Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/2lZrAQFs5JeFRvIu9_vUL-lZAJs.roa
File: 2lZrAQFs5JeFRvIu9_vUL-lZAJs.roa (raw, json)
Hash identifier: Ehunx7WJc4NH6Z1OXEr3Ms2UYSpLCEyTe+1nSV400ps=
Subject key identifier: DA:56:6B:01:01:6C:E4:97:85:46:F2:2E:F7:FB:D4:2F:E9:59:00:9B
Certificate issuer: /CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Certificate serial: 95
Authority key identifier: FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/2lZrAQFs5JeFRvIu9_vUL-lZAJs.roa
Signing time: Wed 28 Jan 2026 08:05:30 +0000
ROA not before: Wed 28 Jan 2026 08:05:30 +0000
ROA not after: Wed 30 Dec 2026 15:30:20 +0000
asID: 152612
IP address blocks: 2402:43e0:b::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149 (0x95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Validity
Not Before: Jan 28 08:05:30 2026 GMT
Not After : Dec 30 15:30:20 2026 GMT
Subject: CN=DA566B01016CE4978546F22EF7FBD42FE959009B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5c:50:af:11:a9:fc:62:0b:76:54:64:ba:99:
4d:6a:a0:56:d2:b1:51:90:b0:cd:12:7f:0b:88:9a:
d9:90:18:14:dc:30:b0:81:f4:ff:07:0b:68:d3:c9:
6a:5d:26:28:51:80:7b:3b:0d:0b:28:b9:90:6a:b9:
34:61:c8:c5:f3:9a:ea:a1:95:2d:d1:13:6a:e5:cc:
ff:7a:8c:3e:cd:4f:4a:46:67:ef:aa:a3:06:39:5a:
15:4c:ca:f4:97:db:d8:08:02:4f:73:ba:1b:cf:1f:
93:11:72:14:a5:06:26:ef:4a:24:f9:82:b7:4e:f6:
3f:48:6c:6c:0d:2a:6d:93:dd:3d:f0:48:54:a4:ee:
12:22:1c:93:e5:ca:d6:aa:51:d9:74:ad:94:d4:89:
ff:62:4e:1a:60:2e:07:53:8d:b8:2a:d6:2f:8b:f1:
20:26:4a:2d:b8:be:9f:43:ea:ab:af:43:ba:ba:a0:
97:31:c6:cb:e2:ea:5e:d5:e8:d9:61:70:34:60:87:
61:be:5c:2e:51:35:f2:02:69:9e:63:c0:af:63:ed:
24:e7:dd:53:54:c4:1f:3c:61:9d:94:23:28:33:c2:
85:11:8b:01:cb:1d:63:b6:7e:e8:66:b8:ab:43:ea:
d5:67:7b:34:91:56:5f:8f:4d:14:90:a9:f0:97:5b:
43:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:56:6B:01:01:6C:E4:97:85:46:F2:2E:F7:FB:D4:2F:E9:59:00:9B
X509v3 Authority Key Identifier:
keyid:FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/2lZrAQFs5JeFRvIu9_vUL-lZAJs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:43e0:b::/48
Signature Algorithm: sha256WithRSAEncryption
2f:8d:52:c4:21:80:f2:12:5c:8d:ab:02:33:ab:5e:16:12:dc:
b8:62:e2:19:55:48:2a:ae:5a:1d:79:38:c7:af:a5:90:ab:13:
a6:34:b0:c3:aa:4e:95:a7:07:35:b2:ab:88:79:c1:8c:d0:74:
4c:64:dd:7a:1e:75:7e:29:c6:ea:2f:c2:e0:5a:46:05:28:38:
b7:fa:36:e2:f1:b0:2e:c4:52:a4:18:6a:e5:f4:ec:f0:b8:4b:
81:ef:6a:92:b1:97:d0:65:de:50:14:1f:27:95:6f:b2:40:b2:
e1:63:a2:1d:91:3d:3b:f2:54:de:77:0d:dc:d5:54:4d:01:a0:
37:20:18:db:13:0f:50:f4:84:2c:98:c8:90:d2:41:44:7e:6d:
23:3a:c8:b4:41:0f:c7:5f:31:11:10:e1:d6:86:47:98:43:c3:
8b:4a:9f:7c:5f:82:ca:08:40:9f:6d:8c:f6:d6:3a:c1:55:ab:
7a:01:4c:8e:25:f8:f2:3d:72:9d:1e:df:7d:eb:20:c8:00:d4:
ee:18:3c:6e:31:ad:35:6e:5a:c5:3e:05:15:91:e3:7d:db:86:
c6:71:7a:ef:2c:61:52:ff:cc:27:79:4e:aa:a2:8c:04:17:c5:
34:0d:f7:68:f3:ce:cb:6c:b5:04:5c:71:8e:f7:ad:0c:b1:38:
af:46:af:6b
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkM3
NTJDQTU5RUI4RUFFRjIzRDIyNURDNjdBQTA4NTIwMUYxRjc5QzAeFw0yNjAxMjgw
ODA1MzBaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKERBNTY2QjAxMDE2Q0U0
OTc4NTQ2RjIyRUY3RkJENDJGRTk1OTAwOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1XFCvEan8Ygt2VGS6mU1qoFbSsVGQsM0SfwuImtmQGBTcMLCB
9P8HC2jTyWpdJihRgHs7DQsouZBquTRhyMXzmuqhlS3RE2rlzP96jD7NT0pGZ++q
owY5WhVMyvSX29gIAk9zuhvPH5MRchSlBibvSiT5grdO9j9IbGwNKm2T3T3wSFSk
7hIiHJPlytaqUdl0rZTUif9iThpgLgdTjbgq1i+L8SAmSi24vp9D6quvQ7q6oJcx
xsvi6l7V6NlhcDRgh2G+XC5RNfICaZ5jwK9j7STn3VNUxB88YZ2UIygzwoURiwHL
HWO2fuhmuKtD6tVnezSRVl+PTRSQqfCXW0PPAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQU2lZrAQFs5JeFRvIu9/vUL+lZAJswHwYDVR0jBBgwFoAU/HUspZ646u8j0iXc
Z6oIUgHx95wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO
RVQvX0hVc3BaNjQ2dThqMGlYY1o2b0lVZ0h4OTV3LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9fSFVzcFo2NDZ1OGowaVhjWjZvSVVnSHg5NXcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC8ybFpyQVFGczVKZUZS
dkl1OV92VUwtbFpBSnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJAJD4AALMA0GCSqGSIb3DQEBCwUAA4IBAQAvjVLEIYDyElyNqwIzq14WEty4
YuIZVUgqrlodeTjHr6WQqxOmNLDDqk6Vpwc1squIecGM0HRMZN16HnV+KcbqL8Lg
WkYFKDi3+jbi8bAuxFKkGGrl9OzwuEuB72qSsZfQZd5QFB8nlW+yQLLhY6IdkT07
8lTedw3c1VRNAaA3IBjbEw9Q9IQsmMiQ0kFEfm0jOsi0QQ/HXzEREOHWhkeYQ8OL
Sp98X4LKCECfbYz21jrBVat6AUyOJfjyPXKdHt996yDIANTuGDxuMa01blrFPgUV
keN924bGcXrvLGFS/8wneU6qoowEF8U0Dfdo887LbLUEXHGO960MsTivRq9r
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:58:17 2026 by rpki-client