Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/PROFOND/0/AS9924.roa
File: AS9924.roa (raw, json)
Hash identifier: Doml2lPoEKapy33lmKSoH0QBWU/HPBkeZaZ/j+Xwv+w=
Subject key identifier: 33:98:51:3C:9A:CF:1F:24:1A:ED:FE:26:8F:81:7B:2E:E5:BC:77:5A
Certificate issuer: /CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Certificate serial: 5B3D74B8D776E70CF94429F557DFAC2788D78719
Authority key identifier: 9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS9924.roa
Signing time: Wed 10 Jun 2026 10:23:49 +0000
ROA not before: Wed 10 Jun 2026 10:18:49 +0000
ROA not after: Wed 09 Jun 2027 10:23:49 +0000
asID: 9924
IP address blocks: 43.240.24.0/22 maxlen: 24
49.214.0.0/15 maxlen: 24
49.216.0.0/14 maxlen: 24
60.198.0.0/16 maxlen: 24
60.198.160.0/19 maxlen: 24
60.199.0.0/16 maxlen: 24
60.199.107.0/24 maxlen: 32
60.199.110.0/24 maxlen: 32
60.199.134.0/24 maxlen: 32
60.199.140.0/24 maxlen: 32
60.199.147.0/24 maxlen: 32
60.199.162.0/24 maxlen: 32
60.199.168.0/24 maxlen: 32
60.199.171.0/24 maxlen: 32
60.199.176.0/24 maxlen: 32
60.199.193.0/24 maxlen: 32
60.199.212.0/24 maxlen: 32
60.199.224.0/24 maxlen: 32
60.199.235.0/24 maxlen: 32
61.30.0.0/16 maxlen: 24
61.30.239.0/24 maxlen: 32
61.31.0.0/16 maxlen: 24
61.31.197.0/24 maxlen: 32
61.57.0.0/19 maxlen: 24
103.224.132.0/22 maxlen: 24
124.8.0.0/14 maxlen: 24
124.9.64.0/18 maxlen: 24
124.12.0.0/16 maxlen: 24
124.108.128.0/18 maxlen: 32
175.96.0.0/14 maxlen: 24
175.99.72.0/24 maxlen: 32
202.132.0.0/16 maxlen: 24
202.145.32.0/19 maxlen: 24
202.145.64.0/18 maxlen: 24
202.145.128.0/17 maxlen: 24
203.65.160.0/19 maxlen: 24
203.77.0.0/19 maxlen: 24
203.77.32.0/19 maxlen: 24
203.77.64.0/18 maxlen: 24
203.105.224.0/19 maxlen: 24
203.211.0.0/19 maxlen: 24
210.17.0.0/17 maxlen: 24
210.17.7.0/24 maxlen: 32
210.17.13.0/24 maxlen: 32
210.17.16.0/24 maxlen: 32
210.17.17.0/24 maxlen: 32
210.17.19.0/24 maxlen: 32
210.17.20.0/24 maxlen: 32
210.17.35.0/24 maxlen: 32
210.17.43.0/24 maxlen: 32
210.17.49.0/24 maxlen: 32
210.17.50.0/24 maxlen: 32
210.17.51.0/24 maxlen: 32
210.17.72.0/24 maxlen: 32
210.17.73.0/24 maxlen: 32
210.17.76.0/22 maxlen: 32
210.17.80.0/20 maxlen: 32
210.17.96.0/22 maxlen: 32
210.17.100.0/23 maxlen: 32
210.17.104.0/21 maxlen: 32
210.17.112.0/20 maxlen: 32
210.62.0.0/18 maxlen: 24
210.62.0.0/19 maxlen: 24
210.62.32.0/19 maxlen: 24
210.62.192.0/19 maxlen: 24
210.63.128.0/19 maxlen: 24
210.63.160.0/19 maxlen: 24
210.67.144.0/20 maxlen: 24
210.67.144.0/20 maxlen: 25
210.67.160.0/19 maxlen: 24
210.67.192.0/19 maxlen: 24
210.67.192.0/20 maxlen: 24
210.67.208.0/20 maxlen: 24
210.192.0.0/18 maxlen: 24
210.192.128.0/17 maxlen: 24
210.208.96.0/19 maxlen: 24
