$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/VFXOUuf4mlxJS55YH8SI-orePSE.roa File: VFXOUuf4mlxJS55YH8SI-orePSE.roa (raw, json) Hash identifier: 86qxM5RGWAoIZdvnZByzYCseR1C45L3gZiH/lc14oTY= Subject key identifier: 54:55:CE:52:E7:F8:9A:5C:49:4B:9E:58:1F:C4:88:FA:8A:DE:3D:21 Certificate issuer: /CN=534C76274A330B071EFD20DB05F6D0429293743E Certificate serial: 0EAA Authority key identifier: 53:4C:76:27:4A:33:0B:07:1E:FD:20:DB:05:F6:D0:42:92:93:74:3E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/U0x2J0ozCwce_SDbBfbQQpKTdD4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VFXOUuf4mlxJS55YH8SI-orePSE.roa Signing time: Fri 22 Aug 2025 09:03:10 +0000 ROA not before: Fri 22 Aug 2025 09:03:10 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7481 IP address blocks: 2001:7fa:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/U0x2J0ozCwce_SDbBfbQQpKTdD4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/U0x2J0ozCwce_SDbBfbQQpKTdD4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/U0x2J0ozCwce_SDbBfbQQpKTdD4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0dL1XCbbKFIKeZb_cu0BBCAHmKI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 12:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3754 (0xeaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=534C76274A330B071EFD20DB05F6D0429293743E Validity Not Before: Aug 22 09:03:10 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5455CE52E7F89A5C494B9E581FC488FA8ADE3D21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:05:d3:57:10:68:ce:4d:12:d3:6f:2e:2c:20: 1f:51:ef:fc:70:42:30:06:30:a9:18:8e:9b:a8:e2: 34:8b:a9:be:73:83:87:b4:3f:0b:7a:c4:17:94:26: 9f:39:e4:08:04:15:fb:ba:d3:f7:04:b2:2d:d5:3a: 31:92:f4:b3:3e:70:be:1e:bc:8f:42:e5:c7:71:43: f6:56:f3:7a:8d:51:2e:d0:a6:aa:28:59:3b:b5:82: 9a:af:94:f5:21:90:16:21:2a:55:3c:ab:9a:f1:4d: d4:6d:46:bd:e7:79:94:e7:00:cd:1e:35:c8:16:fc: 6b:c6:e1:a3:62:00:1a:32:83:a4:4b:f7:3b:f4:69: 3e:4e:e7:f1:ab:8d:3c:77:84:d5:f8:b3:b8:46:31: 80:d5:53:09:70:ca:c3:18:87:b4:c9:6c:45:da:ae: da:58:8e:5c:1c:0b:fd:2e:4a:f5:34:30:e0:2d:e6: 42:2b:00:00:b9:ee:82:47:a0:d8:11:44:67:ec:9a: 6b:d9:3b:4b:5f:a9:0e:55:a4:f2:2a:e6:79:6b:ff: 0e:f1:16:f5:5b:43:18:a6:b4:0d:ad:d9:95:02:97: ec:17:2f:ab:4c:3d:f4:bf:37:03:b8:aa:f4:a4:f1: 98:b5:26:0c:40:a8:58:a0:9a:4c:c1:e4:f5:85:15: 80:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:55:CE:52:E7:F8:9A:5C:49:4B:9E:58:1F:C4:88:FA:8A:DE:3D:21 X509v3 Authority Key Identifier: