Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TANET/0/AS17716.roa
File: AS17716.roa (raw, json)
Hash identifier: QJfn98q9GCpZwDozPEb7vzDE8pPTD6V7DkN76r6Bpos=
Subject key identifier: 0D:A5:2C:5B:75:F2:DC:6C:15:7E:C5:AE:47:84:8A:66:1E:53:61:48
Certificate issuer: /CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Certificate serial: 65EA8C36A27B3C478692862318C92D25E5FFA66E
Authority key identifier: 6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TANET/0/AS17716.roa
Signing time: Tue 12 May 2026 01:48:49 +0000
ROA not before: Tue 12 May 2026 01:43:49 +0000
ROA not after: Tue 11 May 2027 01:48:49 +0000
asID: 17716
IP address blocks: 120.96.0.0/15 maxlen: 15
163.28.16.0/20 maxlen: 20
203.64.0.0/21 maxlen: 21
203.64.26.0/24 maxlen: 24
203.64.46.0/23 maxlen: 23
203.64.48.0/22 maxlen: 22
203.64.52.0/24 maxlen: 24
203.64.138.0/23 maxlen: 23
203.64.153.0/24 maxlen: 24
203.64.154.0/24 maxlen: 24
203.64.189.0/24 maxlen: 24
203.64.207.0/24 maxlen: 24
203.64.208.0/23 maxlen: 23
203.64.228.0/24 maxlen: 24
203.64.252.0/23 maxlen: 23
203.68.31.0/24 maxlen: 24
203.68.168.0/24 maxlen: 24
203.68.236.0/24 maxlen: 24
203.71.10.0/23 maxlen: 23
203.71.24.0/24 maxlen: 24
203.71.63.0/24 maxlen: 24
203.71.64.0/22 maxlen: 22
203.71.80.0/20 maxlen: 20
203.71.170.0/23 maxlen: 23
203.71.175.0/24 maxlen: 24
203.71.182.0/23 maxlen: 23
203.71.206.0/24 maxlen: 24
203.71.210.0/23 maxlen: 23
203.72.39.0/24 maxlen: 24
203.72.56.0/21 maxlen: 21
203.72.64.0/24 maxlen: 24
203.72.67.0/24 maxlen: 24
203.72.68.0/23 maxlen: 23
203.72.70.0/24 maxlen: 24
203.72.177.0/24 maxlen: 24
203.72.178.0/24 maxlen: 24
203.72.185.0/24 maxlen: 24
203.72.188.0/24 maxlen: 24
203.72.192.0/23 maxlen: 23
203.72.235.0/24 maxlen: 24
203.72.253.0/24 maxlen: 24
210.59.43.0/24 maxlen: 24
210.60.8.0/22 maxlen: 22
210.60.106.0/24 maxlen: 24
210.60.119.0/24 maxlen: 24
210.60.128.0/24 maxlen: 24
210.60.141.0/24 maxlen: 24
210.60.142.0/23 maxlen: 23
210.60.144.0/23 maxlen: 23
210.60.146.0/24 maxlen: 24
210.60.149.0/24 maxlen: 24
210.60.150.0/24 maxlen: 24
210.60.156.0/24 maxlen: 24
210.60.235.0/24 maxlen: 24
210.70.94.0/23 maxlen: 23
210.70.98.0/24 maxlen: 24
210.70.119.0/24 maxlen: 24
210.70.120.0/24 maxlen: 24
210.70.129.0/24 maxlen: 24
210.70.130.0/23 maxlen: 23
210.70.132.0/22 maxlen: 22
210.70.136.0/24 maxlen: 24
210.70.185.0/24 maxlen: 24
210.70.186.0/24 maxlen: 24
210.70.195.0/24 maxlen: 24
210.70.197.0/24 maxlen: 24
210.70.198.0/23 maxlen: 23
210.70.200.0/23 maxlen: 23
210.70.202.0/24 maxlen: 24
210.70.212.0/24 maxlen: 24
210.70.246.0/24 maxlen: 24
210.71.2.0/23 maxlen: 23
210.71.62.0/23 maxlen: 23
210.71.64.0/24 maxlen: 24
210.71.76.0/24 maxlen: 24
210.71.78.0/24 maxlen: 24
210.71.98.0/24 maxlen: 24
210.71.122.0/23 maxlen: 23
210.240.232.0/21 maxlen: 21
210.240.240.0/21 maxlen: 21
210.240.248.0/23 maxlen: 23
