Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS17709.roa
File: AS17709.roa (raw, json)
Hash identifier: mrpVzxZoxTygt2G+v0bD2ByN8qMV6ZAjQeyWiztjUws=
Subject key identifier: 81:BB:28:0A:0D:5D:00:E1:A6:22:F1:D9:4F:EB:42:1A:8D:8E:D1:9B
Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Certificate serial: 5BBE8DE6DEA5225E19FF0DB1A6062AAEC5531CA4
Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS17709.roa
Signing time: Tue 26 May 2026 06:43:51 +0000
ROA not before: Tue 26 May 2026 06:38:51 +0000
ROA not after: Tue 25 May 2027 06:43:51 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 22
43.240.104.0/22 maxlen: 24
60.244.0.0/17 maxlen: 17
60.244.0.0/17 maxlen: 24
60.244.128.0/17 maxlen: 17
60.244.128.0/17 maxlen: 24
101.136.0.0/14 maxlen: 24
103.36.116.0/22 maxlen: 22
103.36.116.0/22 maxlen: 24
124.218.0.0/16 maxlen: 17
124.218.0.0/16 maxlen: 24
124.219.0.0/17 maxlen: 17
124.219.0.0/17 maxlen: 24
202.178.128.0/17 maxlen: 18
202.178.128.0/17 maxlen: 24
202.178.180.0/22 maxlen: 24
203.79.128.0/17 maxlen: 18
203.79.128.0/17 maxlen: 24
203.79.248.0/21 maxlen: 24
203.79.251.0/24 maxlen: 24
203.201.32.0/20 maxlen: 24
203.207.32.0/20 maxlen: 24
210.58.0.0/16 maxlen: 24
210.58.88.0/24 maxlen: 24
210.58.104.0/22 maxlen: 24
210.58.112.0/20 maxlen: 24
210.58.120.0/24 maxlen: 24
210.63.192.0/19 maxlen: 24
210.63.200.0/21 maxlen: 24
210.63.208.0/21 maxlen: 24
210.63.216.0/22 maxlen: 24
210.63.224.0/19 maxlen: 24
210.63.232.0/22 maxlen: 24
210.63.253.0/24 maxlen: 24
210.85.0.0/16 maxlen: 24
210.200.0.0/16 maxlen: 24
210.200.64.0/18 maxlen: 24
210.200.148.0/22 maxlen: 24
210.200.224.0/24 maxlen: 24
210.201.0.0/16 maxlen: 24
210.201.32.0/22 maxlen: 24
210.201.72.0/23 maxlen: 24
210.201.72.0/24 maxlen: 24
210.201.78.0/24 maxlen: 24
210.202.0.0/19 maxlen: 19
210.202.64.0/18 maxlen: 24
210.202.128.0/17 maxlen: 24
210.202.128.0/18 maxlen: 24
210.202.192.0/18 maxlen: 24
210.203.0.0/17 maxlen: 24
210.203.0.0/24 maxlen: 24
210.203.20.0/22 maxlen: 24
210.203.48.0/20 maxlen: 24
211.76.96.0/20 maxlen: 24
218.34.0.0/16 maxlen: 24
218.35.0.0/16 maxlen: 24
218.184.0.0/16 maxlen: 24
218.187.0.0/16 maxlen: 24
219.91.0.0/17 maxlen: 24
222.156.0.0/16 maxlen: 24
222.157.0.0/16 maxlen: 24
222.250.0.0/16 maxlen: 24
222.250.0.0/18 maxlen: 24
222.250.64.0/18 maxlen: 24
222.250.128.0/18 maxlen: 24
