Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PROFOND/0/AS135596.roa
File: AS135596.roa (raw, json)
Hash identifier: caNPIPRF85PksNjls2RzJz6sn1rtan+Qq+rGyhDOvrA=
Subject key identifier: 24:80:9A:34:1E:5F:57:62:C9:D5:08:D7:67:79:77:00:B7:59:D3:1B
Certificate issuer: /CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Certificate serial: 3A7DE66FF2FB20E1D1890895731DBF0D5E40575E
Authority key identifier: 9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS135596.roa
Signing time: Mon 11 May 2026 17:37:14 +0000
ROA not before: Mon 11 May 2026 17:32:14 +0000
ROA not after: Mon 10 May 2027 17:37:14 +0000
asID: 135596
IP address blocks: 60.198.152.0/24 maxlen: 24
60.198.153.0/24 maxlen: 24
60.198.154.0/24 maxlen: 24
60.198.155.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:7d:e6:6f:f2:fb:20:e1:d1:89:08:95:73:1d:bf:0d:5e:40:57:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Validity
Not Before: May 11 17:32:14 2026 GMT
Not After : May 10 17:37:14 2027 GMT
Subject: CN=24809A341E5F5762C9D508D767797700B759D31B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:fa:b4:43:48:18:93:47:a3:aa:5c:26:66:
74:87:ea:0c:e4:5c:00:23:1d:de:68:74:9f:88:31:
67:95:5c:50:88:45:49:84:9d:d4:94:f8:c3:9e:39:
d9:00:cd:d0:f6:71:a4:a9:23:c1:01:2a:eb:3f:0f:
9f:d3:3f:c8:cf:51:bc:3b:1c:5a:ca:89:be:e8:8c:
42:d9:22:52:29:f4:92:33:e7:c5:7a:dc:e6:3c:a0:
44:26:08:9c:0e:09:0d:bd:e0:d4:dc:6f:6a:d2:87:
90:eb:b6:74:26:c4:ec:54:88:85:fa:e3:19:59:af:
ca:10:a3:32:50:69:b9:cb:5d:82:0b:d8:2c:f1:88:
fe:de:aa:67:02:e7:77:d6:82:86:fb:7a:22:a2:9b:
ab:af:81:f0:67:cb:0a:06:d6:3c:9e:13:78:ef:ef:
96:ad:3b:ee:03:ff:a6:93:91:17:87:0b:e2:38:3f:
15:50:66:fd:1e:91:83:e4:99:ed:fb:fc:63:41:cf:
5a:c8:9e:07:c7:f9:11:4f:d2:04:ff:01:a2:6f:0c:
32:73:ae:a7:40:f6:79:3a:bc:54:6c:21:a0:20:fa:
ab:dd:ab:68:f0:b2:3b:1a:a9:28:54:a6:39:b8:7a:
5f:9c:8e:8b:66:ba:16:6a:c8:82:05:73:59:4b:fe:
22:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:80:9A:34:1E:5F:57:62:C9:D5:08:D7:67:79:77:00:B7:59:D3:1B
X509v3 Authority Key Identifier:
keyid:9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS135596.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.198.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:c4:24:ab:88:de:13:7b:ea:32:78:08:c7:fb:61:90:58:02:
a0:82:15:f4:46:93:37:d4:3d:36:1d:22:44:83:14:3f:03:df:
36:26:46:21:71:3c:45:25:00:9f:23:10:87:c3:37:70:7a:d0:
c0:83:5b:1f:58:64:2c:61:1d:6a:54:65:e4:1d:b0:0c:5a:9d:
d8:7a:7f:e9:ff:6f:33:27:82:a1:75:4b:8f:1b:72:b5:c0:8a:
25:ce:57:bb:d7:d8:fe:39:6e:65:f9:b4:6e:d9:15:08:e8:b5:
06:c9:d4:89:58:56:67:63:12:e5:c3:48:8b:ba:7f:55:2c:a4:
e4:4f:4b:62:d6:cc:68:6b:86:68:cf:90:1b:cf:89:76:aa:81:
38:ef:26:e6:01:7b:ec:cd:d1:c6:a1:fa:f4:42:c8:a7:d9:d4:
5f:50:eb:66:81:a9:d7:86:2c:f8:4a:9c:05:18:59:b8:3f:b7:
06:4a:b7:80:bf:29:9d:ba:68:88:e0:b0:82:fe:9e:77:31:a1:
d9:c6:0a:12:6b:6b:52:1f:90:43:6c:12:49:ae:51:be:e8:c5:
63:21:8b:12:08:62:c3:d6:9a:6d:ef:d1:51:10:81:4c:c2:ea:
25:ba:49:4f:ef:7f:23:24:5f:53:43:e5:b1:8f:b3:12:41:ce:
d0:7c:c9:ac
-----BEGIN CERTIFICATE-----
MIIErTCCA5WgAwIBAgIUOn3mb/L7IOHRiQiVcx2/DV5AV14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JENjRGRkU0
QUVBNTFGNTAeFw0yNjA1MTExNzMyMTRaFw0yNzA1MTAxNzM3MTRaMDMxMTAvBgNV
BAMTKDI0ODA5QTM0MUU1RjU3NjJDOUQ1MDhENzY3Nzk3NzAwQjc1OUQzMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/rvq0Q0gYk0ejqlwmZnSH6gzk
XAAjHd5odJ+IMWeVXFCIRUmEndSU+MOeOdkAzdD2caSpI8EBKus/D5/TP8jPUbw7
HFrKib7ojELZIlIp9JIz58V63OY8oEQmCJwOCQ294NTcb2rSh5DrtnQmxOxUiIX6
4xlZr8oQozJQabnLXYIL2CzxiP7eqmcC53fWgob7eiKim6uvgfBnywoG1jyeE3jv
75atO+4D/6aTkReHC+I4PxVQZv0ekYPkme37/GNBz1rIngfH+RFP0gT/AaJvDDJz
rqdA9nk6vFRsIaAg+qvdq2jwsjsaqShUpjm4el+cjotmuhZqyIIFc1lL/iJxAgMB
AAGjggG3MIIBszAdBgNVHQ4EFgQUJICaNB5fV2LJ1QjXZ3l3ALdZ0xswHwYDVR0j
BBgwFoAUmwHVpJZ1XfaayS/sO9ZP/krqUfUwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFJPRk9O
RC8wLzlCMDFENUE0OTY3NTVERjY5QUM5MkZFQzNCRDY0RkZFNEFFQTUxRjUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JE
NjRGRkU0QUVBNTFGNS5jZXIwTwYIKwYBBQUHAQsEQzBBMD8GCCsGAQUFBzALhjNy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BST0ZPTkQvMC9BUzEzNTU5Ni5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAjzGmDANBgkqhkiG9w0BAQsFAAOCAQEAT8Qkq4jeE3vqMngIx/th
kFgCoIIV9EaTN9Q9Nh0iRIMUPwPfNiZGIXE8RSUAnyMQh8M3cHrQwINbH1hkLGEd
alRl5B2wDFqd2Hp/6f9vMyeCoXVLjxtytcCKJc5Xu9fY/jluZfm0btkVCOi1BsnU
iVhWZ2MS5cNIi7p/VSyk5E9LYtbMaGuGaM+QG8+JdqqBOO8m5gF77M3RxqH69ELI
p9nUX1DrZoGp14Ys+EqcBRhZuD+3Bkq3gL8pnbpoiOCwgv6edzGh2cYKEmtrUh+Q
Q2wSSa5RvujFYyGLEghiw9aabe/RURCBTMLqJbpJT+9/IyRfU0PlsY+zEkHO0HzJ
rA==
-----END CERTIFICATE-----
Generated at Tue May 12 23:04:32 2026 by rpki-client