210.243.0.0/19 maxlen: 19
210.243.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:ea:8c:36:a2:7b:3c:47:86:92:86:23:18:c9:2d:25:e5:ff:a6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Validity
Not Before: May 12 01:43:49 2026 GMT
Not After : May 11 01:48:49 2027 GMT
Subject: CN=0DA52C5B75F2DC6C157EC5AE47848A661E536148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b1:b8:08:09:79:8f:f9:38:9b:76:41:0e:0a:
63:ae:3d:f1:61:e7:9d:89:a0:93:41:81:03:c0:cd:
85:be:bc:3a:1a:ba:e7:86:2d:02:d5:72:78:bf:1b:
6f:46:a4:f4:6b:18:89:80:b8:73:75:37:fa:06:de:
f1:ec:2e:6d:6f:cd:57:b3:dd:15:91:ab:9e:33:81:
42:f1:8a:87:51:fd:c5:38:f9:ee:96:67:87:c2:f2:
0e:d7:2b:1d:e9:2b:25:70:0a:bc:75:99:ba:b1:b8:
3c:ab:43:41:cb:c5:90:c7:44:76:41:78:3a:a4:c4:
1f:ef:96:4f:5b:a4:8d:ee:92:22:28:54:7e:ea:54:
84:c1:41:ae:af:f5:ea:4d:b5:13:5a:db:83:b8:24:
ee:94:d6:2c:b4:3e:5d:90:42:5c:e3:7b:1c:5f:b1:
93:b0:10:e6:d5:db:4c:ed:97:c9:33:8a:21:8f:4b:
fc:4b:e6:ab:ca:22:e1:fe:48:fa:c8:fd:8d:73:04:
a8:59:ac:0e:95:a1:0f:e4:59:e5:a9:93:ea:73:38:
59:b5:79:b0:cd:cc:c9:1a:eb:01:77:c3:0b:c1:09:
f8:09:ea:df:ea:1d:09:72:c7:43:ac:fa:e1:06:8c:
6d:cd:2c:2d:5c:33:12:90:54:06:72:36:98:d4:4a:
bb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A5:2C:5B:75:F2:DC:6C:15:7E:C5:AE:47:84:8A:66:1E:53:61:48
X509v3 Authority Key Identifier:
keyid:6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TANET/0/AS17716.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.96.0.0/15
163.28.16.0/20
203.64.0.0/21
203.64.26.0/24
203.64.46.0-203.64.52.255
203.64.138.0/23
203.64.153.0-203.64.154.255
203.64.189.0/24
203.64.207.0-203.64.209.255
203.64.228.0/24
203.64.252.0/23
203.68.31.0/24
203.68.168.0/24
203.68.236.0/24
203.71.10.0/23
203.71.24.0/24
203.71.63.0-203.71.67.255
203.71.80.0/20
203.71.170.0/23
203.71.175.0/24
203.71.182.0/23
203.71.206.0/24
203.71.210.0/23
203.72.39.0/24
203.72.56.0-203.72.64.255
203.72.67.0-203.72.70.255
203.72.177.0-203.72.178.255
203.72.185.0/24
203.72.188.0/24
203.72.192.0/23
203.72.235.0/24
203.72.253.0/24
210.59.43.0/24
210.60.8.0/22
210.60.106.0/24
210.60.119.0/24
210.60.128.0/24
210.60.141.0-210.60.146.255
210.60.149.0-210.60.150.255
210.60.156.0/24
210.60.235.0/24
210.70.94.0/23
210.70.98.0/24
210.70.119.0-210.70.120.255
210.70.129.0-210.70.136.255
210.70.185.0-210.70.186.255
210.70.195.0/24
210.70.197.0-210.70.202.255
210.70.212.0/24
210.70.246.0/24
210.71.2.0/23
210.71.62.0-210.71.64.255
210.71.76.0/24
210.71.78.0/24
210.71.98.0/24
210.71.122.0/23
210.240.232.0-210.240.249.255
210.243.0.0-210.243.39.255
Signature Algorithm: sha256WithRSAEncryption
6d:3c:14:20:50:a2:6d:1c:7b:0f:22:7a:f8:e8:f5:10:97:b5:
f0:a4:41:2c:26:e3:87:2d:6d:e8:76:c9:72:fa:bf:46:d1:ff:
b7:c2:86:b2:11:7a:42:b2:72:08:c0:72:07:d2:c9:65:b0:6f:
1f:b5:3c:8e:f9:fe:bf:dd:f6:4b:47:9b:d8:17:91:3d:dc:c9:
65:72:ca:68:3f:0a:4c:00:a2:ac:b8:18:cc:17:a5:4d:c4:fe:
48:0b:ec:0f:4d:21:c2:37:d8:c8:bf:bd:fd:25:29:86:8a:ad:
4f:68:57:07:17:34:44:0e:d6:60:f3:44:08:43:92:db:98:a8:
43:20:65:67:ef:3c:54:d2:2f:9f:fc:99:3f:0e:de:3e:fa:b0:
a5:fa:3a:2f:56:12:2a:26:af:99:4b:84:4d:7d:9c:ca:f9:99:
ef:12:b8:7e:57:f1:b9:26:22:e4:a7:fe:05:61:d8:87:21:08:
cb:44:03:5a:f3:e0:8c:5a:af:5a:2f:36:a2:47:22:fc:32:a1:
1e:28:53:0c:3c:50:c4:94:1c:18:a7:6a:f4:28:8c:d2:a1:5a:
1a:89:88:9b:dc:15:63:cc:c5:0b:ca:d1:29:07:91:4a:e6:ce:
e6:96:ad:09:93:4f:7c:f9:ea:ef:b0:cf:4d:2a:b5:6e:23:80:
87:77:d0:69
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgIUZeqMNqJ7PEeGkoYjGMktJeX/pm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkU5QzMyMjY2ODJBRUZBOEQ2N0I4QUM2MDhDQ0NGQzhB
MDk2MTBDRDAeFw0yNjA1MTIwMTQzNDlaFw0yNzA1MTEwMTQ4NDlaMDMxMTAvBgNV
BAMTKDBEQTUyQzVCNzVGMkRDNkMxNTdFQzVBRTQ3ODQ4QTY2MUU1MzYxNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUsbgICXmP+TibdkEOCmOuPfFh
552JoJNBgQPAzYW+vDoauueGLQLVcni/G29GpPRrGImAuHN1N/oG3vHsLm1vzVez
3RWRq54zgULxiodR/cU4+e6WZ4fC8g7XKx3pKyVwCrx1mbqxuDyrQ0HLxZDHRHZB
eDqkxB/vlk9bpI3ukiIoVH7qVITBQa6v9epNtRNa24O4JO6U1iy0Pl2QQlzjexxf
sZOwEObV20ztl8kziiGPS/xL5qvKIuH+SPrI/Y1zBKhZrA6VoQ/kWeWpk+pzOFm1
ebDNzMka6wF3wwvBCfgJ6t/qHQlyx0Os+uEGjG3NLC1cMxKQVAZyNpjUSrvBAgMB
AAGjggOQMIIDjDAdBgNVHQ4EFgQUDaUsW3Xy3GwVfsWuR4SKZh5TYUgwHwYDVR0j
BBgwFoAUbpwyJmgq76jWe4rGCMzPyKCWEM0wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVEFORVQv
MC82RTlDMzIyNjY4MkFFRkE4RDY3QjhBQzYwOENDQ0ZDOEEwOTYxMENELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzZFOUMzMjI2NjgyQUVGQThENjdCOEFDNjA4Q0ND
RkM4QTA5NjEwQ0QuY2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UQU5FVC8wL0FTMTc3MTYucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwggH7BggrBgEFBQcBBwEB/wSCAeowggHm
MIIB4gQCAAEwggHaAwMBeGADBASjHBADBAPLQAADBADLQBowDAMEActALgMEAMtA
NAMEActAijAMAwQAy0CZAwQAy0CaAwQAy0C9MAwDBADLQM8DBAHLQNADBADLQOQD
BAHLQPwDBADLRB8DBADLRKgDBADLROwDBAHLRwoDBADLRxgwDAMEAMtHPwMEAstH
QAMEBMtHUAMEActHqgMEAMtHrwMEActHtgMEAMtHzgMEActH0gMEAMtIJzAMAwQD
y0g4AwQAy0hAMAwDBADLSEMDBADLSEYwDAMEAMtIsQMEAMtIsgMEAMtIuQMEAMtI
vAMEActIwAMEAMtI6wMEAMtI/QMEANI7KwMEAtI8CAMEANI8agMEANI8dwMEANI8
gDAMAwQA0jyNAwQA0jySMAwDBADSPJUDBADSPJYDBADSPJwDBADSPOsDBAHSRl4D
BADSRmIwDAMEANJGdwMEANJGeDAMAwQA0kaBAwQA0kaIMAwDBADSRrkDBADSRroD
BADSRsMwDAMEANJGxQMEANJGygMEANJG1AMEANJG9gMEAdJHAjAMAwQB0kc+AwQA
0kdAAwQA0kdMAwQA0kdOAwQA0kdiAwQB0kd6MAwDBAPS8OgDBAHS8PgwCwMDANLz
AwQD0vMgMA0GCSqGSIb3DQEBCwUAA4IBAQBtPBQgUKJtHHsPInr46PUQl7XwpEEs
JuOHLW3odsly+r9G0f+3woayEXpCsnIIwHIH0sllsG8ftTyO+f6/3fZLR5vYF5E9
3MllcspoPwpMAKKsuBjMF6VNxP5IC+wPTSHCN9jIv739JSmGiq1PaFcHFzREDtZg
80QIQ5LbmKhDIGVn7zxU0i+f/Jk/Dt4++rCl+jovVhIqJq+ZS4RNfZzK+ZnvErh+
V/G5JiLkp/4FYdiHIQjLRANa8+CMWq9aLzaiRyL8MqEeKFMMPFDElBwYp2r0KIzS
oVoaiYib3BVjzMULytEpB5FK5s7mlq0Jk098+ervsM9NKrVuI4CHd9Bp
-----END CERTIFICATE-----
Generated at Tue May 12 23:00:49 2026 by rpki-client