222.250.192.0/18 maxlen: 24
222.250.192.0/22 maxlen: 24
222.251.0.0/17 maxlen: 24
223.22.0.0/15 maxlen: 24
223.23.63.0/24 maxlen: 24
2001:f10::/32 maxlen: 48
2404::/26 maxlen: 48
2404::/36 maxlen: 48
2404:0:1000::/36 maxlen: 48
2404:0:1000::/40 maxlen: 56
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:be:8d:e6:de:a5:22:5e:19:ff:0d:b1:a6:06:2a:ae:c5:53:1c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Validity
Not Before: May 26 06:38:51 2026 GMT
Not After : May 25 06:43:51 2027 GMT
Subject: CN=81BB280A0D5D00E1A622F1D94FEB421A8D8ED19B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:ff:de:a4:eb:d3:cd:74:63:ce:3c:6f:16:
82:ee:97:67:31:bf:6d:0b:e8:c9:cc:70:b7:d2:04:
44:e7:93:81:0d:8f:90:e6:f6:cf:3f:a2:15:74:63:
8a:ad:e6:97:01:cb:e7:92:bb:97:42:a4:bf:9b:18:
fa:15:d9:82:39:f9:42:24:1a:05:0a:ae:f2:1f:73:
42:e9:63:d9:20:ce:1f:8d:8a:f6:41:6c:31:53:b6:
76:2d:f9:3d:94:a6:99:f1:80:8b:f8:11:ac:b6:65:
dd:18:1e:4b:1a:39:37:c9:08:d5:72:d9:17:6a:97:
82:d6:67:41:07:37:a6:70:be:66:ae:0a:c7:56:c5:
50:72:17:57:7e:a3:92:1a:46:46:58:a3:55:8e:8d:
05:1d:39:2e:0a:af:eb:f0:d7:2d:ad:c0:3f:71:05:
56:90:70:9a:3f:3d:d5:e1:79:e1:9a:27:ec:3f:6c:
29:ef:6f:a2:11:51:50:bb:39:af:f9:0e:5e:28:b2:
37:d4:9b:a0:aa:85:2b:e0:8f:48:a9:14:d4:aa:7e:
b5:1c:ac:bb:f4:fd:3a:ec:19:d6:33:9d:31:b6:cd:
cc:67:92:be:58:c4:c3:68:b3:64:22:d6:98:e0:58:
5c:ca:4a:c4:ba:26:98:9e:64:b1:4a:64:d5:bb:f8:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BB:28:0A:0D:5D:00:E1:A6:22:F1:D9:4F:EB:42:1A:8D:8E:D1:9B
X509v3 Authority Key Identifier:
keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS17709.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
60.244.0.0/16
101.136.0.0/14
103.36.116.0/22
124.218.0.0-124.219.127.255
202.178.128.0/17
203.79.128.0/17
203.201.32.0/20
203.207.32.0/20
210.58.0.0/16
210.63.192.0/18
210.85.0.0/16
210.200.0.0-210.202.31.255
210.202.64.0-210.203.127.255
211.76.96.0/20
218.34.0.0/15
218.184.0.0/16
218.187.0.0/16
219.91.0.0/17
222.156.0.0/15
222.250.0.0-222.251.127.255
223.22.0.0/15
IPv6:
2001:f10::/32
2404::/26
Signature Algorithm: sha256WithRSAEncryption
02:61:92:8b:8d:25:9d:b0:70:7a:af:04:70:ff:98:ed:2b:a1:
6c:05:66:b7:d9:c4:e0:60:f3:6a:ca:29:8b:b2:ae:7b:0a:43:
3a:4e:4c:4a:f8:ff:55:46:31:4a:8e:59:44:c9:85:d4:f1:9e:
84:b8:70:8c:df:ed:f3:74:3d:2b:90:5f:3f:d8:87:03:bc:32:
1b:52:49:fc:ac:82:1c:40:3c:f8:f8:a3:e7:4e:bf:d5:36:24:
