4e:4b:4d:48:46:d5:
4e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:75:03:6C:6E:D2:1B:7B:CE:66:37:AA:9C:8D:60:E8:45:C2:9B:16
X509v3 Authority Key Identifier:
keyid:6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TANET/0/AS1659.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.96.0.0/11
163.13.0.0-163.28.255.255
163.30.0.0-163.32.255.255
203.64.0.0/16
203.68.0.0/16
203.71.0.0-203.72.255.255
210.59.0.0/17
210.60.0.0/16
210.62.64.0/19
210.62.224.0-210.62.247.255
210.67.248.0/21
210.70.0.0-210.71.127.255
210.240.0.0/16
210.243.0.0/18
IPv6:
2001:288::/32
Signature Algorithm: sha256WithRSAEncryption
a8:a5:61:e7:e1:84:f6:7e:ee:fd:30:5d:5f:94:47:ed:0d:15:
dd:6a:e2:02:71:ff:cc:78:29:05:2d:22:d9:8c:3f:d0:38:17:
b8:53:94:68:d2:e3:c9:2c:93:d7:67:80:d1:0c:c8:fa:59:44:
d3:b4:93:37:1d:65:a0:47:ba:a1:03:ac:56:df:63:4d:28:9e:
76:b7:95:81:46:86:75:b4:b2:44:48:d7:b5:91:0a:74:e4:79:
c1:7a:3a:6c:31:b8:14:55:d9:2a:88:75:15:3e:74:68:b9:4e:
34:34:8a:1c:23:99:c2:de:51:85:42:8f:04:39:b8:57:31:98:
04:a8:77:2a:c1:1b:0d:33:d0:03:16:c4:77:77:ca:0d:e1:a2:
d7:d1:2f:76:0a:64:a0:aa:9c:0a:21:17:17:f4:45:eb:7a:c6:
dc:a3:ff:d1:7d:7f:9d:5a:b6:ed:b2:48:ea:b7:33:05:0d:9b:
bf:1d:2f:93:97:e9:e7:2c:d3:f6:fe:75:a3:1a:64:22:a8:e2:
5f:bb:e4:af:f3:b6:c1:bf:83:f6:fb:ef:16:42:84:50:2c:1e:
04:7f:25:92:8c:4c:d3:b8:31:23:4d:85:bc:5e:77:9e:b5:44:
4b:66:c8:88:ed:e8:22:a8:14:ee:62:61:58:e7:5c:55:4a:1d:
ae:87:2f:2e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUZYKyIZv8M8hEleRlRezYqWdPMVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkU5QzMyMjY2ODJBRUZBOEQ2N0I4QUM2MDhDQ0NGQzhB
MDk2MTBDRDAeFw0yNjA1MTIwMTQ1MDhaFw0yNzA1MTEwMTUwMDhaMDMxMTAvBgNV
BAMTKEU5NzUwMzZDNkVEMjFCN0JDRTY2MzdBQTlDOEQ2MEU4NDVDMjlCMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/DkxBR56rLx8rD6MQnDFuQc68
WI7T87WdgNXn2orl/gI9z5DXEtyi2MSDuSRxYe+4Ri0i2rKZrw43iCB/FeK5AEJy
ez/H+ATnOSW8oLtknC/GYhnv16XeghfrkWV25ZmsQsPNh78r7MbhN1hSYSRdKakA
AyL5/H82EMgbTXgdH0mCrV0ge0xCxZmOiivmCvTN0S/I2NdNb5F7MIsGWQkuxHUB
6bb6C8zsMwVKORjnzm6bWjlS0pP+3aBZUCq2D0U5ybLGsov28AAHQdQy19QSgwBR
pBH0gqIayPheanXNVboy+tvP4UY/jlMf/JESfKFmSuT0qgXo005LTUhG1U6JAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU6XUDbG7SG3vOZjeqnI1g6EXCmxYwHwYDVR0j
BBgwFoAUbpwyJmgq76jWe4rGCMzPyKCWEM0wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVEFORVQv
MC82RTlDMzIyNjY4MkFFRkE4RDY3QjhBQzYwOENDQ0ZDOEEwOTYxMENELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzZFOUMzMjI2NjgyQUVGQThENjdCOEFDNjA4Q0ND
RkM4QTA5NjEwQ0QuY2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UQU5FVC8wL0FTMTY1OS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBmgYIKwYBBQUHAQcBAf8EgYowgYcwdgQC
AAEwcAMDBXhgMAoDAwCjDQMDAKMcMAoDAwGjHgMDAKMgAwMAy0ADAwDLRDAKAwMA
y0cDAwDLSAMEB9I7AAMDANI8AwQF0j5AMAwDBAXSPuADBAPSPvADBAPSQ/gwCwMD
AdJGAwQH0kcAAwMA0vADBAbS8wAwDQQCAAIwBwMFACABAogwDQYJKoZIhvcNAQEL
BQADggEBAKilYefhhPZ+7v0wXV+UR+0NFd1q4gJx/8x4KQUtItmMP9A4F7hTlGjS
48ksk9dngNEMyPpZRNO0kzcdZaBHuqEDrFbfY00onna3lYFGhnW0skRI17WRCnTk
ecF6OmwxuBRV2SqIdRU+dGi5TjQ0ihwjmcLeUYVCjwQ5uFcxmASodyrBGw0z0AMW
xHd3yg3hotfRL3YKZKCqnAohFxf0Ret6xtyj/9F9f51atu2ySOq3MwUNm78dL5OX
6ecs0/b+daMaZCKo4l+75K/ztsG/g/b77xZChFAsHgR/JZKMTNO4MSNNhbxed561
REtmyIjt6CKoFO5iYVjnXFVKHa6HLy4=
-----END CERTIFICATE-----
Generated at Tue May 12 23:00:51 2026 by rpki-client