Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PROFOND/0/AS20940.roa
File: AS20940.roa (raw, json)
Hash identifier: 1RosFopazmJlrHrL/JjHf3/ozT0fK1MvWHP571CYGz4=
Subject key identifier: 4B:20:1F:71:3A:4A:E1:EC:86:1B:9A:89:8F:1E:F7:F6:2A:F9:94:F3
Certificate issuer: /CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Certificate serial: 0D9F1E85F2CEE383F56C62D9050429E18253F99C
Authority key identifier: 9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS20940.roa
Signing time: Mon 11 May 2026 17:08:40 +0000
ROA not before: Mon 11 May 2026 17:03:40 +0000
ROA not after: Mon 10 May 2027 17:08:40 +0000
asID: 20940
IP address blocks: 2001:4546:1003::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:9f:1e:85:f2:ce:e3:83:f5:6c:62:d9:05:04:29:e1:82:53:f9:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Validity
Not Before: May 11 17:03:40 2026 GMT
Not After : May 10 17:08:40 2027 GMT
Subject: CN=4B201F713A4AE1EC861B9A898F1EF7F62AF994F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:e3:ec:61:56:d9:76:8d:5f:ae:01:b7:4d:
5a:e2:3d:d1:b4:d8:d2:8b:44:56:23:df:6e:12:5d:
c4:68:13:91:e9:71:f7:d1:89:52:ef:ca:6a:a9:ef:
a7:ba:a8:1e:63:a1:84:a3:21:84:51:df:5d:eb:1e:
5d:d0:36:d7:7e:50:e6:64:28:e7:d5:bd:a2:bc:c2:
c6:d6:db:8f:8f:58:d7:96:9e:f4:63:35:da:8f:a1:
64:40:f4:ad:78:d3:e5:08:b1:8f:47:2c:96:95:fd:
84:b3:69:16:d8:e6:41:a0:37:71:f1:ff:7e:1c:ef:
b9:df:d7:ea:ae:fb:8d:bf:22:59:40:91:95:00:24:
42:81:cc:82:df:81:ca:21:87:6c:3d:7d:c9:63:ce:
f0:63:cd:7c:58:7c:63:1f:aa:aa:b0:4f:6b:8d:bc:
e4:46:e1:39:b6:31:b7:5a:a4:d4:24:4c:b5:d9:45:
75:eb:c4:44:a5:2c:bb:22:c9:92:73:29:0c:95:06:
d6:ca:c2:3b:e9:2d:46:e6:2c:93:ea:76:ee:7c:06:
0d:c0:20:50:66:0e:e6:5c:53:78:59:fd:46:c3:1d:
0e:b4:02:36:23:3e:c7:b9:45:0c:34:d1:07:98:8d:
57:7b:d9:f5:69:8f:c7:7e:23:c5:58:4e:5d:6e:36:
d6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:20:1F:71:3A:4A:E1:EC:86:1B:9A:89:8F:1E:F7:F6:2A:F9:94:F3
X509v3 Authority Key Identifier:
keyid:9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS20940.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4546:1003::/48
Signature Algorithm: sha256WithRSAEncryption
52:67:74:cf:6f:77:47:e9:23:49:82:21:6e:d2:ca:84:7d:9e:
82:eb:ee:4e:c0:86:74:46:bd:f9:1b:71:61:6c:6e:11:11:4f:
33:90:35:b4:7b:22:70:5c:c4:6d:22:0c:7e:6a:e7:79:04:df:
84:1f:73:95:a0:1f:d1:6a:15:94:2e:ae:f1:2a:49:ce:35:a2:
a4:af:9d:42:45:71:16:15:d1:c0:3e:b7:a6:d4:56:33:2b:08:
3a:96:e0:e1:9b:b0:08:ac:87:56:47:8d:46:d6:e0:52:e8:92:
0c:b1:98:ae:b6:cb:07:d8:49:10:26:dc:ce:5f:84:33:21:93:
e0:0e:45:11:db:1e:08:81:79:bf:5d:b4:53:95:ba:7b:4d:9e:
15:31:a5:fe:2b:0b:c6:f4:8e:88:2b:0a:73:b6:4d:2a:56:88:
df:95:cd:24:57:20:43:ef:d1:93:b4:21:2f:f2:5f:24:cf:55:
b7:f1:73:67:19:54:46:54:55:6c:44:86:c3:75:1f:35:87:41:
b2:22:f5:64:d9:ae:ea:ed:1a:f0:d2:ff:92:d0:90:a3:d8:b8:
aa:2f:4a:7e:a8:f0:90:7e:28:11:d6:80:69:6c:c6:67:16:cc:
6d:0d:b5:aa:dd:ed:c3:73:8e:fa:3b:76:e4:71:e4:6b:18:d6:
57:5c:c2:05
-----BEGIN CERTIFICATE-----
MIIErzCCA5egAwIBAgIUDZ8ehfLO44P1bGLZBQQp4YJT+ZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JENjRGRkU0
QUVBNTFGNTAeFw0yNjA1MTExNzAzNDBaFw0yNzA1MTAxNzA4NDBaMDMxMTAvBgNV
BAMTKDRCMjAxRjcxM0E0QUUxRUM4NjFCOUE4OThGMUVGN0Y2MkFGOTk0RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnTePsYVbZdo1frgG3TVriPdG0
2NKLRFYj324SXcRoE5HpcffRiVLvymqp76e6qB5joYSjIYRR313rHl3QNtd+UOZk
KOfVvaK8wsbW24+PWNeWnvRjNdqPoWRA9K140+UIsY9HLJaV/YSzaRbY5kGgN3Hx
/34c77nf1+qu+42/IllAkZUAJEKBzILfgcohh2w9fcljzvBjzXxYfGMfqqqwT2uN
vORG4Tm2MbdapNQkTLXZRXXrxESlLLsiyZJzKQyVBtbKwjvpLUbmLJPqdu58Bg3A
IFBmDuZcU3hZ/UbDHQ60AjYjPse5RQw00QeYjVd72fVpj8d+I8VYTl1uNtZJAgMB
AAGjggG5MIIBtTAdBgNVHQ4EFgQUSyAfcTpK4eyGG5qJjx739ir5lPMwHwYDVR0j
BBgwFoAUmwHVpJZ1XfaayS/sO9ZP/krqUfUwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFJPRk9O
RC8wLzlCMDFENUE0OTY3NTVERjY5QUM5MkZFQzNCRDY0RkZFNEFFQTUxRjUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JE
NjRGRkU0QUVBNTFGNS5jZXIwTgYIKwYBBQUHAQsEQjBAMD4GCCsGAQUFBzALhjJy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BST0ZPTkQvMC9BUzIwOTQwLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAFFRhADMA0GCSqGSIb3DQEBCwUAA4IBAQBSZ3TPb3dH6SNJgiFu
0sqEfZ6C6+5OwIZ0Rr35G3FhbG4REU8zkDW0eyJwXMRtIgx+aud5BN+EH3OVoB/R
ahWULq7xKknONaKkr51CRXEWFdHAPrem1FYzKwg6luDhm7AIrIdWR41G1uBS6JIM
sZiutssH2EkQJtzOX4QzIZPgDkUR2x4IgXm/XbRTlbp7TZ4VMaX+KwvG9I6IKwpz
tk0qVojflc0kVyBD79GTtCEv8l8kz1W38XNnGVRGVFVsRIbDdR81h0GyIvVk2a7q
7Rrw0v+S0JCj2LiqL0p+qPCQfigR1oBpbMZnFsxtDbWq3e3Dc476O3bkceRrGNZX
XMIF
-----END CERTIFICATE-----
Generated at Tue May 12 23:04:35 2026 by rpki-client