Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131627.roa
File: AS131627.roa (raw, json)
Hash identifier: +LMBK9XHf+sI1+zmkbXs5kImDXCKh9N84fFmLCKnJu0=
Subject key identifier: F5:DD:4E:D6:7E:98:5A:13:16:21:70:BB:14:C1:F4:43:12:40:D3:3F
Certificate issuer: /CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Certificate serial: 6047A67616F9851EBB0AFBC92D61E0E6F92FC5C1
Authority key identifier: 33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131627.roa
Signing time: Mon 11 May 2026 17:17:33 +0000
ROA not before: Mon 11 May 2026 17:12:33 +0000
ROA not after: Mon 10 May 2027 17:17:33 +0000
asID: 131627
IP address blocks: 150.116.32.0/20 maxlen: 24
150.116.48.0/22 maxlen: 24
150.116.64.0/20 maxlen: 24
150.116.83.0/24 maxlen: 24
150.116.84.0/22 maxlen: 24
150.116.88.0/22 maxlen: 24
150.116.96.0/21 maxlen: 24
150.116.104.0/21 maxlen: 24
150.116.128.0/17 maxlen: 24
150.116.140.0/22 maxlen: 24
150.116.144.0/20 maxlen: 24
150.116.160.0/19 maxlen: 24
150.116.160.0/21 maxlen: 24
150.116.168.0/23 maxlen: 24
150.116.170.0/23 maxlen: 24
150.116.172.0/22 maxlen: 24
150.116.176.0/20 maxlen: 24
150.116.192.0/18 maxlen: 24
150.116.192.0/19 maxlen: 24
150.116.224.0/21 maxlen: 24
150.116.232.0/22 maxlen: 24
150.116.236.0/23 maxlen: 24
150.116.238.0/24 maxlen: 24
150.116.239.0/24 maxlen: 24
150.116.240.0/20 maxlen: 24
150.117.128.0/19 maxlen: 24
150.117.160.0/21 maxlen: 24
150.117.232.0/21 maxlen: 24
150.117.240.0/20 maxlen: 24
223.26.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 May 2026 12:50:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:47:a6:76:16:f9:85:1e:bb:0a:fb:c9:2d:61:e0:e6:f9:2f:c5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33CA4B5F4295B6812127AF5761C6D7353D1F0314
Validity
Not Before: May 11 17:12:33 2026 GMT
Not After : May 10 17:17:33 2027 GMT
Subject: CN=F5DD4ED67E985A13162170BB14C1F4431240D33F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:2e:30:dc:d8:81:fa:96:12:6d:c0:9f:bc:
3c:80:83:20:d8:6a:cf:72:a2:c9:d8:d4:7c:17:21:
0e:5b:dc:7c:ad:8c:88:af:c8:05:08:49:93:24:3b:
62:2b:f8:b3:46:da:bd:ee:34:0f:d7:31:25:41:76:
52:1c:a4:ed:87:6b:3e:89:1f:1b:54:b1:f9:3e:d1:
17:60:a5:32:5d:38:02:66:01:d5:59:78:75:39:4b:
b0:0a:ea:7b:3c:36:bc:38:d3:ae:a6:d1:d2:47:16:
ea:40:6b:09:ed:21:8a:c1:6f:b8:4c:2b:4d:b1:81:
0a:a6:e1:b9:cb:f8:ed:a0:dc:25:d8:62:05:45:a8:
e9:13:ab:17:cf:58:a0:ef:52:b8:4b:79:21:98:c8:
59:38:19:de:ad:6b:5c:2b:e8:5c:16:68:a2:bb:37:
8b:25:b9:48:91:e2:09:9b:a3:90:72:df:96:2b:09:
d8:84:a7:01:0c:b1:38:d0:92:82:68:db:53:a4:5c:
76:f8:f8:db:09:23:e7:c7:e6:a8:ea:62:66:a3:18:
55:6b:70:78:48:a2:a8:f5:01:41:83:44:eb:4d:04:
30:c9:31:49:d1:4e:63:0f:74:4b:8a:46:e9:ee:2e:
8c:c2:b0:21:0b:37:9c:d6:b8:fd:e7:3b:f6:3e:5e:
56:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DD:4E:D6:7E:98:5A:13:16:21:70:BB:14:C1:F4:43:12:40:D3:3F
X509v3 Authority Key Identifier:
keyid:33:CA:4B:5F:42:95:B6:81:21:27:AF:57:61:C6:D7:35:3D:1F:03:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/33CA4B5F4295B6812127AF5761C6D7353D1F0314.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/33CA4B5F4295B6812127AF5761C6D7353D1F0314.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/CHIEF-TW/0/AS131627.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.116.32.0-150.116.51.255
