$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/HokuDYe5Ov6agy4xVjiMv3oc1eM.roa File: HokuDYe5Ov6agy4xVjiMv3oc1eM.roa (raw, json) Hash identifier: qQcOS8oOrw2Ncy6MFjfL3e0syN1Tm4KnCFEVR3EaJf0= Subject key identifier: 1E:89:2E:0D:87:B9:3A:FE:9A:83:2E:31:56:38:8C:BF:7A:1C:D5:E3 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 18B9 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HokuDYe5Ov6agy4xVjiMv3oc1eM.roa Signing time: Fri 22 Aug 2025 09:02:23 +0000 ROA not before: Fri 22 Aug 2025 09:02:23 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 198949 IP address blocks: 210.242.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 00:26:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6329 (0x18b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:23 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=1E892E0D87B93AFE9A832E3156388CBF7A1CD5E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6d:7a:1a:fb:9d:9c:d3:97:43:8e:8e:1e:bd: 94:fe:24:8f:8e:5c:6e:34:4e:b0:c4:d3:8c:ca:e5: 7f:f6:ff:0a:35:b9:e4:c7:6d:14:0d:35:04:9e:44: 50:93:cb:c9:c2:f9:8b:39:7c:0b:b5:a2:3f:d7:a5: f9:a7:25:50:df:1f:70:82:0f:58:b0:f3:77:c2:16: 4c:1c:9a:e8:cb:22:6f:fb:38:50:27:2e:47:43:ea: b2:94:ef:13:f8:01:f5:45:b7:e9:11:ab:83:8c:6d: c4:e8:08:1b:89:80:f2:c6:a2:3d:08:1f:cb:89:f6: 3c:d2:59:0c:26:2c:5f:ad:da:8f:c6:47:1f:91:2b: 8d:f6:82:69:60:97:cd:87:59:4d:3f:3e:3a:bb:b8: 63:13:3d:69:6d:49:2d:90:94:c0:f2:a8:8b:4d:5d: 0c:f1:bd:24:22:4b:57:63:3a:75:92:71:76:9e:90: f3:57:9c:54:5b:81:a9:fe:ff:d9:ef:6b:f5:8e:a3: c0:bc:10:95:75:ca:34:a7:d1:b7:a7:14:8a:c0:c6: d3:4a:fe:91:f5:20:ec:0d:a7:d9:56:ab:d1:93:69: 9e:0a:eb:ee:f9:74:99:60:f9:32:ae:b3:a0:4b:60: a0:1a:ad:ec:75:aa:2f:8d:b8:89:e1:35:78:41:7d: ae:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:89:2E:0D:87:B9:3A:FE:9A:83:2E:31:56:38:8C:BF:7A:1C:D5:E3 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/HokuDYe5Ov6agy4xVjiMv3oc1eM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.242.118.0/24 Signature Algorithm: sha256WithRSAEncryption 46:25:ee:0b:78:94:df:92:91:7c:20:2b:db:ab:f0:6d:5a:af: 39:16:5d:d3:e6:74:b9:a0:20:8a:4e:b0:5a:e3:31:5e:e6:60: cb:34:cb:36:15:21:29:b5:c3:a0:92:e6:68:4d:ed:52:cf:03: 4f:e3:3f:5d:ef:96:5b:96:30:25:f7:ef:12:85:db:15:62:ed: f2:5f:56:b1:d8:c7:a3:4c:0a:61:38:97:b6:c4:56:dc:7b:07: 4d:9b:21:9f:9c:7f:f0:f7:70:e2:6f:36:f5:07:dd:02:13:92: e9:a0:bc:43:e3:ae:9d:4b:f2:4f:55:1b:e3:61:59:d6:e5:cc: 36:06:9a:53:1d:d1:61:e0:0d:9e:5c:56:b5:d8:65:e9:cb:6b: 14:51:b8:d4:d4:be:e9:4b:cb:c1:5b:e9:48:36:72:80:a6:23: 69:ac:50:1a:cf:71:1a:61:34:8c:71:19:6f:8f:20:3d:11:6b: 3b:58:ce:eb:71:94:af:49:0d:41:7a:b5:e1:ca:84:ce:a3:6c: 4b:0c:ce:8d:24:eb:8c:c9:be:be:fb:f6:ef:64:4f:d3:9b:e5: 2d:2e:59:49:dd:05:58:99:54:5e:35:0b:c7:2d:9d:f5:7e:2e: 4f:d9:b5:a9:24:09:59:91:e2:dc:17:41:84:44:45:5c:f1:25: 72:0c:a2:1f -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICGLkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyMjNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDFFODkyRTBEODdCOTNB RkU5QTgzMkUzMTU2Mzg4Q0JGN0ExQ0Q1RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjbXoa+52c05dDjo4evZT+JI+OXG40TrDE04zK5X/2/wo1ueTH bRQNNQSeRFCTy8nC+Ys5fAu1oj/XpfmnJVDfH3CCD1iw83fCFkwcmujLIm/7OFAn LkdD6rKU7xP4AfVFt+kRq4OMbcToCBuJgPLGoj0IH8uJ9jzSWQwmLF+t2o/GRx+R K432gmlgl82HWU0/Pjq7uGMTPWltSS2QlMDyqItNXQzxvSQiS1djOnWScXaekPNX nFRbgan+/9nva/WOo8C8EJV1yjSn0benFIrAxtNK/pH1IOwNp9lWq9GTaZ4K6+75 dJlg+TKus6BLYKAarex1qi+NuInhNXhBfa6dAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUHokuDYe5Ov6agy4xVjiMv3oc1eMwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Ib2t1RFllNU92NmFneTR4Vmpp TXYzb2MxZU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vJ2 MA0GCSqGSIb3DQEBCwUAA4IBAQBGJe4LeJTfkpF8ICvbq/BtWq85Fl3T5nS5oCCK TrBa4zFe5mDLNMs2FSEptcOgkuZoTe1SzwNP4z9d75ZbljAl9+8ShdsVYu3yX1ax 2MejTAphOJe2xFbcewdNmyGfnH/w93Dibzb1B90CE5LpoLxD466dS/JPVRvjYVnW 5cw2BppTHdFh4A2eXFa12GXpy2sUUbjU1L7pS8vBW+lINnKApiNprFAaz3EaYTSM cRlvjyA9EWs7WM7rcZSvSQ1BerXhyoTOo2xLDM6NJOuMyb6++/bvZE/Tm+UtLllJ 3QVYmVReNQvHLZ31fi5P2bWpJAlZkeLcF0GEREVc8SVyDKIf -----END CERTIFICATE-----Generated at Mon Oct 20 00:04:36 2025 by rpki-client