49:e5:41:00:a5:d0:35:b1:a2:d4:0b:f7:6d:a8:21:9a:b0:4c:
91:eb:10:89:c1:7b:ab:d1:9f:33:2b:ba:1e:b3:22:54:69:6a:
46:35:93:29:62:5d:6f:c5:d2:3b:fc:f2:79:8c:9e:76:cc:be:
80:91:eb:e7:f9:aa:3d:94:76:40:74:68:e0:78:0d:3e:19:87:
4a:02:13:da:2a:73:08:f6:98:05:fe:09:7f:5b:66:12:a6:d6:
ae:ab:83:66:61:de:21:3b:03:24:41:9d:03:1a:71:b2:9c:d1:
d7:6e:a3:eb:00:3f:1d:1d:37:49:70:73:ff:e7:0d:ea:60:05:
8b:2b:1e:b1:5b:0b:ec:fc:e6:3b:77:c8:cf:9a:1b:3a:b8:ec:
93:92:88:83:87:53:36:4a:66:70:7e:3e:5c:ee:47:2f:fa:c0:
e6:90:53:cd
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUW76N5t6lIl4Z/w2xpgYqrsVTHKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4
NDI0NkQxMDAeFw0yNjA1MjYwNjM4NTFaFw0yNzA1MjUwNjQzNTFaMDMxMTAvBgNV
BAMTKDgxQkIyODBBMEQ1RDAwRTFBNjIyRjFEOTRGRUI0MjFBOEQ4RUQxOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwz//epOvTzXRjzjxvFoLul2cx
v20L6MnMcLfSBETnk4ENj5Dm9s8/ohV0Y4qt5pcBy+eSu5dCpL+bGPoV2YI5+UIk
GgUKrvIfc0LpY9kgzh+NivZBbDFTtnYt+T2UppnxgIv4Eay2Zd0YHksaOTfJCNVy
2Rdql4LWZ0EHN6ZwvmauCsdWxVByF1d+o5IaRkZYo1WOjQUdOS4Kr+vw1y2twD9x
BVaQcJo/PdXheeGaJ+w/bCnvb6IRUVC7Oa/5Dl4osjfUm6CqhSvgj0ipFNSqfrUc
rLv0/TrsGdYznTG2zcxnkr5YxMNos2Qi1pjgWFzKSsS6JpieZLFKZNW7+FE9AgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUgbsoCg1dAOGmIvHZT+tCGo2O0ZswHwYDVR0j
BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv
NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB
Njg0MjQ2RDEwLmNlcjBKBggrBgEFBQcBCwQ+MDwwOgYIKwYBBQUHMAuGLnJzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVMxNzcwOS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjCBywYIKwYBBQUHAQcBAf8EgbswgbgwgZ8EAgAB
MIGYAwQCK/BoAwMAPPQDAwJliAMEAmckdDALAwMBfNoDBAd82wADBAfKsoADBAfL
T4ADBATLySADBATLzyADAwDSOgMEBtI/wAMDANJVMAsDAwPSyAMEBdLKADAMAwQG
0spAAwQH0ssAAwQE00xgAwMB2iIDAwDauAMDANq7AwQH21sAAwMB3pwwCwMDAd76
AwQH3vsAAwMB3xYwFAQCAAIwDgMFACABDxADBQYkBAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQACYZKLjSWdsHB6rwRw/5jtK6FsBWa32cTgYPNqyimLsq57CkM6TkxK+P9V
RjFKjllEyYXU8Z6EuHCM3+3zdD0rkF8/2IcDvDIbUkn8rIIcQDz4+KPnTr/VNiRJ
5UEApdA1saLUC/dtqCGasEyR6xCJwXur0Z8zK7oesyJUaWpGNZMpYl1vxdI7/PJ5
jJ52zL6Akevn+ao9lHZAdGjgeA0+GYdKAhPaKnMI9pgF/gl/W2YSptauq4NmYd4h
OwMkQZ0DGnGynNHXbqPrAD8dHTdJcHP/5w3qYAWLKx6xWwvs/OY7d8jPmhs6uOyT
koiDh1M2SmZwfj5c7kcv+sDmkFPN
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:27:32 2026 by rpki-client