Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/FET/0/AS9311.roa
File: AS9311.roa (raw, json)
Hash identifier: mHZvaMCozjD7f6DphdBIPuH3dfs0ge2AQcsBDnwptRU=
Subject key identifier: 5C:73:BE:48:1A:A3:6D:95:C6:E4:62:34:B3:51:07:92:F6:21:DA:C6
Certificate issuer: /CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Certificate serial: 17B2BAF771C26149EB1C6334CF6C8A18CB67B5BB
Authority key identifier: 71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/FET/0/AS9311.roa
Signing time: Mon 11 May 2026 17:37:49 +0000
ROA not before: Mon 11 May 2026 17:32:49 +0000
ROA not after: Mon 10 May 2027 17:37:49 +0000
asID: 9311
IP address blocks: 203.79.220.0/22 maxlen: 24
203.79.224.0/22 maxlen: 24
203.79.235.0/24 maxlen: 24
210.58.96.0/21 maxlen: 24
210.63.239.0/24 maxlen: 24
210.63.240.0/24 maxlen: 24
210.63.253.0/24 maxlen: 24
210.200.17.0/24 maxlen: 24
210.200.79.0/24 maxlen: 24
210.200.106.0/24 maxlen: 24
210.200.128.0/18 maxlen: 24
210.200.192.0/18 maxlen: 24
210.201.52.0/22 maxlen: 24
210.201.60.0/23 maxlen: 24
210.201.74.0/23 maxlen: 24
210.201.76.0/22 maxlen: 24
210.201.80.0/22 maxlen: 24
210.201.136.0/22 maxlen: 24
210.202.233.0/24 maxlen: 24
210.203.0.0/17 maxlen: 24
222.156.247.0/24 maxlen: 24
2404:0:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 May 2026 08:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:b2:ba:f7:71:c2:61:49:eb:1c:63:34:cf:6c:8a:18:cb:67:b5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71FA20FC269CE9805B2C67E59B357AA684246D10
Validity
Not Before: May 11 17:32:49 2026 GMT
Not After : May 10 17:37:49 2027 GMT
Subject: CN=5C73BE481AA36D95C6E46234B3510792F621DAC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:44:e3:b3:f8:aa:b8:2d:2c:ea:48:73:de:11:
72:99:db:51:7c:54:1b:88:c7:be:94:4b:e4:0c:dc:
66:5e:32:73:c0:d0:2a:5c:36:89:99:0c:3a:16:d0:
1c:1c:9e:0c:99:9e:60:02:8a:b6:bf:3d:f4:08:9a:
23:d4:89:68:15:6e:5f:19:e7:7e:4b:b3:0d:85:14:
a1:e6:d1:7d:e0:81:6e:73:ff:58:44:e3:58:1d:35:
57:cb:8e:af:ef:af:58:0c:cf:52:da:fc:89:14:4e:
59:d7:34:00:67:20:bb:5e:7a:cd:cd:ec:a5:e0:fa:
29:af:c9:47:d8:6d:9d:1b:21:b5:00:dc:86:58:02:
5a:32:b5:26:f3:29:09:01:64:a4:f7:ce:9c:ee:cb:
db:18:b1:73:46:e0:f7:03:52:32:97:18:36:c3:41:
c4:2d:d6:ee:b4:6e:95:61:78:43:2c:91:87:e9:14:
49:0c:de:69:15:22:64:67:7c:7d:98:e0:b3:44:ef:
6e:85:6d:e2:cc:c6:11:75:c6:22:fa:00:21:cd:75:
fc:e6:9a:b9:a9:c9:c9:ae:fd:88:87:f2:49:8c:c7:
83:86:19:97:11:21:4a:8f:4c:db:0c:97:00:ac:cc:
85:85:cc:66:59:7a:12:fd:dc:a7:29:d2:5f:36:50:
10:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:73:BE:48:1A:A3:6D:95:C6:E4:62:34:B3:51:07:92:F6:21:DA:C6
X509v3 Authority Key Identifier:
keyid:71:FA:20:FC:26:9C:E9:80:5B:2C:67:E5:9B:35:7A:A6:84:24:6D:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/FET/0/71FA20FC269CE9805B2C67E59B357AA684246D10.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/71FA20FC269CE9805B2C67E59B357AA684246D10.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/FET/0/AS9311.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.79.220.0-203.79.227.255
