$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-vHcKeybFE9RRLhbKLpEdQnCyvU.roa File: -vHcKeybFE9RRLhbKLpEdQnCyvU.roa (raw, json) Hash identifier: G9gbodpyX3DQULPNpSCy5I3A5q8h9eWoNipqfZTuF4M= Subject key identifier: FA:F1:DC:29:EC:9B:14:4F:51:44:B8:5B:28:BA:44:75:09:C2:CA:F5 Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB Certificate serial: 0E29 Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-vHcKeybFE9RRLhbKLpEdQnCyvU.roa Signing time: Fri 22 Aug 2025 08:51:59 +0000 ROA not before: Fri 22 Aug 2025 08:51:59 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18046 IP address blocks: 61.65.224.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3625 (0xe29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB Validity Not Before: Aug 22 08:51:59 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=FAF1DC29EC9B144F5144B85B28BA447509C2CAF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:be:c9:f5:95:09:9d:2d:a0:f8:90:84:fe:2c: 29:d9:a2:03:ea:a5:95:15:98:8f:ea:ac:12:48:98: a9:66:09:a2:08:05:09:ac:fa:64:73:61:cf:8c:b6: 6d:75:73:65:9d:dd:f3:19:db:01:31:f1:16:f3:e9: 0e:e8:e5:a1:41:a4:8e:d2:da:f4:c0:34:51:be:00: 7c:09:8d:f3:a3:d2:1d:5e:b9:bb:c6:8b:a5:d5:4f: c3:7f:20:31:08:f9:d8:b1:a4:92:4a:f7:83:7e:4b: 89:f8:de:35:4b:89:eb:72:8a:0a:38:32:c3:55:a2: ff:0a:cf:1f:4a:af:55:5b:c0:09:b6:6b:2d:53:de: 01:3c:14:5a:07:71:2f:72:7e:36:ce:0c:74:b7:79: 20:56:1a:cb:f5:7a:ee:fb:57:93:e4:e0:c4:34:2a: 95:c5:a1:ce:99:1b:b9:9f:51:3e:b6:cb:69:a2:d9: a1:60:89:eb:60:ed:d2:c1:8c:58:23:75:70:19:ea: ca:57:1e:07:49:4d:b8:38:b9:28:88:c4:37:ec:f8: ef:d7:ce:ec:ad:3e:01:93:55:ee:fd:66:5f:7f:2a: b5:48:2a:9a:62:f1:63:f1:ad:d6:14:01:de:eb:27: 11:f1:d7:df:77:be:c3:84:62:08:92:67:f7:07:43: 87:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:F1:DC:29:EC:9B:14:4F:51:44:B8:5B:28:BA:44:75:09:C2:CA:F5 X509v3 Authority Key Identifier: keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-vHcKeybFE9RRLhbKLpEdQnCyvU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.65.224.0/19 Signature Algorithm: sha256WithRSAEncryption 75:a2:03:df:fd:11:f4:93:49:c3:1b:b5:f1:5c:be:37:20:e9: cc:d2:fa:17:0a:c7:c8:b7:79:cf:2e:94:ed:24:98:49:8f:ea: a2:0b:cb:8d:57:89:88:12:d0:2a:e3:87:4b:f7:44:10:36:6c: 6e:e5:2d:a5:a6:5d:82:94:d8:b9:c0:28:1f:4a:70:d0:de:7a: fd:8f:d9:c3:0c:6b:92:32:9b:d8:03:fe:7c:e9:63:e3:e5:dc: 81:15:aa:aa:b8:49:ba:7d:95:63:8d:9e:f1:80:90:6e:18:34: 6e:94:05:c5:5f:57:f7:b6:b9:3c:9b:88:9f:3e:b6:57:89:e9: ff:ed:84:42:74:70:af:0c:e6:30:b2:36:93:b3:4e:01:61:68: 8e:5b:67:86:db:80:b5:09:b9:00:33:af:b0:ee:de:3b:18:09: 65:72:03:b5:61:7d:80:61:f0:e5:4f:47:e4:f5:79:14:d4:ad: 14:42:19:80:74:2f:9b:ae:18:42:d6:34:05:16:65:b5:4b:9b: b7:8c:f4:d0:eb:2a:d6:d7:01:9d:cb:68:4f:2b:8b:9d:f7:04: 8e:58:71:7b:29:5b:b6:6c:bc:1e:a3:fe:45:f3:06:62:a9:07: ba:cb:4a:4e:56:c6:18:5f:e4:fb:7b:0a:3e:85:df:b4:7c:05: 96:47:84:e7 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3 ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yNTA4MjIw ODUxNTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEZBRjFEQzI5RUM5QjE0 NEY1MTQ0Qjg1QjI4QkE0NDc1MDlDMkNBRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpvsn1lQmdLaD4kIT+LCnZogPqpZUVmI/qrBJImKlmCaIIBQms +mRzYc+Mtm11c2Wd3fMZ2wEx8Rbz6Q7o5aFBpI7S2vTANFG+AHwJjfOj0h1eubvG i6XVT8N/IDEI+dixpJJK94N+S4n43jVLietyigo4MsNVov8Kzx9Kr1VbwAm2ay1T 3gE8FFoHcS9yfjbODHS3eSBWGsv1eu77V5Pk4MQ0KpXFoc6ZG7mfUT62y2mi2aFg ietg7dLBjFgjdXAZ6spXHgdJTbg4uSiIxDfs+O/XzuytPgGTVe79Zl9/KrVIKppi 8WPxrdYUAd7rJxHx1993vsOEYgiSZ/cHQ4eJAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU+vHcKeybFE9RRLhbKLpEdQnCyvUwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy8tdkhjS2V5YkZFOVJS TGhiS0xwRWRRbkN5dlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQFPUHgMA0GCSqGSIb3DQEBCwUAA4IBAQB1ogPf/RH0k0nDG7XxXL43IOnM0voX CsfIt3nPLpTtJJhJj+qiC8uNV4mIEtAq44dL90QQNmxu5S2lpl2ClNi5wCgfSnDQ 3nr9j9nDDGuSMpvYA/586WPj5dyBFaqquEm6fZVjjZ7xgJBuGDRulAXFX1f3trk8 m4ifPrZXien/7YRCdHCvDOYwsjaTs04BYWiOW2eG24C1CbkAM6+w7t47GAllcgO1 YX2AYfDlT0fk9XkU1K0UQhmAdC+brhhC1jQFFmW1S5u3jPTQ6yrW1wGdy2hPK4ud 9wSOWHF7KVu2bLweo/5F8wZiqQe6y0pOVsYYX+T7ewo+hd+0fAWWR4Tn -----END CERTIFICATE-----Generated at Sun Aug 24 09:04:28 2025 by rpki-client