Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PROFOND/0/AS24163.roa
File: AS24163.roa (raw, json)
Hash identifier: 9lSdpz0zEsjYqlA3fg9asDJRD27zJFvKpKMcTzg3usY=
Subject key identifier: F3:D3:4A:B9:0A:F5:79:C5:E5:42:14:AC:AA:B4:4B:FB:36:AF:5D:30
Certificate issuer: /CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Certificate serial: 0C1E216EE8A2096B1C87064A792C272D0ADBC532
Authority key identifier: 9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS24163.roa
Signing time: Mon 11 May 2026 17:26:59 +0000
ROA not before: Mon 11 May 2026 17:21:59 +0000
ROA not after: Mon 10 May 2027 17:26:59 +0000
asID: 24163
IP address blocks: 60.198.32.0/22 maxlen: 24
60.198.32.0/23 maxlen: 24
60.198.36.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1e:21:6e:e8:a2:09:6b:1c:87:06:4a:79:2c:27:2d:0a:db:c5:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Validity
Not Before: May 11 17:21:59 2026 GMT
Not After : May 10 17:26:59 2027 GMT
Subject: CN=F3D34AB90AF579C5E54214ACAAB44BFB36AF5D30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7b:df:35:53:dc:72:03:e5:a7:5b:00:ac:64:
21:7c:48:1a:a0:fd:15:7f:e8:03:75:65:a8:17:45:
c4:bb:9f:40:d5:f1:76:55:d2:e8:ee:d1:71:19:a6:
b9:e3:7c:9b:3a:e4:ff:45:42:79:fe:c9:f1:ba:48:
e8:23:be:83:09:cb:44:f4:ac:c1:da:eb:db:37:3e:
17:2d:e1:16:9a:14:d3:f6:f4:cd:e9:1c:62:a7:50:
65:b6:2e:53:c8:64:98:1d:a6:74:65:b6:a8:6c:4a:
1f:75:a1:20:b1:28:77:63:a5:2f:03:2a:56:90:fa:
91:6b:d1:e3:5c:06:90:05:8a:ab:ac:5c:0c:fb:51:
e8:00:90:b6:c8:d3:fb:ca:b1:3f:b4:90:c1:6a:a3:
8f:44:fd:01:87:9e:6b:59:a9:0e:3d:53:d8:0b:ac:
90:ec:a1:a5:32:e2:9a:22:8c:87:5c:16:18:df:71:
9e:aa:ab:42:e4:df:c2:63:b4:7b:fc:2a:c2:ca:94:
72:34:80:b1:95:cb:69:40:0a:52:df:96:5f:a1:7c:
91:54:58:c7:3f:27:47:23:90:24:26:74:9c:aa:ac:
a2:49:e4:06:2e:2c:24:a6:45:2c:12:35:41:d3:a7:
07:f9:94:72:14:0d:48:78:91:e4:81:54:e2:5e:30:
76:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D3:4A:B9:0A:F5:79:C5:E5:42:14:AC:AA:B4:4B:FB:36:AF:5D:30
X509v3 Authority Key Identifier:
keyid:9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS24163.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.198.32.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:4f:68:21:40:5c:05:aa:cd:34:34:34:34:36:da:68:32:b5:
08:06:51:8f:af:95:5a:a0:f7:19:8d:3e:8e:a9:44:16:8c:22:
15:c0:b2:0e:3d:a8:27:78:81:5c:0e:de:aa:a9:b8:c9:cc:60:
6e:b0:53:8d:7f:1a:38:d8:c3:89:f3:0d:d2:05:07:c2:fe:02:
63:79:63:f2:0b:5b:79:d4:54:8b:85:34:cd:9a:51:d0:3f:12:
6b:8e:8b:ab:65:fb:77:3b:cb:57:8b:1c:ab:de:b0:78:d8:f1:
5d:d1:c2:a5:e3:83:4c:78:df:82:13:98:0d:d0:8e:1b:77:e3:
23:c0:4f:7d:45:fc:79:a2:a9:64:1f:03:a9:96:d4:44:33:cc:
6b:a9:99:2c:82:92:aa:5c:27:02:52:fa:4e:5e:99:8e:1d:3a:
08:80:46:ff:97:59:76:91:19:74:12:b0:33:4f:a9:c3:3e:29:
d3:9d:80:dd:00:af:de:fb:ea:14:2e:1e:5d:9c:60:d0:b5:32:
7d:3c:5e:05:ce:4b:ef:e0:2e:82:8c:ea:e2:2d:8a:7f:cb:2e:
ed:44:ac:3d:f4:94:90:b8:19:81:55:c6:c0:59:e8:97:7a:ed:
d5:81:01:22:9b:c9:eb:37:2e:08:d8:9f:93:41:f0:6f:76:e9:
d0:77:06:5e
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIUDB4hbuiiCWschwZKeSwnLQrbxTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JENjRGRkU0
QUVBNTFGNTAeFw0yNjA1MTExNzIxNTlaFw0yNzA1MTAxNzI2NTlaMDMxMTAvBgNV
BAMTKEYzRDM0QUI5MEFGNTc5QzVFNTQyMTRBQ0FBQjQ0QkZCMzZBRjVEMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbe981U9xyA+WnWwCsZCF8SBqg
/RV/6AN1ZagXRcS7n0DV8XZV0uju0XEZprnjfJs65P9FQnn+yfG6SOgjvoMJy0T0
rMHa69s3Phct4RaaFNP29M3pHGKnUGW2LlPIZJgdpnRltqhsSh91oSCxKHdjpS8D
KlaQ+pFr0eNcBpAFiqusXAz7UegAkLbI0/vKsT+0kMFqo49E/QGHnmtZqQ49U9gL
rJDsoaUy4poijIdcFhjfcZ6qq0Lk38JjtHv8KsLKlHI0gLGVy2lAClLfll+hfJFU
WMc/J0cjkCQmdJyqrKJJ5AYuLCSmRSwSNUHTpwf5lHIUDUh4keSBVOJeMHZlAgMB
AAGjggG2MIIBsjAdBgNVHQ4EFgQU89NKuQr1ecXlQhSsqrRL+zavXTAwHwYDVR0j
BBgwFoAUmwHVpJZ1XfaayS/sO9ZP/krqUfUwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFJPRk9O
RC8wLzlCMDFENUE0OTY3NTVERjY5QUM5MkZFQzNCRDY0RkZFNEFFQTUxRjUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JE
NjRGRkU0QUVBNTFGNS5jZXIwTgYIKwYBBQUHAQsEQjBAMD4GCCsGAQUFBzALhjJy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BST0ZPTkQvMC9BUzI0MTYzLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDPMYgMA0GCSqGSIb3DQEBCwUAA4IBAQA9T2ghQFwFqs00NDQ0Ntpo
MrUIBlGPr5VaoPcZjT6OqUQWjCIVwLIOPagneIFcDt6qqbjJzGBusFONfxo42MOJ
8w3SBQfC/gJjeWPyC1t51FSLhTTNmlHQPxJrjourZft3O8tXixyr3rB42PFd0cKl
44NMeN+CE5gN0I4bd+MjwE99Rfx5oqlkHwOpltREM8xrqZksgpKqXCcCUvpOXpmO
HToIgEb/l1l2kRl0ErAzT6nDPinTnYDdAK/e++oULh5dnGDQtTJ9PF4Fzkvv4C6C
jOriLYp/yy7tRKw99JSQuBmBVcbAWeiXeu3VgQEim8nrNy4I2J+TQfBvdunQdwZe
-----END CERTIFICATE-----
Generated at Tue May 12 23:04:27 2026 by rpki-client