keyid:53:4C:76:27:4A:33:0B:07:1E:FD:20:DB:05:F6:D0:42:92:93:74:3E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/U0x2J0ozCwce_SDbBfbQQpKTdD4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/U0x2J0ozCwce_SDbBfbQQpKTdD4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VFXOUuf4mlxJS55YH8SI-orePSE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:7fa:1::/48 Signature Algorithm: sha256WithRSAEncryption cf:30:91:ce:09:f8:be:fb:70:ac:20:b5:34:ab:d4:74:9d:3b: 77:5e:f3:b6:36:c3:a8:fc:e9:b6:31:64:7e:9a:de:90:f7:c9: 8c:54:32:99:38:05:ae:ba:a1:b2:c2:fd:a9:05:d5:80:17:22: ef:73:01:36:08:03:01:24:47:73:5b:14:e6:c0:00:69:f4:73: 1a:e4:f6:e6:6b:34:a2:8b:07:7a:e3:27:1e:a2:2d:31:44:aa: 3b:92:37:75:a9:16:5a:22:bf:6c:b9:d6:06:03:af:51:a2:6f: 69:48:65:9f:26:08:8b:59:01:d4:cf:14:e6:ed:6f:6b:bb:a4: 49:b3:c4:de:8f:b1:c1:37:80:d7:6b:db:95:a5:82:49:fd:3d: 33:a9:b5:26:3a:c2:dc:ae:0b:5c:c6:cc:eb:7c:9f:3c:88:44: 41:82:dc:cb:9e:67:11:ed:02:af:44:59:4e:24:28:cb:0a:5f: 0c:36:6e:12:31:38:15:1a:5a:df:dc:b0:01:0e:3b:81:12:13: 54:4d:b3:1f:d6:d0:30:6a:95:11:97:3f:8c:c7:cf:ce:c3:ab: e2:9f:cb:7a:25:1f:9b:27:89:48:b8:44:af:df:1d:c0:2e:72: c8:cf:61:6a:4d:d4:70:45:a0:fc:84:64:b6:5a:be:91:e3:02: 6d:1f:68:b4 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICDqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTM0 Qzc2Mjc0QTMzMEIwNzFFRkQyMERCMDVGNkQwNDI5MjkzNzQzRTAeFw0yNTA4MjIw OTAzMTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDU0NTVDRTUyRTdGODlB NUM0OTRCOUU1ODFGQzQ4OEZBOEFERTNEMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDBdNXEGjOTRLTby4sIB9R7/xwQjAGMKkYjpuo4jSLqb5zg4e0 Pwt6xBeUJp855AgEFfu60/cEsi3VOjGS9LM+cL4evI9C5cdxQ/ZW83qNUS7Qpqoo WTu1gpqvlPUhkBYhKlU8q5rxTdRtRr3neZTnAM0eNcgW/GvG4aNiABoyg6RL9zv0 aT5O5/GrjTx3hNX4s7hGMYDVUwlwysMYh7TJbEXartpYjlwcC/0uSvU0MOAt5kIr AAC57oJHoNgRRGfsmmvZO0tfqQ5VpPIq5nlr/w7xFvVbQximtA2t2ZUCl+wXL6tM PfS/NwO4qvSk8Zi1JgxAqFigmkzB5PWFFYDJAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUVFXOUuf4mlxJS55YH8SI+orePSEwHwYDVR0jBBgwFoAUU0x2J0ozCwce/SDb BfbQQpKTdD4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv VTB4Mkowb3pDd2NlX1NEYkJmYlFRcEtUZEQ0LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9VMHgySjBvekN3Y2VfU0RiQmZiUVFwS1RkRDQuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9WRlhPVXVmNG1seEpTNTVZSDhT SS1vcmVQU0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEH +gABMA0GCSqGSIb3DQEBCwUAA4IBAQDPMJHOCfi++3CsILU0q9R0nTt3XvO2NsOo /Om2MWR+mt6Q98mMVDKZOAWuuqGywv2pBdWAFyLvcwE2CAMBJEdzWxTmwABp9HMa 5PbmazSiiwd64yceoi0xRKo7kjd1qRZaIr9sudYGA69Rom9pSGWfJgiLWQHUzxTm 7W9ru6RJs8Tej7HBN4DXa9uVpYJJ/T0zqbUmOsLcrgtcxszrfJ88iERBgtzLnmcR 7QKvRFlOJCjLCl8MNm4SMTgVGlrf3LABDjuBEhNUTbMf1tAwapURlz+Mx8/Ow6vi n8t6JR+bJ4lIuESv3x3ALnLIz2FqTdRwRaD8hGS2Wr6R4wJtH2i0 -----END CERTIFICATE-----Generated at Sun Aug 24 11:04:51 2025 by rpki-client