$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/jOlvzsY0rvoY0uHMLlwdn1lLTOE.roa File: jOlvzsY0rvoY0uHMLlwdn1lLTOE.roa (raw, json) Hash identifier: 6DiP6LQntjOompe+ANbXd2fec+bgG56lJLKkrkOMjM8= Subject key identifier: 8C:E9:6F:CE:C6:34:AE:FA:18:D2:E1:CC:2E:5C:1D:9F:59:4B:4C:E1 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1957 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jOlvzsY0rvoY0uHMLlwdn1lLTOE.roa Signing time: Fri 22 Aug 2025 09:03:00 +0000 ROA not before: Fri 22 Aug 2025 09:03:00 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131660 IP address blocks: 2001:b000:590::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6487 (0x1957) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:03:00 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8CE96FCEC634AEFA18D2E1CC2E5C1D9F594B4CE1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:00:33:5a:37:57:63:1c:2c:c6:5e:04:6a:56: fa:7a:ce:2c:ac:3d:9e:4d:46:7f:15:5e:24:60:b6: de:58:ef:bc:54:2c:b5:40:4a:0b:d9:8b:bf:23:ca: 03:f6:b9:e4:8b:00:95:82:ec:10:fd:d2:16:d0:b8: a6:e1:6a:ba:87:a3:cd:30:6d:8b:81:2f:f3:c9:8e: 59:88:d3:8c:db:4e:ad:92:e7:f6:9d:fe:60:48:e1: 79:62:2d:58:b2:db:d1:50:85:d7:d7:d1:5f:a5:b8: 65:16:2d:83:7b:4f:79:3f:ce:69:e6:e1:1a:1d:f3: 2d:2f:e2:60:f7:77:a6:61:bf:be:c7:b2:92:58:b4: 52:20:7a:37:18:19:b7:2a:2a:50:f6:79:a4:94:ef: 9c:38:5e:3d:d6:4e:52:72:87:e7:25:a0:ac:fb:0e: af:ae:ad:c1:83:26:e1:65:29:d9:2e:f8:1f:13:dd: b4:eb:1d:dd:44:72:79:48:9a:8a:1b:7c:67:a6:fd: 9e:4b:4a:a5:3e:be:a3:d7:90:1c:4c:95:2f:85:bb: 6e:29:ec:49:b7:8c:f0:4e:fb:88:19:db:af:c7:6c: 35:81:68:32:7a:07:b1:55:5e:7c:1b:e8:ab:f0:04: 83:c1:ee:88:21:c9:2c:67:ed:6f:dd:f3:88:97:fc: 28:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:E9:6F:CE:C6:34:AE:FA:18:D2:E1:CC:2E:5C:1D:9F:59:4B:4C:E1 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jOlvzsY0rvoY0uHMLlwdn1lLTOE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b000:590::/48 Signature Algorithm: sha256WithRSAEncryption 2e:df:4d:e7:0d:09:da:47:c3:0b:4a:79:4d:27:ba:e2:ca:7a: 57:5b:58:f8:17:0e:5d:b0:c6:96:05:cb:af:8a:9a:90:ed:cb: 51:87:78:32:a5:cb:89:88:fc:a9:95:ad:0d:0e:c8:a6:a6:19: ab:c1:e1:2e:4b:d9:57:89:bd:b0:7e:dd:79:64:f7:8d:c8:7c: cc:21:ae:8a:ea:ab:74:77:db:b7:31:85:cf:e8:85:1b:8c:41: 3c:81:a5:7f:22:6e:b0:1a:d6:5d:e6:ca:e8:8f:ac:ad:16:af: 1d:c0:a5:23:3a:3c:e8:b0:b7:d1:04:8c:4a:19:8b:4f:db:36: a4:a3:ec:39:cf:65:01:1a:c3:23:f1:9f:bd:7f:be:c4:fc:e7: c2:1e:c1:3c:5f:21:88:3e:39:f0:7d:89:53:b2:78:72:cb:8d: 67:bb:98:4c:e3:78:f5:ba:1e:13:7c:bc:2b:ab:77:c5:bf:ac: 58:1a:4f:7e:ae:73:36:da:e3:2b:64:fb:b7:cd:f1:05:90:0f: 09:80:25:1d:05:c7:92:29:7b:60:9a:0e:67:95:e9:32:34:cb: d9:f5:25:1e:43:30:59:33:38:cf:f2:34:fb:95:1c:64:d6:d7: b2:c0:cb:26:6c:3e:cf:9e:41:46:d9:b1:6d:7d:25:cc:7d:a2: ed:17:90:cc -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICGVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAzMDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhDRTk2RkNFQzYzNEFF RkExOEQyRTFDQzJFNUMxRDlGNTk0QjRDRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRADNaN1djHCzGXgRqVvp6ziysPZ5NRn8VXiRgtt5Y77xULLVA SgvZi78jygP2ueSLAJWC7BD90hbQuKbharqHo80wbYuBL/PJjlmI04zbTq2S5/ad /mBI4XliLViy29FQhdfX0V+luGUWLYN7T3k/zmnm4Rod8y0v4mD3d6Zhv77HspJY tFIgejcYGbcqKlD2eaSU75w4Xj3WTlJyh+cloKz7Dq+urcGDJuFlKdku+B8T3bTr Hd1EcnlImoobfGem/Z5LSqU+vqPXkBxMlS+Fu24p7Em3jPBO+4gZ26/HbDWBaDJ6 B7FVXnwb6KvwBIPB7oghySxn7W/d84iX/ChDAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUjOlvzsY0rvoY0uHMLlwdn1lLTOEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9qT2x2enNZMHJ2b1kwdUhNTGx3 ZG4xbExUT0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAGw AAWQMA0GCSqGSIb3DQEBCwUAA4IBAQAu303nDQnaR8MLSnlNJ7riynpXW1j4Fw5d sMaWBcuvipqQ7ctRh3gypcuJiPypla0NDsimphmrweEuS9lXib2wft15ZPeNyHzM Ia6K6qt0d9u3MYXP6IUbjEE8gaV/Im6wGtZd5sroj6ytFq8dwKUjOjzosLfRBIxK GYtP2zako+w5z2UBGsMj8Z+9f77E/OfCHsE8XyGIPjnwfYlTsnhyy41nu5hM43j1 uh4TfLwrq3fFv6xYGk9+rnM22uMrZPu3zfEFkA8JgCUdBceSKXtgmg5nlekyNMvZ 9SUeQzBZMzjP8jT7lRxk1teywMsmbD7PnkFG2bFtfSXMfaLtF5DM -----END CERTIFICATE-----Generated at Sun Aug 24 09:45:07 2025 by rpki-client