Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/KIITV7eWhVy2oyjflPz5VX2jgW4.roa
File: KIITV7eWhVy2oyjflPz5VX2jgW4.roa (raw, json)
Hash identifier: lWCYvPowyiiCW0rJqficFkjP3myn6ivGv6yghD3b/2M=
Subject key identifier: 28:82:13:57:B7:96:85:5C:B6:A3:28:DF:94:FC:F9:55:7D:A3:81:6E
Certificate issuer: /CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Certificate serial: 012A
Authority key identifier: FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/KIITV7eWhVy2oyjflPz5VX2jgW4.roa
Signing time: Tue 24 Feb 2026 06:01:55 +0000
ROA not before: Tue 24 Feb 2026 06:01:55 +0000
ROA not after: Wed 30 Dec 2026 15:30:20 +0000
asID: 216198
IP address blocks: 2402:43e0:201::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298 (0x12a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C
Validity
Not Before: Feb 24 06:01:55 2026 GMT
Not After : Dec 30 15:30:20 2026 GMT
Subject: CN=28821357B796855CB6A328DF94FCF9557DA3816E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e8:d9:b4:e2:b1:11:22:45:35:b9:91:e6:f4:
86:18:52:09:4a:cd:b3:af:af:b0:4e:d0:2c:32:c2:
b1:e8:42:61:67:73:37:4a:f3:9b:bf:33:62:47:c8:
16:e0:a4:28:5e:c7:32:71:44:fb:fe:0f:bc:d0:5b:
65:01:75:34:c4:19:95:17:73:3f:89:b7:8b:77:58:
57:14:c0:54:20:7a:cd:89:d2:95:1d:42:77:15:87:
e2:f5:97:1e:4a:94:43:90:ba:09:e9:3a:46:17:55:
8f:3a:a4:62:8b:82:f6:ea:d8:4a:22:80:02:45:61:
c6:30:14:fa:21:aa:e6:59:ad:e2:f3:f1:6b:29:d2:
64:a2:2c:c0:7a:82:d2:2e:7f:ce:8d:6a:ce:57:ab:
05:7d:98:49:95:72:64:50:7f:86:59:0e:f4:f0:90:
34:62:8f:fb:1b:9c:a1:ac:67:80:cc:83:f6:91:98:
9d:8d:e9:58:2c:25:3c:8b:86:22:c2:b0:aa:c1:d1:
28:2a:75:d4:2b:ac:35:1e:33:8a:64:53:ab:6c:23:
ed:3e:12:70:3a:f1:f0:c7:76:43:7b:03:8e:09:9d:
fb:ce:a2:99:a6:ce:d3:73:4b:25:59:24:16:1b:77:
6d:ba:08:f2:1a:73:84:4e:ed:11:d2:e4:40:07:19:
fc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:82:13:57:B7:96:85:5C:B6:A3:28:DF:94:FC:F9:55:7D:A3:81:6E
X509v3 Authority Key Identifier:
keyid:FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/KIITV7eWhVy2oyjflPz5VX2jgW4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:43e0:201::/48
Signature Algorithm: sha256WithRSAEncryption
62:63:c8:6b:cb:33:f9:69:1b:a5:94:95:5a:e7:36:00:46:1e:
25:af:1c:7d:9f:41:42:85:dd:0a:6a:0a:b9:a0:04:97:56:70:
93:d1:6f:68:b7:73:8f:cf:5a:11:0d:71:24:4b:52:f5:50:65:
4e:e7:eb:4a:1b:10:1c:45:13:9d:4a:b1:d2:d8:e5:69:ee:0c:
99:cd:1c:56:99:4a:4d:03:9e:1d:4d:81:3f:89:fc:53:c6:2d:
e1:48:0e:b7:4f:e9:43:d2:27:9b:a8:93:15:d2:41:8f:aa:ff:
51:2a:14:6f:38:2e:32:fc:4e:52:ad:4f:1a:3f:f1:a2:e3:25:
48:35:c7:09:ca:01:30:ca:f1:88:31:2f:77:91:17:f2:f9:5d:
f1:9f:69:9f:3a:23:e5:7f:23:67:9e:4d:52:6e:25:36:35:77:
30:bc:9f:b7:62:ea:ed:95:51:ec:98:5f:5f:37:1f:65:9a:ef:
0a:72:a7:ca:67:ad:5f:81:5d:09:dc:a6:7a:58:a8:a2:8a:be:
5f:4a:2e:7c:d2:f0:f1:32:ea:da:cf:d9:cd:61:05:7f:66:ae:
a3:d2:9c:3c:45:03:f0:b1:b5:29:41:69:1c:8f:b1:68:12:48:
02:e7:b7:3e:a9:7a:81:72:da:61:e4:24:0e:6d:54:ae:c9:88:
a9:85:f4:b5
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICASowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkM3
NTJDQTU5RUI4RUFFRjIzRDIyNURDNjdBQTA4NTIwMUYxRjc5QzAeFw0yNjAyMjQw
NjAxNTVaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKDI4ODIxMzU3Qjc5Njg1
NUNCNkEzMjhERjk0RkNGOTU1N0RBMzgxNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl6Nm04rERIkU1uZHm9IYYUglKzbOvr7BO0CwywrHoQmFnczdK
85u/M2JHyBbgpChexzJxRPv+D7zQW2UBdTTEGZUXcz+Jt4t3WFcUwFQges2J0pUd
QncVh+L1lx5KlEOQugnpOkYXVY86pGKLgvbq2EoigAJFYcYwFPohquZZreLz8Wsp
0mSiLMB6gtIuf86Nas5XqwV9mEmVcmRQf4ZZDvTwkDRij/sbnKGsZ4DMg/aRmJ2N
6VgsJTyLhiLCsKrB0SgqddQrrDUeM4pkU6tsI+0+EnA68fDHdkN7A44JnfvOopmm
ztNzSyVZJBYbd226CPIac4RO7RHS5EAHGfzhAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUKIITV7eWhVy2oyjflPz5VX2jgW4wHwYDVR0jBBgwFoAU/HUspZ646u8j0iXc
Z6oIUgHx95wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO
RVQvX0hVc3BaNjQ2dThqMGlYY1o2b0lVZ0h4OTV3LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9fSFVzcFo2NDZ1OGowaVhjWjZvSVVnSHg5NXcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC9LSUlUVjdlV2hWeTJv
eWpmbFB6NVZYMmpnVzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJAJD4AIBMA0GCSqGSIb3DQEBCwUAA4IBAQBiY8hryzP5aRullJVa5zYARh4l
rxx9n0FChd0Kagq5oASXVnCT0W9ot3OPz1oRDXEkS1L1UGVO5+tKGxAcRROdSrHS
2OVp7gyZzRxWmUpNA54dTYE/ifxTxi3hSA63T+lD0iebqJMV0kGPqv9RKhRvOC4y
/E5SrU8aP/Gi4yVINccJygEwyvGIMS93kRfy+V3xn2mfOiPlfyNnnk1SbiU2NXcw
vJ+3YurtlVHsmF9fNx9lmu8KcqfKZ61fgV0J3KZ6WKiiir5fSi580vDxMuraz9nN
YQV/Zq6j0pw8RQPwsbUpQWkcj7FoEkgC57c+qXqBctph5CQObVSuyYiphfS1
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:50 2026 by rpki-client