Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TANET/0/AS17713.roa
File: AS17713.roa (raw, json)
Hash identifier: 6THe+d1M9IBbktnCoPGIW1RcAbmuio4tr67tKLdsscQ=
Subject key identifier: FF:17:6D:63:5F:B8:14:D9:9A:A3:EA:DA:EA:CA:B2:98:F2:75:96:F4
Certificate issuer: /CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Certificate serial: 75E7A29B9DF62C96E00259016BE0053F24FD74EE
Authority key identifier: 6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TANET/0/AS17713.roa
Signing time: Tue 12 May 2026 01:48:40 +0000
ROA not before: Tue 12 May 2026 01:43:40 +0000
ROA not after: Tue 11 May 2027 01:48:40 +0000
asID: 17713
IP address blocks: 120.118.0.0/16 maxlen: 16
163.18.0.0/16 maxlen: 16
203.64.54.0/23 maxlen: 23
203.64.56.0/21 maxlen: 21
203.64.64.0/23 maxlen: 23
203.64.88.0/21 maxlen: 21
203.64.96.0/21 maxlen: 21
203.64.120.0/21 maxlen: 21
203.64.128.0/21 maxlen: 21
203.64.166.0/23 maxlen: 23
203.64.168.0/22 maxlen: 22
203.68.0.0/22 maxlen: 22
203.68.4.0/23 maxlen: 23
203.68.94.0/23 maxlen: 23
203.68.96.0/22 maxlen: 22
203.68.252.0/23 maxlen: 23
203.71.232.0/23 maxlen: 23
203.72.211.0/24 maxlen: 24
203.72.212.0/22 maxlen: 22
210.60.80.0/21 maxlen: 21
210.60.88.0/22 maxlen: 22
210.60.92.0/24 maxlen: 24
210.60.147.0/24 maxlen: 24
210.60.148.0/24 maxlen: 24
210.60.183.0/24 maxlen: 24
210.60.184.0/22 maxlen: 22
210.60.188.0/23 maxlen: 23
210.60.190.0/24 maxlen: 24
210.70.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:e7:a2:9b:9d:f6:2c:96:e0:02:59:01:6b:e0:05:3f:24:fd:74:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Validity
Not Before: May 12 01:43:40 2026 GMT
Not After : May 11 01:48:40 2027 GMT
Subject: CN=FF176D635FB814D99AA3EADAEACAB298F27596F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:18:63:e1:61:db:ba:97:a4:24:a9:cf:06:
7d:44:13:64:75:81:b1:d0:21:29:a8:f5:e7:01:e3:
f7:7c:52:ff:5d:82:8f:f7:77:bf:9b:93:00:b5:93:
e8:2c:0c:01:7c:64:d1:10:47:79:17:91:f1:73:7b:
4f:86:e3:49:b3:35:84:2d:10:99:b0:a6:9d:0c:5f:
46:de:2a:b1:98:dc:94:2a:ec:ac:be:96:3e:d4:e7:
49:45:04:f9:22:14:c4:d1:cd:c4:49:96:ed:b3:de:
ab:95:5c:a0:88:3c:c7:50:e5:63:e8:a3:bf:f7:16:
e6:60:90:19:64:b9:5d:b0:fe:ba:a3:aa:c1:b3:04:
6d:30:cd:e1:8d:48:d4:61:a2:aa:ca:e9:33:be:a3:
33:e2:dd:f2:43:8f:31:0a:08:96:0b:ea:ea:14:36:
13:32:69:d8:3f:d9:98:ae:d3:ea:3a:83:a2:77:32:
bf:56:44:77:da:01:a5:99:2f:b1:81:06:0c:06:9c:
64:8f:50:9b:c8:cb:d7:fa:39:3a:00:68:ad:4d:44:
29:7c:99:ef:46:7c:d8:10:ce:56:f3:a9:ff:91:d3:
40:50:5a:c6:7f:ee:45:ca:d0:6d:27:ec:c2:ff:3a:
4a:2c:55:f1:c7:15:f5:3e:17:8f:51:99:c9:8f:d8:
46:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:17:6D:63:5F:B8:14:D9:9A:A3:EA:DA:EA:CA:B2:98:F2:75:96:F4
X509v3 Authority Key Identifier:
keyid:6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TANET/0/AS17713.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.118.0.0/16
163.18.0.0/16
203.64.54.0-203.64.65.255
203.64.88.0-203.64.103.255
203.64.120.0-203.64.135.255
203.64.166.0-203.64.171.255
