Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS24154.roa
File: AS24154.roa (raw, json)
Hash identifier: 5d9AJsUf5IXX9W/gHPHz7U8Ox7RZTat1L8/CNPchahE=
Subject key identifier: 6B:CB:25:7B:59:5D:FB:CA:DA:91:E1:35:6C:26:23:DA:97:1F:52:BB
Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Certificate serial: 01A3F0E86583AB9D7E2BDEEEE9CE5DC2DC77351C
Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS24154.roa
Signing time: Mon 11 May 2026 17:35:53 +0000
ROA not before: Mon 11 May 2026 17:30:53 +0000
ROA not after: Mon 10 May 2027 17:35:53 +0000
asID: 24154
IP address blocks: 60.244.0.0/18 maxlen: 24
60.244.0.0/24 maxlen: 24
60.244.1.0/24 maxlen: 24
60.244.2.0/24 maxlen: 24
60.244.64.0/18 maxlen: 24
124.219.0.0/17 maxlen: 24
203.79.196.0/22 maxlen: 24
203.79.200.0/22 maxlen: 24
203.79.208.0/21 maxlen: 24
203.207.44.0/22 maxlen: 24
210.63.192.0/19 maxlen: 24
210.63.192.0/21 maxlen: 24
210.63.220.0/22 maxlen: 24
210.63.236.0/24 maxlen: 24
210.200.0.0/19 maxlen: 24
210.200.4.0/22 maxlen: 24
210.200.8.0/21 maxlen: 24
210.200.16.0/20 maxlen: 24
210.200.85.0/24 maxlen: 24
210.202.0.0/19 maxlen: 24
210.202.32.0/20 maxlen: 24
210.202.48.0/21 maxlen: 24
210.202.64.0/18 maxlen: 24
210.202.192.0/18 maxlen: 24
211.76.104.0/23 maxlen: 24
211.76.106.0/24 maxlen: 24
222.156.246.0/24 maxlen: 24
222.156.254.0/24 maxlen: 24
2404:0:5000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 May 2026 08:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:a3:f0:e8:65:83:ab:9d:7e:2b:de:ee:e9:ce:5d:c2:dc:77:35:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Validity
Not Before: May 11 17:30:53 2026 GMT
Not After : May 10 17:35:53 2027 GMT
Subject: CN=6BCB257B595DFBCADA91E1356C2623DA971F52BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d1:2f:b8:72:a9:e2:62:de:ad:38:d9:6f:d9:
2f:52:d6:02:b8:26:d5:fc:06:71:2c:2d:fd:28:e3:
77:82:2a:49:6a:bc:89:6a:70:93:9e:a0:b5:05:5c:
45:ee:c0:f2:53:2a:23:56:71:46:cd:3b:93:d8:99:
b8:60:88:6f:b7:ae:0c:62:f2:1f:f8:83:66:4c:ef:
92:80:56:7e:64:68:1c:e2:e1:cd:57:67:89:8a:a7:
44:e8:73:fc:39:eb:0f:d7:7c:83:f5:3d:ba:58:c0:
9b:01:76:82:9c:05:b9:73:23:95:a2:36:11:9d:8d:
d8:9e:88:bf:41:27:73:8f:b8:3c:be:c5:37:bc:e4:
95:22:e9:72:35:a7:b1:56:b6:68:5e:4b:8d:90:4e:
9e:b8:6f:de:b5:c0:0f:78:ab:54:c4:98:a8:5c:b4:
81:21:5f:16:8d:c1:48:49:fa:e2:0e:c1:13:2f:1e:
a4:47:13:06:d6:57:20:ab:ca:8f:b5:be:d9:62:9f:
43:ad:f7:54:ce:6f:d7:85:86:35:da:3a:cc:59:a4:
6d:b8:cb:0f:f9:8c:d9:57:c5:9e:75:cc:29:2b:27:
6c:35:11:24:3c:19:59:73:3e:31:f0:4d:a7:d6:ec:
c8:46:8e:e7:3e:7f:d3:cb:6a:28:32:29:f4:8c:77:
30:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CB:25:7B:59:5D:FB:CA:DA:91:E1:35:6C:26:23:DA:97:1F:52:BB
X509v3 Authority Key Identifier:
keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS24154.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/17
124.219.0.0/17
