$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/37A-eH3fDJTCAQ_AArdtRs_0ki8.roa File: 37A-eH3fDJTCAQ_AArdtRs_0ki8.roa (raw, json) Hash identifier: caeQjrmaS6VISb1su3eLD75NKAmwoIs+ELpLor9AnD4= Subject key identifier: DF:B0:3E:78:7D:DF:0C:94:C2:01:0F:C0:02:B7:6D:46:CF:F4:92:2F Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1951 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/37A-eH3fDJTCAQ_AArdtRs_0ki8.roa Signing time: Fri 22 Aug 2025 09:02:58 +0000 ROA not before: Fri 22 Aug 2025 09:02:58 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17421 IP address blocks: 223.136.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6481 (0x1951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:58 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DFB03E787DDF0C94C2010FC002B76D46CFF4922F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6e:55:4a:11:dc:ce:86:30:7e:26:33:af:a1: fc:4d:9a:13:e2:97:75:cc:45:40:d1:4a:21:43:5f: 49:fa:ab:e6:80:17:28:3f:f3:27:20:86:dd:b2:7e: 3a:5d:63:3f:48:cb:1c:d0:15:df:99:22:5a:cb:bb: 18:83:6b:66:29:41:58:af:1a:c1:e6:b3:e5:c7:b7: 0e:3a:46:d1:19:e6:88:85:c9:fa:8e:07:7b:24:29: b3:7c:64:35:0d:8c:f4:49:87:18:c5:19:44:07:c7: 11:bc:4c:e2:77:87:1d:d5:10:25:cd:9d:64:8b:47: 83:02:b9:ae:e2:4d:f1:28:17:f8:d5:86:3e:f8:04: c0:62:58:f3:3c:ee:64:bc:f2:71:e5:ea:8d:de:82: 37:61:16:84:fb:84:a3:f8:50:99:0a:7a:80:92:08: 43:90:6a:17:70:20:6c:94:97:fd:57:0a:d7:fc:51: 83:49:cd:ff:7b:0b:b8:e3:63:45:c4:3c:af:6a:96: 9a:7b:c1:10:c6:4e:02:91:c2:6c:9a:42:4b:66:65: f2:80:be:f5:e9:8a:51:08:63:1a:fa:88:02:1b:fe: bc:9c:59:27:a4:b1:7b:de:9b:9e:fb:53:7a:4e:b8: 35:db:b0:bd:af:7b:47:07:c9:e7:db:9b:8a:be:5e: c7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:B0:3E:78:7D:DF:0C:94:C2:01:0F:C0:02:B7:6D:46:CF:F4:92:2F X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/37A-eH3fDJTCAQ_AArdtRs_0ki8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.136.0.0/13 Signature Algorithm: sha256WithRSAEncryption 43:c8:06:0f:d9:44:1f:18:4d:5d:85:4e:9b:ec:ba:11:b5:a1: f1:52:01:37:2a:f0:a9:a2:e2:52:ce:6f:84:59:a5:e6:84:49: b3:2a:0f:62:09:b5:c7:1c:c8:58:4c:8c:68:50:7e:5a:66:e0: 4a:48:87:96:87:71:10:54:2b:93:47:c0:f3:76:84:cd:c7:a2: 9a:9d:a3:cb:23:48:26:22:52:67:e2:d2:70:b3:ab:15:f8:17: f7:40:ff:28:1c:b6:ed:27:18:a8:24:20:21:cc:cb:49:6d:d2: 35:46:bd:e8:e6:f2:bb:1f:03:23:2a:4e:69:b8:88:19:aa:e5: 6a:7a:f1:90:d9:a7:e0:cf:27:b9:ad:6a:e1:3b:7c:32:e6:84: 8f:d0:be:11:be:b8:ae:70:ec:39:63:43:08:d0:7c:60:7f:6a: 94:a5:b8:80:82:b5:c6:1e:14:17:18:c1:25:cf:19:6b:a9:63: e3:f5:29:d9:06:54:16:21:b1:72:21:13:5a:52:c7:09:f8:48: 21:fb:59:a6:78:d8:bc:1c:8c:a6:d6:a6:7a:f2:c9:82:61:29: be:b1:76:81:3e:68:8a:d3:42:ef:f9:e1:a2:6d:e2:da:e6:21: 2d:ab:a9:cb:1f:fb:0c:18:98:5d:b0:38:39:70:e6:87:1f:5d: e7:0d:e4:61 -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICGVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERGQjAzRTc4N0RERjBD OTRDMjAxMEZDMDAyQjc2RDQ2Q0ZGNDkyMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/blVKEdzOhjB+JjOvofxNmhPil3XMRUDRSiFDX0n6q+aAFyg/ 8ycght2yfjpdYz9IyxzQFd+ZIlrLuxiDa2YpQVivGsHms+XHtw46RtEZ5oiFyfqO B3skKbN8ZDUNjPRJhxjFGUQHxxG8TOJ3hx3VECXNnWSLR4MCua7iTfEoF/jVhj74 BMBiWPM87mS88nHl6o3egjdhFoT7hKP4UJkKeoCSCEOQahdwIGyUl/1XCtf8UYNJ zf97C7jjY0XEPK9qlpp7wRDGTgKRwmyaQktmZfKAvvXpilEIYxr6iAIb/rycWSek sXvem577U3pOuDXbsL2ve0cHyefbm4q+XseVAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU37A+eH3fDJTCAQ/AArdtRs/0ki8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8zN0EtZUgzZkRKVENBUV9BQXJk dFJzXzBraTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD34gw DQYJKoZIhvcNAQELBQADggEBAEPIBg/ZRB8YTV2FTpvsuhG1ofFSATcq8Kmi4lLO b4RZpeaESbMqD2IJtcccyFhMjGhQflpm4EpIh5aHcRBUK5NHwPN2hM3Hopqdo8sj SCYiUmfi0nCzqxX4F/dA/ygctu0nGKgkICHMy0lt0jVGvejm8rsfAyMqTmm4iBmq 5Wp68ZDZp+DPJ7mtauE7fDLmhI/QvhG+uK5w7DljQwjQfGB/apSluICCtcYeFBcY wSXPGWupY+P1KdkGVBYhsXIhE1pSxwn4SCH7WaZ42LwcjKbWpnryyYJhKb6xdoE+ aIrTQu/54aJt4trmIS2rqcsf+wwYmF2wODlw5ocfXecN5GE= -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:50 2025 by rpki-client