Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PROFOND/0/AS131628.roa
File: AS131628.roa (raw, json)
Hash identifier: Y9kc8B+Z+pn3XEL2DISILZAM1tomlSiZFJWaZWGFzik=
Subject key identifier: DA:5F:48:46:C8:5C:81:B6:B3:2D:FA:A2:D9:BC:87:8C:B4:02:52:AB
Certificate issuer: /CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Certificate serial: 4B6271E87BF672EDD7DB021F443C833488BD25A1
Authority key identifier: 9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS131628.roa
Signing time: Mon 11 May 2026 17:58:56 +0000
ROA not before: Mon 11 May 2026 17:53:56 +0000
ROA not after: Mon 10 May 2027 17:58:56 +0000
asID: 131628
IP address blocks: 175.97.128.0/18 maxlen: 24
175.97.192.0/20 maxlen: 24
175.97.208.0/22 maxlen: 24
175.97.212.0/22 maxlen: 24
175.97.216.0/21 maxlen: 24
175.97.224.0/23 maxlen: 24
175.99.0.0/19 maxlen: 24
175.99.192.0/19 maxlen: 24
175.99.224.0/24 maxlen: 24
175.99.225.0/24 maxlen: 24
175.99.226.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:62:71:e8:7b:f6:72:ed:d7:db:02:1f:44:3c:83:34:88:bd:25:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Validity
Not Before: May 11 17:53:56 2026 GMT
Not After : May 10 17:58:56 2027 GMT
Subject: CN=DA5F4846C85C81B6B32DFAA2D9BC878CB40252AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:34:98:17:d2:cc:98:aa:66:57:ad:19:b7:a4:
21:39:49:ca:ca:3b:31:bd:42:04:a3:6a:78:52:d4:
7e:63:c0:79:69:46:b6:ed:43:1d:14:ab:fa:eb:e6:
0b:92:c3:11:9f:7c:e1:5b:9b:c7:e9:5c:52:10:5b:
b7:1f:fc:4b:bd:19:dc:3e:d4:8d:e5:dd:b5:f4:95:
c6:7a:bf:7b:a3:d6:52:95:05:31:90:9b:69:ac:81:
0d:ab:21:ef:f0:77:89:83:f6:6d:1b:b1:43:c7:94:
fc:90:19:29:74:35:70:67:4e:fa:5e:e0:2b:ae:f8:
6d:5b:d0:88:08:70:74:2e:8c:85:6c:b8:67:ea:dd:
9b:4b:a9:9a:90:46:40:a1:d2:9f:45:d4:61:15:aa:
eb:87:a4:4b:aa:c2:6a:23:d7:a9:9a:54:6c:20:e2:
8e:c4:5a:88:ef:d5:14:6e:bf:27:ef:be:26:ad:94:
3b:1d:27:39:c3:4b:ab:b7:20:43:b3:11:fc:ea:74:
f5:62:c4:c5:50:b9:45:fa:85:0d:f3:94:31:31:1c:
92:9e:95:0a:8a:56:0a:08:b9:31:cb:f7:f2:84:9d:
1b:a1:99:ac:b0:eb:6b:fe:cb:4a:8e:a9:05:c1:e2:
28:2b:d0:67:ee:de:b8:0c:ac:de:fb:89:e4:c6:b6:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5F:48:46:C8:5C:81:B6:B3:2D:FA:A2:D9:BC:87:8C:B4:02:52:AB
X509v3 Authority Key Identifier:
keyid:9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS131628.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.97.128.0-175.97.225.255
175.99.0.0/19
175.99.192.0-175.99.226.255
Signature Algorithm: sha256WithRSAEncryption
