$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/gHaVKi8xLLKFJRoA0KQiBmieMzA.roa File: gHaVKi8xLLKFJRoA0KQiBmieMzA.roa (raw, json) Hash identifier: el0ktKWaAGh7hfupnG8X7NA9URTnfoeeNVex7p7+hH4= Subject key identifier: 80:76:95:2A:2F:31:2C:B2:85:25:1A:00:D0:A4:22:06:68:9E:33:30 Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Certificate serial: 0D3B Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/gHaVKi8xLLKFJRoA0KQiBmieMzA.roa Signing time: Fri 22 Aug 2025 08:58:38 +0000 ROA not before: Fri 22 Aug 2025 08:58:38 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131143 IP address blocks: 103.126.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3387 (0xd3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Validity Not Before: Aug 22 08:58:38 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8076952A2F312CB285251A00D0A42206689E3330 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:25:0b:12:e1:f7:34:01:24:1d:95:b5:ab:27: 81:c2:a0:26:58:9b:0c:ab:e5:63:22:cd:90:7d:39: 28:29:88:0d:54:75:5a:32:92:9f:f5:73:b2:44:24: dd:8b:d8:9f:7e:9b:99:11:ca:68:8d:47:c1:dd:a7: c2:46:58:63:08:51:e5:f3:e5:5f:c3:1c:aa:83:bd: b3:aa:6a:d6:2a:63:ea:b7:21:45:fc:28:de:d2:58: d2:97:01:91:77:59:7d:89:61:f1:de:7d:2a:d9:41: 46:5d:7c:ee:a9:0a:52:76:19:2b:8d:5a:40:40:a0: 39:df:f4:ca:b7:7b:0e:9b:ba:08:1b:49:a3:bd:e7: 58:0b:3e:27:29:b1:ff:97:83:1a:16:4b:3f:e4:06: b3:c5:eb:3b:33:e5:92:43:57:5b:3a:c0:47:e7:dc: 30:91:f1:8c:05:b4:69:f0:e2:1b:78:59:41:cc:50: c1:fb:18:7e:e0:75:2a:47:42:0f:cf:7c:38:60:1c: 33:c4:3d:43:52:42:1a:93:fc:ae:1b:e8:83:76:b7: 9f:58:8d:2b:e1:b4:29:9e:38:95:90:fb:7c:e5:3a: 36:21:34:7b:c4:3d:24:ed:71:99:64:0d:44:bb:2f: ef:db:a0:ad:1d:62:25:57:4a:7b:c6:bb:25:49:23: 9b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:76:95:2A:2F:31:2C:B2:85:25:1A:00:D0:A4:22:06:68:9E:33:30 X509v3 Authority Key Identifier: keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/gHaVKi8xLLKFJRoA0KQiBmieMzA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.164.0/22 Signature Algorithm: sha256WithRSAEncryption 63:e5:0a:eb:e5:8b:2f:9f:46:53:e3:da:38:c8:7a:69:d2:61: 3d:2d:b5:35:bf:8a:2d:42:73:2c:2d:98:52:e8:22:b0:19:87: 31:27:8e:4d:d1:2d:91:43:be:a7:9a:24:90:0b:71:8f:7d:e3: f3:f6:29:81:27:f4:95:41:9e:94:63:e1:75:d2:28:a9:8f:75: 5c:51:46:64:a8:3e:5d:99:c8:66:04:d1:ce:76:35:73:3f:c7: 3a:a6:27:ae:91:a9:6f:06:27:7f:a2:d6:ee:c8:e6:28:e1:df: 33:42:40:9c:f6:59:52:b1:98:2d:b5:02:67:d6:29:dc:92:7f: 60:c5:25:ea:3c:1b:31:e3:6c:e7:34:68:e9:5a:85:c2:08:35: 72:69:fa:bb:c6:5a:f8:93:10:f4:51:8d:65:39:50:56:d7:2f: 95:b4:f2:07:86:c3:3b:ac:7d:5b:90:5b:b7:a8:40:63:13:52: 51:d1:b8:56:bd:73:91:5e:d6:08:c1:8f:bb:c2:d4:7f:33:58: d4:b3:90:b4:1c:60:47:17:d9:ea:b5:1f:27:01:e0:98:20:f4: 61:b9:d2:7d:d6:ea:03:f1:07:ba:15:cd:74:da:7d:c6:e0:d5: 39:25:61:0d:c4:65:b3:35:59:e8:74:14:01:99:7a:b0:4d:23: f3:10:1a:0f -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yNTA4MjIw ODU4MzhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDgwNzY5NTJBMkYzMTJD QjI4NTI1MUEwMEQwQTQyMjA2Njg5RTMzMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbJQsS4fc0ASQdlbWrJ4HCoCZYmwyr5WMizZB9OSgpiA1UdVoy kp/1c7JEJN2L2J9+m5kRymiNR8Hdp8JGWGMIUeXz5V/DHKqDvbOqatYqY+q3IUX8 KN7SWNKXAZF3WX2JYfHefSrZQUZdfO6pClJ2GSuNWkBAoDnf9Mq3ew6buggbSaO9 51gLPicpsf+XgxoWSz/kBrPF6zsz5ZJDV1s6wEfn3DCR8YwFtGnw4ht4WUHMUMH7 GH7gdSpHQg/PfDhgHDPEPUNSQhqT/K4b6IN2t59YjSvhtCmeOJWQ+3zlOjYhNHvE PSTtcZlkDUS7L+/boK0dYiVXSnvGuyVJI5uNAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUgHaVKi8xLLKFJRoA0KQiBmieMzAwHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE 1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1QvZ0hhVktpOHhM TEtGSlJvQTBLUWlCbWllTXpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmd+pDANBgkqhkiG9w0BAQsFAAOCAQEAY+UK6+WLL59GU+PaOMh6adJh PS21Nb+KLUJzLC2YUugisBmHMSeOTdEtkUO+p5okkAtxj33j8/YpgSf0lUGelGPh ddIoqY91XFFGZKg+XZnIZgTRznY1cz/HOqYnrpGpbwYnf6LW7sjmKOHfM0JAnPZZ UrGYLbUCZ9Yp3JJ/YMUl6jwbMeNs5zRo6VqFwgg1cmn6u8Za+JMQ9FGNZTlQVtcv lbTyB4bDO6x9W5Bbt6hAYxNSUdG4Vr1zkV7WCMGPu8LUfzNY1LOQtBxgRxfZ6rUf JwHgmCD0YbnSfdbqA/EHuhXNdNp9xuDVOSVhDcRlszVZ6HQUAZl6sE0j8xAaDw== -----END CERTIFICATE-----Generated at Sun Aug 24 11:39:41 2025 by rpki-client