Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/FKzUqrBc2GTGOPMi4H6lgpJ9Xn0.roa
File: FKzUqrBc2GTGOPMi4H6lgpJ9Xn0.roa (raw, json)
Hash identifier: K47Gf7ErRLldd42bTVxbWXKmUHf+OoDeWhl+X6UtNHQ=
Subject key identifier: 14:AC:D4:AA:B0:5C:D8:64:C6:38:F3:22:E0:7E:A5:82:92:7D:5E:7D
Certificate issuer: /CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Certificate serial: 8B
Authority key identifier: FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/FKzUqrBc2GTGOPMi4H6lgpJ9Xn0.roa
Signing time: Wed 28 Jan 2026 08:04:29 +0000
ROA not before: Wed 28 Jan 2026 08:04:29 +0000
ROA not after: Wed 30 Dec 2026 15:30:20 +0000
asID: 152612
IP address blocks: 2402:43e0:6::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139 (0x8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Validity
Not Before: Jan 28 08:04:29 2026 GMT
Not After : Dec 30 15:30:20 2026 GMT
Subject: CN=14ACD4AAB05CD864C638F322E07EA582927D5E7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:eb:c8:a7:7b:86:37:7f:ca:43:25:9d:37:
a7:6d:4b:f2:21:d0:1c:f8:c9:e9:90:c0:de:74:9a:
bf:bf:ac:34:c9:8e:46:d6:ca:dd:3c:3e:f1:53:e6:
6c:37:6d:e8:0f:c9:3c:e7:5b:ab:70:c2:11:a6:d5:
48:b0:e7:a0:d2:f2:60:df:8a:f7:b4:0d:71:57:28:
18:af:81:9e:e7:fd:83:1a:6a:42:e2:33:94:f2:8f:
13:66:33:85:67:a4:d5:a4:6d:42:e7:a8:72:41:79:
7e:02:58:c7:7a:e4:fa:6f:6c:37:b2:3d:d0:4a:c6:
69:03:37:2f:b6:23:a4:06:71:20:1f:19:b3:ba:bc:
58:e2:36:dd:9a:05:fd:b6:d0:3a:2d:c9:09:a5:74:
9c:d2:bc:69:4e:a7:04:cd:dd:65:ff:0e:5c:bf:f6:
4b:07:d7:62:6f:32:bc:33:f1:f9:85:38:a5:92:f8:
00:9f:ad:e7:a4:0c:de:6d:da:a8:9f:88:70:fc:1f:
3b:e1:5f:c5:52:40:83:05:40:e5:58:7c:06:a0:2c:
66:23:b8:bc:a0:e1:ac:b3:98:3a:49:ae:ab:fc:ee:
0a:6d:d4:79:1d:1c:11:cc:15:45:c0:b6:d3:b5:67:
8c:b2:2a:ce:71:ca:53:ed:23:19:94:60:0e:65:d3:
1b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AC:D4:AA:B0:5C:D8:64:C6:38:F3:22:E0:7E:A5:82:92:7D:5E:7D
X509v3 Authority Key Identifier:
keyid:FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/FKzUqrBc2GTGOPMi4H6lgpJ9Xn0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:43e0:6::/48
Signature Algorithm: sha256WithRSAEncryption
49:73:bd:fd:89:8b:bf:52:b9:5d:63:78:74:fd:28:c1:d3:ea:
d1:30:b0:1d:38:80:4a:a9:c9:12:23:15:77:8a:f7:0e:92:0f:
d5:31:da:28:1f:61:a2:a9:33:75:04:e2:4a:b3:51:5f:da:95:
8c:7a:1a:78:fa:b1:e6:7e:3d:39:4c:07:9e:c3:26:e4:84:ab:
9c:a2:86:17:c3:5c:23:a2:5e:c0:db:90:f2:b4:32:80:d6:3a:
bd:a2:76:43:c0:0b:a0:b6:8a:51:e4:73:46:bb:8e:72:82:97:
0e:d9:0f:81:31:e9:49:27:d8:be:30:da:2a:eb:72:c3:3b:ac:
59:9d:00:f4:a5:2f:c2:c3:78:c5:4d:83:ee:f7:02:a3:0a:70:
83:8e:54:27:40:12:73:cc:1a:ca:c9:54:38:1a:5a:94:73:1b:
ab:37:44:3c:c0:ac:5d:13:be:36:0a:8f:b0:84:d9:90:0c:48:
b3:0c:ea:3e:d5:86:74:8f:79:83:04:8b:32:53:63:c7:05:e8:
26:cd:d9:8e:27:95:24:4e:53:69:9d:21:70:9a:5c:cf:39:fd:
80:0e:fd:fe:76:6d:29:06:08:ce:0f:e6:b2:35:d9:e9:08:15:
7f:c8:1a:c5:ce:24:a2:47:5d:c2:2b:1a:c3:33:78:27:34:da:
e7:a9:b7:96
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICAIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkM3
NTJDQTU5RUI4RUFFRjIzRDIyNURDNjdBQTA4NTIwMUYxRjc5QzAeFw0yNjAxMjgw
ODA0MjlaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKDE0QUNENEFBQjA1Q0Q4
NjRDNjM4RjMyMkUwN0VBNTgyOTI3RDVFN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7EOvIp3uGN3/KQyWdN6dtS/Ih0Bz4yemQwN50mr+/rDTJjkbW
yt08PvFT5mw3begPyTznW6twwhGm1Uiw56DS8mDfive0DXFXKBivgZ7n/YMaakLi
M5TyjxNmM4VnpNWkbULnqHJBeX4CWMd65PpvbDeyPdBKxmkDNy+2I6QGcSAfGbO6
vFjiNt2aBf220DotyQmldJzSvGlOpwTN3WX/Dly/9ksH12JvMrwz8fmFOKWS+ACf
reekDN5t2qifiHD8HzvhX8VSQIMFQOVYfAagLGYjuLyg4ayzmDpJrqv87gpt1Hkd
HBHMFUXAttO1Z4yyKs5xylPtIxmUYA5l0xuFAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUFKzUqrBc2GTGOPMi4H6lgpJ9Xn0wHwYDVR0jBBgwFoAU/HUspZ646u8j0iXc
Z6oIUgHx95wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO
RVQvX0hVc3BaNjQ2dThqMGlYY1o2b0lVZ0h4OTV3LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9fSFVzcFo2NDZ1OGowaVhjWjZvSVVnSHg5NXcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC9GS3pVcXJCYzJHVEdP
UE1pNEg2bGdwSjlYbjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJAJD4AAGMA0GCSqGSIb3DQEBCwUAA4IBAQBJc739iYu/UrldY3h0/SjB0+rR
MLAdOIBKqckSIxV3ivcOkg/VMdooH2GiqTN1BOJKs1Ff2pWMehp4+rHmfj05TAee
wybkhKucooYXw1wjol7A25DytDKA1jq9onZDwAugtopR5HNGu45ygpcO2Q+BMelJ
J9i+MNoq63LDO6xZnQD0pS/Cw3jFTYPu9wKjCnCDjlQnQBJzzBrKyVQ4GlqUcxur
N0Q8wKxdE742Co+whNmQDEizDOo+1YZ0j3mDBIsyU2PHBegmzdmOJ5UkTlNpnSFw
mlzPOf2ADv3+dm0pBgjOD+ayNdnpCBV/yBrFziSiR13CKxrDM3gnNNrnqbeW
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:49:44 2026 by rpki-client