210.208.192.0/18 maxlen: 24
210.243.64.0/19 maxlen: 24
210.243.96.0/19 maxlen: 24
211.78.208.0/20 maxlen: 24
211.79.0.0/19 maxlen: 24
219.80.0.0/15 maxlen: 24
219.80.0.0/16 maxlen: 24
219.81.0.0/16 maxlen: 24
219.86.0.0/15 maxlen: 24
2001:c50::/32 maxlen: 48
2001:4540::/27 maxlen: 64
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 00:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3d:74:b8:d7:76:e7:0c:f9:44:29:f5:57:df:ac:27:88:d7:87:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5
Validity
Not Before: Jun 10 10:18:49 2026 GMT
Not After : Jun 9 10:23:49 2027 GMT
Subject: CN=3398513C9ACF1F241AEDFE268F817B2EE5BC775A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:79:dd:40:12:a4:cb:54:fe:96:37:da:6a:27:
b7:db:70:2a:7e:31:10:c3:f5:f2:78:e4:73:e4:7a:
37:17:b0:db:d5:9f:b4:90:52:39:2b:04:09:75:44:
d3:25:67:20:cc:5e:d6:80:02:49:ce:55:bc:f4:79:
35:fe:cb:9d:87:a2:81:4f:41:dd:c7:68:78:1e:4d:
bc:82:af:f9:75:b9:91:14:18:66:d4:cb:0a:3a:23:
81:ff:e9:45:6e:a9:e0:dc:d9:08:9c:cf:36:49:ec:
ce:09:6d:e5:8b:4e:bf:c5:d3:93:0b:6d:22:33:06:
c4:11:56:42:e0:29:31:4e:d3:f1:f0:81:75:f1:7e:
b6:28:b8:61:ec:0e:f2:ba:d8:a6:51:ac:50:b1:cf:
a3:35:8d:e5:a3:73:0b:7b:f4:88:a0:52:9d:9a:28:
cd:30:5c:e2:3d:c7:2c:ad:ac:98:0b:d9:f1:ec:29:
07:a7:e9:65:1b:7f:75:68:10:60:df:8d:e7:13:7b:
bd:00:1b:f2:3e:31:a8:66:b5:f0:88:46:1b:07:11:
79:95:50:78:55:ef:5f:01:4a:26:9b:e0:8b:b4:01:
75:3a:c7:6b:34:89:8f:f9:e2:bd:c7:9f:c2:b7:a7:
a3:97:2c:c3:80:92:04:46:bf:03:a2:37:79:ed:70:
41:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:98:51:3C:9A:CF:1F:24:1A:ED:FE:26:8F:81:7B:2E:E5:BC:77:5A
X509v3 Authority Key Identifier:
keyid:9B:01:D5:A4:96:75:5D:F6:9A:C9:2F:EC:3B:D6:4F:FE:4A:EA:51:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/9B01D5A496755DF69AC92FEC3BD64FFE4AEA51F5.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/PROFOND/0/AS9924.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.24.0/22
49.214.0.0-49.219.255.255
60.198.0.0/15
61.30.0.0/15
61.57.0.0/19
103.224.132.0/22
124.8.0.0-124.12.255.255
124.108.128.0/18
175.96.0.0/14
202.132.0.0/16
202.145.32.0-202.145.255.255
203.65.160.0/19
203.77.0.0/17
203.105.224.0/19
203.211.0.0/19
210.17.0.0/17
210.62.0.0/18
210.62.192.0/19
210.63.128.0/18
210.67.144.0-210.67.223.255
210.192.0.0/18
210.192.128.0/17
210.208.96.0/19
210.208.192.0/18
210.243.64.0/18
211.78.208.0/20
211.79.0.0/19
219.80.0.0/15
219.86.0.0/15
IPv6:
2001:c50::/32
2001:4540::/27
Signature Algorithm: sha256WithRSAEncryption
41:fe:94:2c:92:72:80:98:63:87:9f:2a:ab:a7:aa:5b:d6:12:
fd:91:46:45:57:40:c7:ed:c1:59:e8:7e:66:76:59:07:0d:e8:
81:42:38:5e:00:6f:1d:70:a0:e7:b8:87:ca:65:60:c3:de:98:
a7:d0:97:79:5b:7b:57:86:31:07:99:76:55:7e:7b:a8:27:5c:
6b:6a:e2:5e:44:44:19:7e:ed:9f:f1:3d:7c:d5:bb:70:16:6f:
ab:80:ad:d8:ba:2b:07:dd:67:d9:d3:18:bf:57:59:17:1b:8d:
a4:f8:03:6b:24:99:15:22:dc:46:5e:18:9e:af:62:bd:52:36:
e2:ac:16:e6:1c:7c:4d:fc:19:7d:5a:16:8f:e2:98:d3:36:67:
4c:84:09:87:57:1f:6e:2d:2f:bd:c8:17:bd:d0:52:16:27:2b:
0a:e8:13:ae:5a:5e:5d:21:e2:78:ee:bb:07:e9:19:f7:65:97:
e2:f3:4c:08:29:2a:af:18:c8:e5:38:c6:f5:ab:b4:a7:27:94:
41:14:b1:42:b0:37:41:a1:dd:74:af:af:ea:96:de:30:7e:57:
12:30:ba:d2:cb:d1:32:bd:c8:1a:5b:45:c1:76:91:e3:20:81:
d7:a5:9b:79:db:6b:76:2e:38:41:31:c8:63:63:f3:34:4d:8f:
57:8a:37:da
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUWz10uNd25wz5RCn1V9+sJ4jXhxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JENjRGRkU0
QUVBNTFGNTAeFw0yNjA2MTAxMDE4NDlaFw0yNzA2MDkxMDIzNDlaMDMxMTAvBgNV
BAMTKDMzOTg1MTNDOUFDRjFGMjQxQUVERkUyNjhGODE3QjJFRTVCQzc3NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMed1AEqTLVP6WN9pqJ7fbcCp+
MRDD9fJ45HPkejcXsNvVn7SQUjkrBAl1RNMlZyDMXtaAAknOVbz0eTX+y52HooFP
Qd3HaHgeTbyCr/l1uZEUGGbUywo6I4H/6UVuqeDc2QiczzZJ7M4JbeWLTr/F05ML
bSIzBsQRVkLgKTFO0/HwgXXxfrYouGHsDvK62KZRrFCxz6M1jeWjcwt79IigUp2a
KM0wXOI9xyytrJgL2fHsKQen6WUbf3VoEGDfjecTe70AG/I+MahmtfCIRhsHEXmV
UHhV718BSiab4Iu0AXU6x2s0iY/54r3Hn8K3p6OXLMOAkgRGvwOiN3ntcEHhAgMB
AAGjggKNMIICiTAdBgNVHQ4EFgQUM5hRPJrPHyQa7f4mj4F7LuW8d1owHwYDVR0j
BBgwFoAUmwHVpJZ1XfaayS/sO9ZP/krqUfUwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvUFJPRk9O
RC8wLzlCMDFENUE0OTY3NTVERjY5QUM5MkZFQzNCRDY0RkZFNEFFQTUxRjUuY3Js
MG8GCCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHdu
aWMudHcvcnBraS9UV05JQ0NBLzEvOUIwMUQ1QTQ5Njc1NURGNjlBQzkyRkVDM0JE
NjRGRkU0QUVBNTFGNS5jZXIwTQYIKwYBBQUHAQsEQTA/MD0GCCsGAQUFBzALhjFy
c3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1BST0ZPTkQvMC9BUzk5MjQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwgfYGCCsGAQUFBwEHAQH/BIHmMIHj
MIHKBAIAATCBwwMEAivwGDAKAwMBMdYDAwIx2AMDATzGAwMBPR4DBAU9OQADBAJn
4IQwCgMDA3wIAwMAfAwDBAZ8bIADAwKvYAMDAMqEMAsDBAXKkSADAwHKkAMEBctB
oAMEB8tNAAMEBctp4AMEBcvTAAMEB9IRAAMEBtI+AAMEBdI+wAMEBtI/gDAMAwQE
0kOQAwQF0kPAAwQG0sAAAwQH0sCAAwQF0tBgAwQG0tDAAwQG0vNAAwQE007QAwQF
008AAwMB21ADAwHbVjAUBAIAAjAOAwUAIAEMUAMFBSABRUAwDQYJKoZIhvcNAQEL
BQADggEBAEH+lCyScoCYY4efKqunqlvWEv2RRkVXQMftwVnofmZ2WQcN6IFCOF4A
bx1woOe4h8plYMPemKfQl3lbe1eGMQeZdlV+e6gnXGtq4l5ERBl+7Z/xPXzVu3AW
b6uArdi6KwfdZ9nTGL9XWRcbjaT4A2skmRUi3EZeGJ6vYr1SNuKsFuYcfE38GX1a
Fo/imNM2Z0yECYdXH24tL73IF73QUhYnKwroE65aXl0h4njuuwfpGfdll+LzTAgp
Kq8YyOU4xvWrtKcnlEEUsUKwN0Gh3XSvr+qW3jB+VxIwutLL0TK9yBpbRcF2keMg
gdelm3nba3YuOEExyGNj8zRNj1eKN9o=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:38:28 2026 by rpki-client