20:73:9d:ae:2e:1a:2c:1c:d2:e9:02:12:0a:29:b4:64:4e:d7:
89:61:70:1e:36:09:72:b8:f9:1a:59:35:07:24:b6:71:15:a1:
9e:ea:78:df:b4:26:0e:2f:90:79:bc:da:69:91:16:c0:4f:72:
e0:7c:6c:37:b1:f5:b9:a9:7e:15:0b:a5:dd:00:ae:1b:b1:21:
49:81:9f:86:ac:7f:c6:41:eb:ea:40:a3:39:a3:57:59:74:8c:
ec:92:ae:53:77:b9:62:b2:6f:12:ad:dd:70:8a:ca:40:0e:d0:
2b:a1:85:a8:9c:4c:81:83:5c:d5:55:ce:83:85:8f:2a:83:82:
b5:20:fd:54:91:08:42:26:d3:e7:75:82:f4:57:44:ba:82:af:
84:df:7a:a3:da:01:63:6f:05:f7:aa:91:67:ad:77:dc:73:91:
17:f8:41:b8:fd:5b:56:62:55:a1:8e:5a:66:a1:83:6f:4d:d5:
8c:9d:92:8b:8e:01:4a:0b:5c:0f:c1:87:54:a8:d5:14:2d:6e:
f5:78:96:bc:37:2f:8b:eb:a0:e9:57:63:89:f3:b7:53:68:1d:
9e:5f:fd:aa:98:bc:a8:6c:fc:04:31:ad:b8:6e:d0:4e:12:51:
59:3b:1d:a9:00:5b:e4:8b:45:f8:fc:e5:df:fa:9b:3f:dd:ad:
0b:67:98:be
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUS2Jx6Hv2cu3X2wIfRDyDNIi9JaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JENjRGRkU0
QUVBNTFGNTAeFw0yNjA1MTExNzUzNTZaFw0yNzA1MTAxNzU4NTZaMDMxMTAvBgNV
BAMTKERBNUY0ODQ2Qzg1QzgxQjZCMzJERkFBMkQ5QkM4NzhDQjQwMjUyQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUNJgX0syYqmZXrRm3pCE5ScrK
OzG9QgSjanhS1H5jwHlpRrbtQx0Uq/rr5guSwxGffOFbm8fpXFIQW7cf/Eu9Gdw+
1I3l3bX0lcZ6v3uj1lKVBTGQm2msgQ2rIe/wd4mD9m0bsUPHlPyQGSl0NXBnTvpe
4Cuu+G1b0IgIcHQujIVsuGfq3ZtLqZqQRkCh0p9F1GEVquuHpEuqwmoj16maVGwg
4o7EWojv1RRuvyfvviatlDsdJznDS6u3IEOzEfzqdPVixMVQuUX6hQ3zlDExHJKe
lQqKVgoIuTHL9/KEnRuhmayw62v+y0qOqQXB4igr0Gfu3rgMrN77ieTGtvMbAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQU2l9IRshcgbazLfqi2byHjLQCUqswHwYDVR0j
BBgwFoAUmwHVpJZ1XfaayS/sO9ZP/krqUfUwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFJPRk9O
RC8wLzlCMDFENUE0OTY3NTVERjY5QUM5MkZFQzNCRDY0RkZFNEFFQTUxRjUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JE
NjRGRkU0QUVBNTFGNS5jZXIwTwYIKwYBBQUHAQsEQzBBMD8GCCsGAQUFBzALhjNy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BST0ZPTkQvMC9BUzEzMTYyOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCow
KAQCAAEwIjAMAwQHr2GAAwQBr2HgAwQFr2MAMAwDBAavY8ADBACvY+IwDQYJKoZI
hvcNAQELBQADggEBACBzna4uGiwc0ukCEgoptGRO14lhcB42CXK4+RpZNQcktnEV
oZ7qeN+0Jg4vkHm82mmRFsBPcuB8bDex9bmpfhULpd0ArhuxIUmBn4asf8ZB6+pA
ozmjV1l0jOySrlN3uWKybxKt3XCKykAO0CuhhaicTIGDXNVVzoOFjyqDgrUg/VSR
CEIm0+d1gvRXRLqCr4TfeqPaAWNvBfeqkWetd9xzkRf4Qbj9W1ZiVaGOWmahg29N
1YydkouOAUoLXA/Bh1So1RQtbvV4lrw3L4vroOlXY4nzt1NoHZ5f/aqYvKhs/AQx
rbhu0E4SUVk7HakAW+SLRfj85d/6mz/drQtnmL4=
-----END CERTIFICATE-----
Generated at Tue May 12 23:04:27 2026 by rpki-client