203.79.235.0/24
210.58.96.0/21
210.63.239.0-210.63.240.255
210.63.253.0/24
210.200.17.0/24
210.200.79.0/24
210.200.106.0/24
210.200.128.0/17
210.201.52.0/22
210.201.60.0/23
210.201.74.0-210.201.83.255
210.201.136.0/22
210.202.233.0/24
210.203.0.0/17
222.156.247.0/24
IPv6:
2404:0:4000::/36
Signature Algorithm: sha256WithRSAEncryption
82:44:34:29:da:90:a5:c3:ff:f8:bd:18:29:8f:18:56:0b:8b:
2d:e3:f3:a2:17:83:db:ea:5b:08:c2:32:bc:31:4b:84:67:fa:
2a:45:eb:ce:9e:76:19:91:02:d2:29:fb:6a:17:2a:b0:c7:be:
81:db:7d:39:8f:38:8b:f3:1b:0d:f3:e3:18:32:bb:7d:03:a0:
de:bb:22:64:ea:d2:bd:ed:14:f6:8c:1e:e5:cd:d6:39:fb:17:
3d:e0:93:2e:2d:d0:78:d2:de:db:5b:6b:e9:be:fa:aa:7f:06:
01:11:40:e5:76:90:3f:5b:d1:8d:eb:69:f4:66:37:bd:e6:92:
9d:75:73:0a:2d:6a:f1:0b:4e:7f:e2:f0:33:4e:b9:72:65:21:
69:ec:a2:bb:c2:7e:26:ef:d0:79:50:6f:4d:5c:71:c9:7e:7d:
55:1c:86:ad:08:2a:01:29:62:c1:af:c5:a1:de:fd:73:6c:a0:
26:4e:dc:d0:0c:77:7e:41:73:b8:60:5f:49:12:9d:88:c5:c0:
8f:8e:ca:c5:92:d9:ac:d7:2f:d3:a4:fd:26:68:b6:65:f1:72:
74:7b:9f:bd:4d:79:6d:17:52:ca:70:8b:cf:58:ac:6c:7a:ba:
b8:61:f6:a0:74:37:ae:95:ac:62:a3:ec:8d:d0:87:21:2d:d7:
b0:6a:e2:93
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUF7K693HCYUnrHGM0z2yKGMtntbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4
NDI0NkQxMDAeFw0yNjA1MTExNzMyNDlaFw0yNzA1MTAxNzM3NDlaMDMxMTAvBgNV
BAMTKDVDNzNCRTQ4MUFBMzZEOTVDNkU0NjIzNEIzNTEwNzkyRjYyMURBQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUROOz+Kq4LSzqSHPeEXKZ21F8
VBuIx76US+QM3GZeMnPA0CpcNomZDDoW0BwcngyZnmACira/PfQImiPUiWgVbl8Z
535Lsw2FFKHm0X3ggW5z/1hE41gdNVfLjq/vr1gMz1La/IkUTlnXNABnILtees3N
7KXg+imvyUfYbZ0bIbUA3IZYAloytSbzKQkBZKT3zpzuy9sYsXNG4PcDUjKXGDbD
QcQt1u60bpVheEMskYfpFEkM3mkVImRnfH2Y4LNE726FbeLMxhF1xiL6ACHNdfzm
mrmpycmu/YiH8kmMx4OGGZcRIUqPTNsMlwCszIWFzGZZehL93Kcp0l82UBCBAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUXHO+SBqjbZXG5GI0s1EHkvYh2sYwHwYDVR0j
BBgwFoAUcfog/Cac6YBbLGflmzV6poQkbRAwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAv
NzFGQTIwRkMyNjlDRTk4MDVCMkM2N0U1OUIzNTdBQTY4NDI0NkQxMC5jcmwwbwYI
KwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25pYy50
dy9ycGtpL1RXTklDQ0EvMS83MUZBMjBGQzI2OUNFOTgwNUIyQzY3RTU5QjM1N0FB
Njg0MjQ2RDEwLmNlcjBJBggrBgEFBQcBCwQ9MDswOQYIKwYBBQUHMAuGLXJzeW5j
Oi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvRkVULzAvQVM5MzExLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB+BAIAATB4
MAwDBALLT9wDBALLT+ADBADLT+sDBAPSOmAwDAMEANI/7wMEANI/8AMEANI//QME
ANLIEQMEANLITwMEANLIagMEB9LIgAMEAtLJNAMEAdLJPDAMAwQB0slKAwQC0slQ
AwQC0smIAwQA0srpAwQH0ssAAwQA3pz3MA4EAgACMAgDBgQkBAAAQDANBgkqhkiG
9w0BAQsFAAOCAQEAgkQ0KdqQpcP/+L0YKY8YVguLLePzoheD2+pbCMIyvDFLhGf6
KkXrzp52GZEC0in7ahcqsMe+gdt9OY84i/MbDfPjGDK7fQOg3rsiZOrSve0U9owe
5c3WOfsXPeCTLi3QeNLe21tr6b76qn8GARFA5XaQP1vRjetp9GY3veaSnXVzCi1q
8QtOf+LwM065cmUhaeyiu8J+Ju/QeVBvTVxxyX59VRyGrQgqASliwa/Fod79c2yg
Jk7c0Ax3fkFzuGBfSRKdiMXAj47KxZLZrNcv06T9Jmi2ZfFydHufvU15bRdSynCL
z1isbHq6uGH2oHQ3rpWsYqPsjdCHIS3XsGrikw==
-----END CERTIFICATE-----
Generated at Wed May 13 21:50:41 2026 by rpki-client