150.116.64.0/20
150.116.83.0-150.116.91.255
150.116.96.0/20
150.116.128.0/17
150.117.128.0-150.117.167.255
150.117.232.0-150.117.255.255
223.26.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:89:ca:bb:c8:32:12:39:e6:f9:99:75:c5:9a:b5:54:aa:96:
16:5b:46:0e:f1:57:0e:49:a2:63:70:aa:be:89:73:f4:78:2c:
a8:52:ce:2c:c1:0e:11:85:07:4c:74:dd:a9:15:e9:64:11:4d:
f2:82:4d:b1:9f:26:9f:72:9d:92:e6:49:a3:2d:54:ae:1e:d4:
b5:8e:c7:17:d1:74:2a:65:c4:15:ca:50:1f:55:01:cd:55:40:
a0:2b:77:98:68:a9:e5:fb:6b:dd:2b:63:db:5b:c0:a6:73:30:
09:58:8e:41:04:6a:b8:30:87:aa:a2:a1:f5:7e:e0:a0:3e:b6:
fb:5d:e6:d9:5c:a7:61:3b:eb:6e:87:ca:db:11:bd:42:46:89:
1c:16:15:ed:5d:27:d1:80:0d:64:3c:e6:cd:ca:f1:73:8b:58:
19:14:10:47:72:6b:40:6b:b1:a5:84:2d:4f:e0:04:e8:9f:3e:
b9:b1:09:86:c1:ed:1c:9d:35:2b:07:0f:bb:3a:27:0c:e6:cf:
bb:cf:88:7b:8e:32:17:ca:19:f5:83:06:07:8e:ee:8f:f1:98:
74:e5:b3:d4:48:4f:55:74:f5:8e:af:c1:62:9b:9d:9e:87:c2:
57:6e:5f:d5:6d:38:9c:66:24:25:58:55:59:97:0f:7f:5f:e0:
24:53:44:53
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIUYEemdhb5hR67CvvJLWHg5vkvxcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzNDQTRCNUY0Mjk1QjY4MTIxMjdBRjU3NjFDNkQ3MzUz
RDFGMDMxNDAeFw0yNjA1MTExNzEyMzNaFw0yNzA1MTAxNzE3MzNaMDMxMTAvBgNV
BAMTKEY1REQ0RUQ2N0U5ODVBMTMxNjIxNzBCQjE0QzFGNDQzMTI0MEQzM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxi4w3NiB+pYSbcCfvDyAgyDY
as9yosnY1HwXIQ5b3HytjIivyAUISZMkO2Ir+LNG2r3uNA/XMSVBdlIcpO2Haz6J
HxtUsfk+0RdgpTJdOAJmAdVZeHU5S7AK6ns8Nrw4066m0dJHFupAawntIYrBb7hM
K02xgQqm4bnL+O2g3CXYYgVFqOkTqxfPWKDvUrhLeSGYyFk4Gd6ta1wr6FwWaKK7
N4sluUiR4gmbo5By35YrCdiEpwEMsTjQkoJo21OkXHb4+NsJI+fH5qjqYmajGFVr
cHhIoqj1AUGDROtNBDDJMUnRTmMPdEuKRunuLozCsCELN5zWuP3nO/Y+XlbVAgMB
AAGjggICMIIB/jAdBgNVHQ4EFgQU9d1O1n6YWhMWIXC7FMH0QxJA0z8wHwYDVR0j
BBgwFoAUM8pLX0KVtoEhJ69XYcbXNT0fAxQwDgYDVR0PAQH/BAQDAgeAMGUGA1Ud
HwReMFwwWqBYoFaGVHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvQ0hJRUYt
VFcvMC8zM0NBNEI1RjQyOTVCNjgxMjEyN0FGNTc2MUM2RDczNTNEMUYwMzE0LmNy
bDBvBggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS8xLzMzQ0E0QjVGNDI5NUI2ODEyMTI3QUY1NzYx
QzZENzM1M0QxRjAzMTQuY2VyMFAGCCsGAQUFBwELBEQwQjBABggrBgEFBQcwC4Y0
cnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9DSElFRi1UVy8wL0FTMTMxNjI3
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkw
VzBVBAIAATBPMAwDBAWWdCADBAKWdDADBASWdEAwDAMEAJZ0UwMEApZ0WAMEBJZ0
YAMEB5Z0gDAMAwQHlnWAAwQDlnWgMAsDBAOWdegDAwGWdAMEAt8aaDANBgkqhkiG
9w0BAQsFAAOCAQEAaonKu8gyEjnm+Zl1xZq1VKqWFltGDvFXDkmiY3Cqvolz9Hgs
qFLOLMEOEYUHTHTdqRXpZBFN8oJNsZ8mn3KdkuZJoy1Urh7UtY7HF9F0KmXEFcpQ
H1UBzVVAoCt3mGip5ftr3Stj21vApnMwCViOQQRquDCHqqKh9X7goD62+13m2Vyn
YTvrbofK2xG9QkaJHBYV7V0n0YANZDzmzcrxc4tYGRQQR3JrQGuxpYQtT+AE6J8+
ubEJhsHtHJ01KwcPuzonDObPu8+Ie44yF8oZ9YMGB47uj/GYdOWz1EhPVXT1jq/B
YpudnofCV25f1W04nGYkJVhVWZcPf1/gJFNEUw==
-----END CERTIFICATE-----
Generated at Wed May 13 21:51:25 2026 by rpki-client