Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TANET/0/AS9916.roa
File: AS9916.roa (raw, json)
Hash identifier: bJ1r+tyqzjibU4qpONziU5YtkwR5ZUj1zImuxSjlO2M=
Subject key identifier: 62:0D:9E:BC:C1:8A:BA:3E:C1:84:C0:52:DE:68:D0:35:0E:65:EB:38
Certificate issuer: /CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Certificate serial: 7E626AC828D2F1CFB9C64F47A746F956620178D7
Authority key identifier: 6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TANET/0/AS9916.roa
Signing time: Tue 12 May 2026 01:50:09 +0000
ROA not before: Tue 12 May 2026 01:45:09 +0000
ROA not after: Tue 11 May 2027 01:50:09 +0000
asID: 9916
IP address blocks: 120.104.0.0/16 maxlen: 16
120.105.0.0/16 maxlen: 16
120.106.0.0/18 maxlen: 18
120.106.64.0/21 maxlen: 21
120.106.72.0/21 maxlen: 21
120.106.80.0/20 maxlen: 20
120.106.96.0/20 maxlen: 20
120.106.112.0/21 maxlen: 21
120.106.120.0/24 maxlen: 24
120.106.121.0/24 maxlen: 24
120.106.122.0/24 maxlen: 24
120.106.123.0/24 maxlen: 24
120.106.124.0/24 maxlen: 24
120.106.125.0/24 maxlen: 24
120.106.126.0/24 maxlen: 24
120.106.128.0/18 maxlen: 18
120.106.192.0/18 maxlen: 18
120.126.32.0/19 maxlen: 19
120.126.64.0/19 maxlen: 19
120.126.96.0/20 maxlen: 20
163.19.0.0/16 maxlen: 16
163.28.64.0/24 maxlen: 24
203.64.172.0/22 maxlen: 22
203.64.176.0/21 maxlen: 21
203.64.184.0/22 maxlen: 22
203.68.172.0/22 maxlen: 22
203.71.213.0/24 maxlen: 24
203.72.71.0/24 maxlen: 24
203.72.72.0/24 maxlen: 24
210.60.55.0/24 maxlen: 24
210.60.166.0/23 maxlen: 23
210.60.168.0/22 maxlen: 22
210.240.200.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 13 May 2026 02:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:62:6a:c8:28:d2:f1:cf:b9:c6:4f:47:a7:46:f9:56:62:01:78:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD
Validity
Not Before: May 12 01:45:09 2026 GMT
Not After : May 11 01:50:09 2027 GMT
Subject: CN=620D9EBCC18ABA3EC184C052DE68D0350E65EB38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:ab:70:e1:b8:ed:bc:44:5a:9c:65:e5:c3:
72:ab:e6:53:1f:79:2f:f3:6d:ea:9b:2a:a5:39:44:
6e:f6:01:f7:d6:47:a5:b3:80:41:a7:22:c2:2f:3a:
15:30:19:57:91:1f:da:34:2d:19:cc:d4:9a:d2:43:
8d:9f:19:26:72:a8:20:40:f6:b8:96:0e:24:08:4e:
3d:50:3c:2f:79:d6:22:e4:51:54:bb:cc:9e:5e:0b:
66:b7:6c:79:bc:5d:d2:88:15:d1:9a:76:4d:ca:4b:
31:d0:06:c7:3c:80:3d:d0:4f:46:c0:6c:58:58:84:
e8:1b:45:64:0f:2b:4b:96:15:a9:49:5f:19:ed:fe:
ad:bf:ea:3b:83:33:5e:6b:82:24:9f:d2:8d:40:e9:
3f:51:b1:e1:c9:7f:0b:bd:e2:02:c7:50:53:46:83:
04:ca:ce:1a:d1:1f:c4:fc:dc:25:f6:06:0c:74:2c:
58:b6:82:89:b4:b2:83:17:96:20:6b:af:b2:fb:da:
2b:49:87:50:28:94:ca:86:27:44:10:e5:24:63:31:
2a:26:1d:e3:9c:b0:6d:8a:b3:47:0a:6c:0d:44:60:
63:72:d7:08:d1:b1:c7:70:e0:ad:af:53:f3:f4:ed:
d5:a6:43:f2:75:48:5b:63:12:af:a8:8b:fe:f1:ce:
35:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0D:9E:BC:C1:8A:BA:3E:C1:84:C0:52:DE:68:D0:35:0E:65:EB:38
X509v3 Authority Key Identifier:
keyid:6E:9C:32:26:68:2A:EF:A8:D6:7B:8A:C6:08:CC:CF:C8:A0:96:10:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TANET/0/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6E9C3226682AEFA8D67B8AC608CCCFC8A09610CD.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TANET/0/AS9916.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