203.79.196.0-203.79.203.255
203.79.208.0/21
203.207.44.0/22
210.63.192.0/19
210.63.236.0/24
210.200.0.0/19
210.200.85.0/24
210.202.0.0-210.202.55.255
210.202.64.0/18
210.202.192.0/18
211.76.104.0-211.76.106.255
222.156.246.0/24
222.156.254.0/24
IPv6:
2404:0:5000::/36
Signature Algorithm: sha256WithRSAEncryption
6f:56:fe:e9:cc:48:bd:01:95:30:df:17:de:18:4a:ab:3b:32:
fe:80:58:f6:89:8c:10:42:88:ce:f2:33:88:1c:29:37:f1:56:
f5:fc:87:26:8f:61:77:df:1a:37:bb:57:90:e2:bf:99:ef:81:
24:fc:52:8c:39:4e:99:c2:2d:5a:9e:24:01:2e:33:fe:96:e2:
92:4e:04:95:cc:3b:ed:a0:0a:a4:d2:c9:6b:01:30:9e:89:c0:
0b:5c:5f:e2:02:e4:45:07:2d:cc:64:ca:c4:b2:14:46:28:44:
b1:ab:50:ac:00:43:15:7e:9f:90:97:1c:df:89:98:a4:c9:be:
3d:c0:c6:15:a0:b1:5a:88:5a:d1:e6:fa:68:e0:75:cd:8d:e4:
4b:07:7b:bb:dc:2e:3f:45:98:7a:cf:52:5e:05:62:5f:18:68:
65:4f:7b:38:5c:03:0a:63:92:54:57:c7:e3:44:79:0b:df:76:
26:35:57:06:e8:d3:ba:b5:dd:04:5e:07:7d:a8:8e:bd:dc:43:
86:b9:d8:6c:00:60:96:41:04:5f:63:3b:04:ce:56:a3:79:5e:
70:a3:9a:25:08:80:4c:15:92:ee:64:36:8f:d8:08:a0:ef:49:
d4:28:fb:d7:60:4d:23:0c:04:25:dd:91:c5:68:fa:49:23:7b:
2d:a1:42:bd
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUAaPw6GWDq51+K97u6c5dwtx3NRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4
NDI0NkQxMDAeFw0yNjA1MTExNzMwNTNaFw0yNzA1MTAxNzM1NTNaMDMxMTAvBgNV
BAMTKDZCQ0IyNTdCNTk1REZCQ0FEQTkxRTEzNTZDMjYyM0RBOTcxRjUyQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa0S+4cqniYt6tONlv2S9S1gK4
JtX8BnEsLf0o43eCKklqvIlqcJOeoLUFXEXuwPJTKiNWcUbNO5PYmbhgiG+3rgxi
8h/4g2ZM75KAVn5kaBzi4c1XZ4mKp0Toc/w56w/XfIP1PbpYwJsBdoKcBblzI5Wi
NhGdjdieiL9BJ3OPuDy+xTe85JUi6XI1p7FWtmheS42QTp64b961wA94q1TEmKhc
tIEhXxaNwUhJ+uIOwRMvHqRHEwbWVyCryo+1vtlin0Ot91TOb9eFhjXaOsxZpG24
yw/5jNlXxZ51zCkrJ2w1ESQ8GVlzPjHwTafW7MhGjuc+f9PLaigyKfSMdzDRAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUa8sle1ld+8rakeE1bCYj2pcfUrswHwYDVR0j
BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv
NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB
Njg0MjQ2RDEwLmNlcjBKBggrBgEFBQcBCwQ+MDwwOgYIKwYBBQUHMAuGLnJzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVMyNDE1NC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjCBnAYIKwYBBQUHAQcBAf8EgYwwgYkwdwQCAAEw
cQMEBzz0AAMEB3zbADAMAwQCy0/EAwQCy0/IAwQDy0/QAwQCy88sAwQF0j/AAwQA
0j/sAwQF0sgAAwQA0shVMAsDAwHSygMEA9LKMAMEBtLKQAMEBtLKwDAMAwQD00xo
AwQA00xqAwQA3pz2AwQA3pz+MA4EAgACMAgDBgQkBAAAUDANBgkqhkiG9w0BAQsF
AAOCAQEAb1b+6cxIvQGVMN8X3hhKqzsy/oBY9omMEEKIzvIziBwpN/FW9fyHJo9h
d98aN7tXkOK/me+BJPxSjDlOmcItWp4kAS4z/pbikk4Elcw77aAKpNLJawEwnonA
C1xf4gLkRQctzGTKxLIURihEsatQrABDFX6fkJcc34mYpMm+PcDGFaCxWoha0eb6
aOB1zY3kSwd7u9wuP0WYes9SXgViXxhoZU97OFwDCmOSVFfH40R5C992JjVXBujT
urXdBF4HfaiOvdxDhrnYbABglkEEX2M7BM5Wo3lecKOaJQiATBWS7mQ2j9gIoO9J
1Cj712BNIwwEJd2RxWj6SSN7LaFCvQ==
-----END CERTIFICATE-----
Generated at Wed May 13 21:50:41 2026 by rpki-client