Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWT/0/34332e3235302e34342e302f32322d3232203d3e203338383531.roa
File: 34332e3235302e34342e302f32322d3232203d3e203338383531.roa (raw, json)
Hash identifier: Wow23AEcmPQDHAfbsYDrdq/Ze5tAj8uj4WfgyeReqLU=
Subject key identifier: 3F:01:20:0B:FA:36:EC:59:D0:A4:DF:1F:0B:78:19:77:E5:0B:F7:92
Certificate issuer: /CN=E8B38FAD1BC9D7E426603F6C204566C4AF30938F
Certificate serial: 1ACB3B9B558DF118FC41014E3F03435F91F2E0FF
Authority key identifier: E8:B3:8F:AD:1B:C9:D7:E4:26:60:3F:6C:20:45:66:C4:AF:30:93:8F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/E8B38FAD1BC9D7E426603F6C204566C4AF30938F.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWT/0/34332e3235302e34342e302f32322d3232203d3e203338383531.roa
Signing time: Mon 11 May 2026 16:42:29 +0000
ROA not before: Mon 11 May 2026 16:37:29 +0000
ROA not after: Mon 10 May 2027 16:42:29 +0000
asID: 38851
IP address blocks: 43.250.44.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:cb:3b:9b:55:8d:f1:18:fc:41:01:4e:3f:03:43:5f:91:f2:e0:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E8B38FAD1BC9D7E426603F6C204566C4AF30938F
Validity
Not Before: May 11 16:37:29 2026 GMT
Not After : May 10 16:42:29 2027 GMT
Subject: CN=3F01200BFA36EC59D0A4DF1F0B781977E50BF792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:f5:82:23:b7:33:c0:87:94:1c:13:8d:aa:
74:33:20:78:68:7a:4f:16:7a:33:9d:c9:b2:9a:e3:
df:b2:24:51:36:be:ca:c3:f9:0a:b0:fa:2f:c7:74:
1a:32:5c:aa:38:75:97:12:fa:07:8f:a3:5e:6d:86:
db:54:3a:31:0c:68:57:15:a6:fe:85:23:dc:23:c4:
ec:ff:d9:70:c1:c1:64:75:da:6a:d2:70:bd:59:d8:
e6:f4:83:a1:98:4a:36:0c:b4:1a:4d:e0:2e:ae:63:
fa:77:1d:5d:a4:79:88:1f:0d:8b:bc:26:c2:24:80:
1e:ee:1c:b2:6e:2d:82:39:3a:bf:85:b2:42:b3:7b:
8f:45:6f:38:b2:38:ec:d1:e2:98:47:9f:22:88:b4:
7d:db:13:e9:2e:82:83:4c:fe:21:dc:da:d2:47:c4:
d1:1d:be:0b:af:28:26:01:b2:22:bf:88:5b:40:91:
2a:e6:2f:6b:df:ea:ab:46:7a:5c:65:79:ab:1a:cd:
80:8e:ea:d7:2c:63:52:56:18:86:3b:6f:1d:cd:79:
42:20:50:9d:e0:7c:29:a3:c1:c3:d0:29:bf:8a:47:
b6:a2:90:a6:8d:80:b5:ce:9b:dc:56:d2:e9:e5:94:
f8:a3:31:27:7b:1c:2b:f4:19:16:7f:95:16:17:2c:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:01:20:0B:FA:36:EC:59:D0:A4:DF:1F:0B:78:19:77:E5:0B:F7:92
X509v3 Authority Key Identifier:
keyid:E8:B3:8F:AD:1B:C9:D7:E4:26:60:3F:6C:20:45:66:C4:AF:30:93:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWT/0/E8B38FAD1BC9D7E426603F6C204566C4AF30938F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/E8B38FAD1BC9D7E426603F6C204566C4AF30938F.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWT/0/34332e3235302e34342e302f32322d3232203d3e203338383531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.44.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:10:3f:8b:e9:f6:3b:8a:32:08:c0:78:24:7a:59:67:52:1e:
c0:52:90:c1:87:44:0b:60:25:59:28:56:d1:f4:84:1f:38:15:
35:d0:e1:f5:0e:3d:27:89:c9:36:c4:40:28:ae:72:25:3c:8f:
e9:b8:b0:31:21:16:af:d4:fa:ae:c3:30:4f:90:c9:ff:a8:ad:
c9:d9:cd:88:2c:9f:85:44:7c:6a:af:f5:1b:83:60:af:31:6c:
60:a5:0b:3b:64:0f:d0:86:f1:cc:91:76:01:0d:18:a0:33:f5:
44:88:30:b9:85:62:96:0a:ca:77:de:a9:f1:3d:c7:c5:c2:0f:
ef:77:b8:76:b7:d0:5d:79:d6:2d:7f:6a:f3:51:94:b8:ab:10:
50:f2:e3:d0:de:f9:4c:90:de:d2:95:fd:d4:79:5e:97:c9:ff:
d9:9d:e7:ce:7b:ca:cf:e2:f9:7b:b1:6b:bc:98:9c:5d:50:b2:
b8:eb:ce:8f:44:04:a5:4d:a8:34:8c:bc:97:da:bc:ac:95:31:
4f:1a:ba:07:2c:9c:43:c4:2a:7e:db:8b:18:e3:ff:08:2d:ed:
1b:20:fc:59:88:71:93:81:e5:7d:d9:3c:79:f7:af:55:7c:9d:
5d:e9:7e:bf:0b:e7:59:29:05:db:a9:d7:33:b6:f6:65:fa:9c:
38:ea:1f:f0
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUGss7m1WN8Rj8QQFOPwNDX5Hy4P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRThCMzhGQUQxQkM5RDdFNDI2NjAzRjZDMjA0NTY2QzRB
RjMwOTM4RjAeFw0yNjA1MTExNjM3MjlaFw0yNzA1MTAxNjQyMjlaMDMxMTAvBgNV
BAMTKDNGMDEyMDBCRkEzNkVDNTlEMEE0REYxRjBCNzgxOTc3RTUwQkY3OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoq/WCI7czwIeUHBONqnQzIHho
ek8WejOdybKa49+yJFE2vsrD+Qqw+i/HdBoyXKo4dZcS+gePo15thttUOjEMaFcV
pv6FI9wjxOz/2XDBwWR12mrScL1Z2Ob0g6GYSjYMtBpN4C6uY/p3HV2keYgfDYu8
JsIkgB7uHLJuLYI5Or+FskKze49FbziyOOzR4phHnyKItH3bE+kugoNM/iHc2tJH
xNEdvguvKCYBsiK/iFtAkSrmL2vf6qtGelxleasazYCO6tcsY1JWGIY7bx3NeUIg
UJ3gfCmjwcPQKb+KR7aikKaNgLXOm9xW0unllPijMSd7HCv0GRZ/lRYXLDrXAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUPwEgC/o27FnQpN8fC3gZd+UL95IwHwYDVR0j
BBgwFoAU6LOPrRvJ1+QmYD9sIEVmxK8wk48wDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdULzAv
RThCMzhGQUQxQkM5RDdFNDI2NjAzRjZDMjA0NTY2QzRBRjMwOTM4Ri5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS9FOEIzOEZBRDFCQzlEN0U0MjY2MDNGNkMyMDQ1NjZD
NEFGMzA5MzhGLmNlcjB3BggrBgEFBQcBCwRrMGkwZwYIKwYBBQUHMAuGW3JzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdULzAvMzQzMzJlMzIzNTMwMmUzNDM0
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzMzODM4MzUzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAiv6
LDANBgkqhkiG9w0BAQsFAAOCAQEATRA/i+n2O4oyCMB4JHpZZ1IewFKQwYdEC2Al
WShW0fSEHzgVNdDh9Q49J4nJNsRAKK5yJTyP6biwMSEWr9T6rsMwT5DJ/6itydnN
iCyfhUR8aq/1G4NgrzFsYKULO2QP0IbxzJF2AQ0YoDP1RIgwuYVilgrKd96p8T3H
xcIP73e4drfQXXnWLX9q81GUuKsQUPLj0N75TJDe0pX91Hlel8n/2Z3nznvKz+L5
e7FrvJicXVCyuOvOj0QEpU2oNIy8l9q8rJUxTxq6ByycQ8QqftuLGOP/CC3tGyD8
WYhxk4Hlfdk8efevVXydXel+vwvnWSkF26nXM7b2ZfqcOOof8A==
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:05 2026 by rpki-client