120.104.0.0-120.106.126.255
120.106.128.0/17
120.126.32.0-120.126.111.255
163.19.0.0/16
163.28.64.0/24
203.64.172.0-203.64.187.255
203.68.172.0/22
203.71.213.0/24
203.72.71.0-203.72.72.255
210.60.55.0/24
210.60.166.0-210.60.171.255
210.240.200.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:66:cb:90:38:a7:d6:ea:18:d5:99:09:9f:79:cc:18:bb:20:
8e:60:5e:20:69:88:ee:38:d4:be:08:92:28:95:9e:3c:dd:19:
d2:9b:b3:64:f9:a6:5c:80:dd:88:af:98:5d:48:c7:29:a7:e6:
fe:c8:8a:b4:0c:77:2c:a7:37:45:bd:95:53:5e:b1:23:27:82:
4e:c5:49:58:07:af:dd:93:8f:d7:28:43:dc:aa:6d:00:84:93:
99:ea:41:45:07:49:16:e3:b5:15:0c:2b:78:28:55:0b:37:25:
91:16:38:b4:2a:d0:a1:47:6b:99:ba:ea:f7:61:20:42:ca:26:
8f:3f:c9:83:5f:c7:5b:39:62:b4:0e:83:96:7d:c8:f1:86:e5:
8b:58:95:10:de:c1:dd:70:b6:74:8c:39:58:ff:6b:3e:21:b8:
7a:5b:2d:79:96:f9:05:73:b5:c0:7b:46:35:b6:d7:31:4e:f2:
57:a2:7d:32:f1:9a:32:cf:c4:aa:ec:97:39:cc:4a:b6:23:51:
59:81:1b:b8:ec:28:bc:cc:30:86:70:0a:94:db:16:17:3e:07:
65:bc:f3:2e:a1:62:44:2c:5b:cf:ac:8f:10:91:b2:f1:b2:04:
47:92:4d:8c:9d:8b:04:a5:60:82:4d:2e:a3:bc:1a:a0:4c:7c:
f1:0d:76:6e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUfmJqyCjS8c+5xk9Hp0b5VmIBeNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkU5QzMyMjY2ODJBRUZBOEQ2N0I4QUM2MDhDQ0NGQzhB
MDk2MTBDRDAeFw0yNjA1MTIwMTQ1MDlaFw0yNzA1MTEwMTUwMDlaMDMxMTAvBgNV
BAMTKDYyMEQ5RUJDQzE4QUJBM0VDMTg0QzA1MkRFNjhEMDM1MEU2NUVCMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKBqtw4bjtvERanGXlw3Kr5lMf
eS/zbeqbKqU5RG72AffWR6WzgEGnIsIvOhUwGVeRH9o0LRnM1JrSQ42fGSZyqCBA
9riWDiQITj1QPC951iLkUVS7zJ5eC2a3bHm8XdKIFdGadk3KSzHQBsc8gD3QT0bA
bFhYhOgbRWQPK0uWFalJXxnt/q2/6juDM15rgiSf0o1A6T9RseHJfwu94gLHUFNG
gwTKzhrRH8T83CX2Bgx0LFi2gom0soMXliBrr7L72itJh1AolMqGJ0QQ5SRjMSom
HeOcsG2Ks0cKbA1EYGNy1wjRscdw4K2vU/P07dWmQ/J1SFtjEq+oi/7xzjUdAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUYg2evMGKuj7BhMBS3mjQNQ5l6zgwHwYDVR0j
BBgwFoAUbpwyJmgq76jWe4rGCMzPyKCWEM0wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVEFORVQv
MC82RTlDMzIyNjY4MkFFRkE4RDY3QjhBQzYwOENDQ0ZDOEEwOTYxMENELmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzZFOUMzMjI2NjgyQUVGQThENjdCOEFDNjA4Q0ND
RkM4QTA5NjEwQ0QuY2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UQU5FVC8wL0FTOTkxNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYBBQUHAQcBAf8EeDB2MHQEAgAB
MG4wCwMDA3hoAwQAeGp+AwQHeGqAMAwDBAV4fiADBAR4fmADAwCjEwMEAKMcQDAM
AwQCy0CsAwQCy0C4AwQCy0SsAwQAy0fVMAwDBADLSEcDBADLSEgDBADSPDcwDAME
AdI8pgMEAtI8qAMEAdLwyDANBgkqhkiG9w0BAQsFAAOCAQEAPmbLkDin1uoY1ZkJ
n3nMGLsgjmBeIGmI7jjUvgiSKJWePN0Z0puzZPmmXIDdiK+YXUjHKafm/siKtAx3
LKc3Rb2VU16xIyeCTsVJWAev3ZOP1yhD3KptAISTmepBRQdJFuO1FQwreChVCzcl
kRY4tCrQoUdrmbrq92EgQsomjz/Jg1/HWzlitA6Dln3I8Ybli1iVEN7B3XC2dIw5
WP9rPiG4elsteZb5BXO1wHtGNbbXMU7yV6J9MvGaMs/EquyXOcxKtiNRWYEbuOwo
vMwwhnAKlNsWFz4HZbzzLqFiRCxbz6yPEJGy8bIER5JNjJ2LBKVggk0uo7waoEx8
8Q12bg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:00:53 2026 by rpki-client