203.68.0.0-203.68.5.255
203.68.94.0-203.68.99.255
203.68.252.0/23
203.71.232.0/23
203.72.211.0-203.72.215.255
210.60.80.0-210.60.92.255
210.60.147.0-210.60.148.255
210.60.183.0-210.60.190.255
210.70.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ed:ac:35:23:53:0a:78:e6:5c:3a:e2:5d:e3:2c:d0:94:5e:
3a:c9:a5:b8:a0:9e:6b:c9:28:66:2d:41:70:81:84:ca:4a:86:
f3:bc:f7:1b:8c:99:b8:a7:45:b6:69:19:69:3c:9d:3e:c1:61:
d7:ab:0d:1d:9a:72:f6:13:52:82:58:a1:ea:19:08:04:97:02:
90:6e:5a:a7:95:d3:35:0d:26:68:bd:f5:a6:45:5b:35:13:24:
8d:17:9f:1d:34:ea:48:d1:2a:1b:2b:95:d0:63:34:4b:28:0c:
4a:18:d5:28:c9:ca:39:51:f2:5f:5d:85:eb:7c:a4:e7:2e:13:
1e:7e:8f:4a:a8:ea:ea:3e:b8:a6:13:a3:df:cc:64:40:5e:54:
c4:18:fc:f6:8b:46:c0:f6:cf:4c:cf:88:5f:f2:26:55:68:af:
2f:b1:05:f8:fb:83:53:f3:b2:b1:14:d0:9f:b0:39:dc:2b:4c:
31:5a:70:67:55:a4:60:b1:23:f3:ba:4c:9a:e6:56:03:7d:cb:
7a:b3:01:7e:f1:e4:eb:94:92:a5:c1:29:20:91:22:96:4c:c8:
3c:78:28:32:68:e0:88:6c:41:13:86:66:12:e5:6d:af:0f:28:
65:8e:6f:b6:6e:3a:0d:58:73:e7:bc:87:fb:d0:31:63:6a:68:
c5:d1:b5:e0
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIUdeeim532LJbgAlkBa+AFPyT9dO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkU5QzMyMjY2ODJBRUZBOEQ2N0I4QUM2MDhDQ0NGQzhB
MDk2MTBDRDAeFw0yNjA1MTIwMTQzNDBaFw0yNzA1MTEwMTQ4NDBaMDMxMTAvBgNV
BAMTKEZGMTc2RDYzNUZCODE0RDk5QUEzRUFEQUVBQ0FCMjk4RjI3NTk2RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt1hhj4WHbupekJKnPBn1EE2R1
gbHQISmo9ecB4/d8Uv9dgo/3d7+bkwC1k+gsDAF8ZNEQR3kXkfFze0+G40mzNYQt
EJmwpp0MX0beKrGY3JQq7Ky+lj7U50lFBPkiFMTRzcRJlu2z3quVXKCIPMdQ5WPo
o7/3FuZgkBlkuV2w/rqjqsGzBG0wzeGNSNRhoqrK6TO+ozPi3fJDjzEKCJYL6uoU
NhMyadg/2Ziu0+o6g6J3Mr9WRHfaAaWZL7GBBgwGnGSPUJvIy9f6OToAaK1NRCl8
me9GfNgQzlbzqf+R00BQWsZ/7kXK0G0n7ML/OkosVfHHFfU+F49RmcmP2EYzAgMB
AAGjggJYMIICVDAdBgNVHQ4EFgQU/xdtY1+4FNmao+ra6sqymPJ1lvQwHwYDVR0j
BBgwFoAUbpwyJmgq76jWe4rGCMzPyKCWEM0wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVEFORVQv
MC82RTlDMzIyNjY4MkFFRkE4RDY3QjhBQzYwOENDQ0ZDOEEwOTYxMENELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzZFOUMzMjI2NjgyQUVGQThENjdCOEFDNjA4Q0ND
RkM4QTA5NjEwQ0QuY2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UQU5FVC8wL0FTMTc3MTMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgcQGCCsGAQUFBwEHAQH/BIG0MIGxMIGu
BAIAATCBpwMDAHh2AwMAoxIwDAMEActANgMEActAQDAMAwQDy0BYAwQDy0BgMAwD
BAPLQHgDBAPLQIAwDAMEActApgMEAstAqDALAwMCy0QDBAHLRAQwDAMEActEXgME
AstEYAMEActE/AMEActH6DAMAwQAy0jTAwQDy0jQMAwDBATSPFADBADSPFwwDAME
ANI8kwMEANI8lDAMAwQA0jy3AwQA0jy+AwQA0kb+MA0GCSqGSIb3DQEBCwUAA4IB
AQCk7aw1I1MKeOZcOuJd4yzQlF46yaW4oJ5ryShmLUFwgYTKSobzvPcbjJm4p0W2
aRlpPJ0+wWHXqw0dmnL2E1KCWKHqGQgElwKQblqnldM1DSZovfWmRVs1EySNF58d
NOpI0SobK5XQYzRLKAxKGNUoyco5UfJfXYXrfKTnLhMefo9KqOrqPrimE6PfzGRA
XlTEGPz2i0bA9s9Mz4hf8iZVaK8vsQX4+4NT87KxFNCfsDncK0wxWnBnVaRgsSPz
ukya5lYDfct6swF+8eTrlJKlwSkgkSKWTMg8eCgyaOCIbEEThmYS5W2vDyhljm+2
bjoNWHPnvIf70DFjamjF0bXg
-----END CERTIFICATE-----
Generated at Tue May 12 23:00:49 2026 by rpki-client