Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS7482.roa
File: AS7482.roa (raw, json)
Hash identifier: bDpHLcVeEJ1yrwmPoAV0hOhONRWieRc4Sv7FCsbg4ec=
Subject key identifier: 37:F6:9C:36:65:9A:F8:35:F7:66:A9:1A:67:3E:9E:00:24:D9:89:48
Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Certificate serial: 75431F212AE2E69F09AFFFF9FADACB4C296E309E
Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS7482.roa
Signing time: Mon 11 May 2026 17:39:28 +0000
ROA not before: Mon 11 May 2026 17:34:28 +0000
ROA not after: Mon 10 May 2027 17:39:28 +0000
asID: 7482
IP address blocks: 60.244.0.0/17 maxlen: 24
60.244.128.0/17 maxlen: 24
60.244.128.0/18 maxlen: 24
60.244.192.0/18 maxlen: 24
124.218.0.0/16 maxlen: 24
124.219.0.0/17 maxlen: 24
202.178.128.0/17 maxlen: 24
203.79.128.0/17 maxlen: 24
203.79.128.0/18 maxlen: 24
203.79.192.0/18 maxlen: 24
203.79.192.0/22 maxlen: 24
203.79.216.0/22 maxlen: 24
203.79.232.0/21 maxlen: 24
203.79.240.0/21 maxlen: 24
210.58.0.0/16 maxlen: 24
210.85.0.0/16 maxlen: 24
210.200.0.0/16 maxlen: 24
210.200.0.0/18 maxlen: 24
210.200.64.0/18 maxlen: 24
210.200.83.0/24 maxlen: 24
210.200.128.0/18 maxlen: 24
210.200.192.0/18 maxlen: 24
210.201.0.0/16 maxlen: 24
210.201.0.0/18 maxlen: 24
210.201.64.0/18 maxlen: 24
210.201.128.0/18 maxlen: 24
210.201.192.0/18 maxlen: 24
210.202.64.0/18 maxlen: 18
210.202.96.0/20 maxlen: 24
210.202.128.0/18 maxlen: 24
210.202.192.0/18 maxlen: 24
210.203.0.0/17 maxlen: 24
210.203.0.0/18 maxlen: 24
210.203.64.0/18 maxlen: 24
218.34.0.0/16 maxlen: 24
218.35.0.0/16 maxlen: 24
218.184.0.0/16 maxlen: 24
218.187.0.0/16 maxlen: 24
219.91.0.0/17 maxlen: 24
222.156.0.0/16 maxlen: 24
222.157.0.0/16 maxlen: 24
223.22.0.0/18 maxlen: 24
223.22.66.0/24 maxlen: 24
2404:0:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 May 2026 08:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:43:1f:21:2a:e2:e6:9f:09:af:ff:f9:fa:da:cb:4c:29:6e:30:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Validity
Not Before: May 11 17:34:28 2026 GMT
Not After : May 10 17:39:28 2027 GMT
Subject: CN=37F69C36659AF835F766A91A673E9E0024D98948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3a:43:ba:be:b3:5a:65:b9:4e:b9:9c:ea:18:
8a:a5:6e:a7:cc:f8:54:f8:3b:d4:1d:c2:02:9b:a2:
7c:40:ab:91:7d:66:17:2e:bd:d1:19:a7:1e:3a:87:
3f:41:ae:44:da:71:f7:38:75:e0:4b:15:18:7e:b5:
12:a5:11:9e:6a:15:51:9f:f8:31:c0:88:7a:55:32:
f2:2e:a0:d0:a4:13:67:a3:0d:31:05:b6:f4:d8:52:
4c:f7:0c:88:d0:60:cf:31:7b:df:42:a1:30:1d:ed:
47:50:4b:30:24:5d:a4:78:2a:6a:c4:ba:49:9a:b9:
0d:38:6d:bd:05:45:3e:4e:dc:32:db:38:2d:59:50:
ed:26:71:21:4b:a3:93:84:d3:ca:53:d3:e6:9f:46:
6c:c9:cc:85:0c:a1:40:33:fb:5e:7f:b2:93:89:b7:
4b:40:b5:a6:ff:b0:da:1b:10:ba:eb:e0:5b:30:85:
28:f9:b1:8b:28:44:f4:21:c3:be:b8:73:dc:44:4a:
cf:28:42:c8:ef:67:2c:2f:cf:50:cd:3b:a5:e1:ea:
db:9d:cc:54:8f:08:00:c1:20:12:d8:55:54:03:40:
fb:f9:83:b1:42:fd:dd:6e:2d:9a:35:f0:56:e3:08:
91:a7:71:6a:d0:c3:71:51:09:69:36:c3:ef:61:0a:
15:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F6:9C:36:65:9A:F8:35:F7:66:A9:1A:67:3E:9E:00:24:D9:89:48
X509v3 Authority Key Identifier:
keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS7482.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/16
124.218.0.0-124.219.127.255
202.178.128.0/17
203.79.128.0/17
210.58.0.0/16
210.85.0.0/16
210.200.0.0/15
210.202.64.0-210.203.127.255
218.34.0.0/15
218.184.0.0/16
218.187.0.0/16
219.91.0.0/17
222.156.0.0/15
223.22.0.0/18
223.22.66.0/24
IPv6:
2404:0:2000::/36
Signature Algorithm: sha256WithRSAEncryption
24:41:8c:79:da:b1:ab:e3:4c:4e:7e:a5:b7:79:a9:97:9a:29:
8e:e0:fc:d8:0b:a9:9f:b9:62:a5:ed:66:23:73:39:15:0a:82:
6f:81:4d:ae:42:24:a4:6e:bc:9b:39:01:89:74:d2:51:d9:ea:
d3:75:3d:32:ad:6d:bb:ca:7c:7e:72:c4:fe:eb:4f:8a:5a:22:
f8:63:2a:39:d2:04:c7:2e:fb:7b:27:19:98:01:ec:7f:6b:bb:
3c:3d:5c:e9:d2:20:4c:4b:de:5c:cf:89:d9:c7:d1:f2:89:f2:
9e:b7:be:60:f6:9a:1c:18:e0:cf:58:a2:97:ac:19:af:c0:87:
42:40:83:7b:12:e1:bc:12:14:7a:cb:ae:9f:34:3a:cf:b6:72:
b6:10:ba:e2:aa:19:62:9f:c8:b2:0d:fb:c0:aa:7b:0f:b4:24:
db:06:f5:ea:a7:75:b3:f9:21:3b:5e:67:78:37:b5:a2:49:d4:
90:89:69:17:8a:86:f2:d4:5d:a7:26:31:39:71:a2:0f:33:c5:
f9:0c:8b:a0:33:7b:c8:8c:39:23:71:5c:39:ab:2f:a7:25:07:
32:25:bf:27:5e:a6:5e:bc:4b:44:a7:0f:1e:2a:aa:0c:86:42:
3c:86:c1:cb:9f:33:f6:40:45:75:6b:71:c0:ae:7f:82:d2:c7:
60:a3:fa:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIUdUMfISri5p8Jr//5+trLTCluMJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4
NDI0NkQxMDAeFw0yNjA1MTExNzM0MjhaFw0yNzA1MTAxNzM5MjhaMDMxMTAvBgNV
BAMTKDM3RjY5QzM2NjU5QUY4MzVGNzY2QTkxQTY3M0U5RTAwMjREOTg5NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqOkO6vrNaZblOuZzqGIqlbqfM
+FT4O9QdwgKbonxAq5F9ZhcuvdEZpx46hz9BrkTacfc4deBLFRh+tRKlEZ5qFVGf
+DHAiHpVMvIuoNCkE2ejDTEFtvTYUkz3DIjQYM8xe99CoTAd7UdQSzAkXaR4KmrE
ukmauQ04bb0FRT5O3DLbOC1ZUO0mcSFLo5OE08pT0+afRmzJzIUMoUAz+15/spOJ
t0tAtab/sNobELrr4FswhSj5sYsoRPQhw764c9xESs8oQsjvZywvz1DNO6Xh6tud
zFSPCADBIBLYVVQDQPv5g7FC/d1uLZo18FbjCJGncWrQw3FRCWk2w+9hChUvAgMB
AAGjggIZMIICFTAdBgNVHQ4EFgQUN/acNmWa+DX3ZqkaZz6eACTZiUgwHwYDVR0j
BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv
NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB
Njg0MjQ2RDEwLmNlcjBJBggrBgEFBQcBCwQ9MDswOQYIKwYBBQUHMAuGLXJzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVM3NDgyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwZwQCAAEwYQMD
ADz0MAsDAwF82gMEB3zbAAMEB8qygAMEB8tPgAMDANI6AwMA0lUDAwHSyDAMAwQG
0spAAwQH0ssAAwMB2iIDAwDauAMDANq7AwQH21sAAwMB3pwDBAbfFgADBADfFkIw
DgQCAAIwCAMGBCQEAAAgMA0GCSqGSIb3DQEBCwUAA4IBAQAkQYx52rGr40xOfqW3
eamXmimO4PzYC6mfuWKl7WYjczkVCoJvgU2uQiSkbrybOQGJdNJR2erTdT0yrW27
ynx+csT+60+KWiL4Yyo50gTHLvt7JxmYAex/a7s8PVzp0iBMS95cz4nZx9HyifKe
t75g9pocGODPWKKXrBmvwIdCQIN7EuG8EhR6y66fNDrPtnK2ELriqhlin8iyDfvA
qnsPtCTbBvXqp3Wz+SE7Xmd4N7WiSdSQiWkXioby1F2nJjE5caIPM8X5DIugM3vI
jDkjcVw5qy+nJQcyJb8nXqZevEtEpw8eKqoMhkI8hsHLnzP2QEV1a3HArn+C0sdg
o/oB
-----END CERTIFICATE-----
Generated at Wed May 13 21:50:46 2026 by rpki-client