$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/hCXE-yMynnc-O5SnDg4xQsiiDlY.roa File: hCXE-yMynnc-O5SnDg4xQsiiDlY.roa (raw, json) Hash identifier: 1f47Y9rzWHzbhywxPuxOBpSIk/x8EjjcFF8tmIscRUk= Subject key identifier: 84:25:C4:FB:23:32:9E:77:3E:3B:94:A7:0E:0E:31:42:C8:A2:0E:56 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 140F Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hCXE-yMynnc-O5SnDg4xQsiiDlY.roa Signing time: Fri 22 Aug 2025 09:00:02 +0000 ROA not before: Fri 22 Aug 2025 09:00:02 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18412 IP address blocks: 2401:e180::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5135 (0x140f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:02 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8425C4FB23329E773E3B94A70E0E3142C8A20E56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:89:ca:9e:19:13:61:96:f8:c9:be:84:65:fc: 60:bf:10:e3:ba:a0:0c:bc:fa:0d:1b:b7:f9:ca:31: 87:68:84:36:da:0f:6e:1e:01:f6:fc:e7:0a:5f:49: 38:37:66:ab:98:90:fb:3f:c1:3c:34:6c:83:1c:ca: 7a:0d:82:c0:f1:01:fd:62:b5:54:bf:b7:0f:4b:1c: d1:cf:ea:d1:00:13:f4:75:32:3e:d5:77:bb:6b:72: 02:44:3d:f9:4f:ec:8f:69:8b:52:b9:1d:8f:18:78: da:63:36:7d:79:73:b2:77:64:d9:be:99:8a:ca:9d: de:bd:40:c5:25:34:5c:65:be:3b:1e:47:1f:05:40: 9d:0a:c1:0f:3b:81:85:27:1e:61:77:db:0e:bb:74: 4c:7c:f0:96:cd:5b:0c:53:31:2e:6e:f9:fa:a6:28: 09:58:61:58:da:09:b5:a8:d7:8b:76:7d:9e:95:44: e1:27:86:cc:d4:16:20:69:b0:ca:46:c5:c8:70:b5: d8:68:a6:78:e5:65:67:e5:b4:e2:4b:41:12:6c:a7: 30:f9:90:12:3e:03:42:ca:33:92:a0:5d:e8:4c:5b: 2a:47:73:5a:37:c4:db:5a:ac:fd:0f:71:85:c9:55: 30:6d:fc:a5:9d:cc:ef:45:05:9f:d2:79:85:8e:a2: a9:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:25:C4:FB:23:32:9E:77:3E:3B:94:A7:0E:0E:31:42:C8:A2:0E:56 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hCXE-yMynnc-O5SnDg4xQsiiDlY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2401:e180::/32 Signature Algorithm: sha256WithRSAEncryption 1d:81:0e:c0:80:f5:b7:96:7f:ff:cf:8b:68:f8:fe:82:8b:71: 20:c4:ff:36:a7:ec:c7:dd:00:54:dc:35:63:05:50:4c:20:13: f3:f3:e0:df:67:59:ab:47:d3:f9:63:29:df:b5:7f:10:b3:db: 2f:0b:7e:8f:85:96:bf:e2:9d:4d:d0:0c:89:db:09:ea:31:3f: e9:6a:16:1e:86:5a:07:3d:49:3d:17:b9:e2:1a:db:7f:df:8a: f3:ef:8f:6e:c4:fd:2f:08:15:9e:92:59:91:65:d5:b7:68:36: 56:44:31:00:a6:e3:c3:12:32:24:2b:26:7b:a5:1c:7a:67:5e: 31:5c:d4:d6:32:00:62:2a:ae:7d:a5:94:b0:d8:ff:6c:04:7f: 6a:48:3d:8b:6a:97:04:5f:3f:17:5a:e0:33:3b:f7:4e:e6:91: 6a:db:85:6f:f6:a8:d5:42:14:40:27:b2:92:98:6d:88:0a:cc: 02:cf:b4:42:4c:2c:8e:95:e0:e7:ea:31:00:90:06:9f:dc:55: 08:08:0e:f2:a1:fa:0c:70:ac:3d:6a:6b:03:d7:eb:b9:39:a0: 6c:57:26:00:0c:11:19:75:a0:09:41:3f:73:53:a8:03:9a:35: c9:e7:d9:a7:36:39:b2:7e:cb:38:50:7b:cd:4c:73:5e:19:2c: 92:5a:04:4a -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICFA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg0MjVDNEZCMjMzMjlF NzczRTNCOTRBNzBFMEUzMTQyQzhBMjBFNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEicqeGRNhlvjJvoRl/GC/EOO6oAy8+g0bt/nKMYdohDbaD24e Afb85wpfSTg3ZquYkPs/wTw0bIMcynoNgsDxAf1itVS/tw9LHNHP6tEAE/R1Mj7V d7trcgJEPflP7I9pi1K5HY8YeNpjNn15c7J3ZNm+mYrKnd69QMUlNFxlvjseRx8F QJ0KwQ87gYUnHmF32w67dEx88JbNWwxTMS5u+fqmKAlYYVjaCbWo14t2fZ6VROEn hszUFiBpsMpGxchwtdhopnjlZWfltOJLQRJspzD5kBI+A0LKM5KgXehMWypHc1o3 xNtarP0PcYXJVTBt/KWdzO9FBZ/SeYWOoqmhAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUhCXE+yMynnc+O5SnDg4xQsiiDlYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2hDWEUteU15bm5jLU81U25EZzR4UXNp aURsWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAeGAMA0G CSqGSIb3DQEBCwUAA4IBAQAdgQ7AgPW3ln//z4to+P6Ci3EgxP82p+zH3QBU3DVj BVBMIBPz8+DfZ1mrR9P5YynftX8Qs9svC36PhZa/4p1N0AyJ2wnqMT/pahYehloH PUk9F7niGtt/34rz749uxP0vCBWeklmRZdW3aDZWRDEApuPDEjIkKyZ7pRx6Z14x XNTWMgBiKq59pZSw2P9sBH9qSD2LapcEXz8XWuAzO/dO5pFq24Vv9qjVQhRAJ7KS mG2ICswCz7RCTCyOleDn6jEAkAaf3FUICA7yofoMcKw9amsD1+u5OaBsVyYADBEZ daAJQT9zU6gDmjXJ59mnNjmyfss4UHvNTHNeGSySWgRK -----END CERTIFICATE-----Generated at Sun Aug 24 14:17:19 2025 by rpki-client