$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/jbhENYHqy-B6fxD4KriDY5_obAE.roa File: jbhENYHqy-B6fxD4KriDY5_obAE.roa (raw, json) Hash identifier: Klo3o9H/N0+A9fsogphfozIPyCUhEm88qbguHwewBn0= Subject key identifier: 8D:B8:44:35:81:EA:CB:E0:7A:7F:10:F8:2A:B8:83:63:9F:E8:6C:01 Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A Certificate serial: 0EC4 Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jbhENYHqy-B6fxD4KriDY5_obAE.roa Signing time: Fri 22 Aug 2025 09:03:08 +0000 ROA not before: Fri 22 Aug 2025 09:03:08 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9680 IP address blocks: 168.95.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3780 (0xec4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A Validity Not Before: Aug 22 09:03:08 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8DB8443581EACBE07A7F10F82AB883639FE86C01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:21:03:f6:3d:7c:df:6d:c2:84:a5:78:02:8b: b8:2a:72:1b:a2:36:a3:5d:4d:f8:59:aa:02:35:5f: 4a:ca:dc:ea:c5:6f:32:38:d6:9c:7f:8b:e7:1d:42: aa:b4:ff:20:35:22:b4:fe:fd:ca:1c:b8:17:d7:76: fb:26:54:3d:48:37:9c:39:c5:3f:f8:ac:d1:05:c6: 42:bc:cb:8c:d4:f3:87:84:41:ab:be:2b:29:ec:49: 5d:a3:ef:7c:06:49:b5:fe:d8:78:21:7d:50:16:ba: be:12:90:a8:86:6f:c1:8a:e0:cf:74:d6:d5:b0:a9: 54:51:82:92:fd:67:19:27:35:fd:9f:51:01:24:fb: 3e:3e:15:24:3f:57:e6:8c:1b:b4:bb:33:0e:03:b9: 57:19:a0:50:7f:26:9d:4d:77:26:32:5e:85:17:47: ee:51:26:8b:6d:24:a9:eb:f4:d4:8a:a3:15:a1:63: 6b:19:8a:6f:a3:5a:eb:fa:ef:f9:f4:c7:2b:be:f3: 9d:f1:df:c5:09:1b:0a:c7:08:ea:03:b2:ba:21:09: 92:9a:e6:ee:88:00:e7:d9:cd:61:c0:22:7e:06:03: 9a:61:65:7e:21:6f:00:6e:d3:10:a0:55:71:90:9d: 86:4f:14:23:4d:47:d7:53:b4:a2:e4:8f:a0:0b:31: a7:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:B8:44:35:81:EA:CB:E0:7A:7F:10:F8:2A:B8:83:63:9F:E8:6C:01 X509v3 Authority Key Identifier: keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jbhENYHqy-B6fxD4KriDY5_obAE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 168.95.245.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:8a:01:14:64:0d:42:c5:e1:c6:47:92:62:28:9e:30:62:bc: e9:15:0c:c6:ab:3c:9d:c0:04:20:42:c5:6b:2f:de:0c:00:bc: 54:98:4a:d8:e8:10:3a:7d:f1:e0:90:32:33:14:8c:a1:c7:c3: ab:9c:53:90:61:59:c4:3f:e6:1e:95:ab:52:cc:db:0a:b9:92: 31:bd:d6:bb:04:15:ee:34:7b:bf:8a:60:92:47:ae:a5:ad:f6: 6c:8e:71:be:c0:b7:c1:c6:70:0e:14:34:2b:f7:ef:23:25:07: 6f:1b:8f:4e:76:ea:b7:d7:aa:61:7c:ae:e9:e1:65:84:ed:22: dd:4b:ca:4e:d7:ae:a0:05:41:6b:85:5f:e7:fb:c6:38:d6:28: ba:7b:f8:48:e2:2f:87:76:15:3b:90:1c:b9:66:c1:dd:c1:84: e8:fa:e1:bd:b0:cb:03:0c:9c:bf:39:1b:8b:87:52:f4:78:91: 75:e6:35:63:fb:62:4a:d9:61:76:60:f5:80:54:f7:3c:4b:86: f6:16:8a:fa:87:85:e5:1a:3f:77:db:f0:30:bc:51:78:3a:6f: d3:75:2e:38:d7:a4:7e:d1:a7:c6:62:5e:e4:c7:dd:2d:81:44: 1c:a6:d7:02:6d:8f:b6:42:4f:f3:fa:db:20:bb:05:87:28:e8: 96:2b:54:eb -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3 NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yNTA4MjIw OTAzMDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhEQjg0NDM1ODFFQUNC RTA3QTdGMTBGODJBQjg4MzYzOUZFODZDMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMIQP2PXzfbcKEpXgCi7gqchuiNqNdTfhZqgI1X0rK3OrFbzI4 1px/i+cdQqq0/yA1IrT+/cocuBfXdvsmVD1IN5w5xT/4rNEFxkK8y4zU84eEQau+ KynsSV2j73wGSbX+2HghfVAWur4SkKiGb8GK4M901tWwqVRRgpL9ZxknNf2fUQEk +z4+FSQ/V+aMG7S7Mw4DuVcZoFB/Jp1NdyYyXoUXR+5RJottJKnr9NSKoxWhY2sZ im+jWuv67/n0xyu+853x38UJGwrHCOoDsrohCZKa5u6IAOfZzWHAIn4GA5phZX4h bwBu0xCgVXGQnYZPFCNNR9dTtKLkj6ALMaeHAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUjbhENYHqy+B6fxD4KriDY5/obAEwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9qYmhFTllIcXktQjZmeEQ0S3Jp RFk1X29iQUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/1 MA0GCSqGSIb3DQEBCwUAA4IBAQAvigEUZA1CxeHGR5JiKJ4wYrzpFQzGqzydwAQg QsVrL94MALxUmErY6BA6ffHgkDIzFIyhx8OrnFOQYVnEP+YelatSzNsKuZIxvda7 BBXuNHu/imCSR66lrfZsjnG+wLfBxnAOFDQr9+8jJQdvG49Oduq316phfK7p4WWE 7SLdS8pO166gBUFrhV/n+8Y41ii6e/hI4i+HdhU7kBy5ZsHdwYTo+uG9sMsDDJy/ ORuLh1L0eJF15jVj+2JK2WF2YPWAVPc8S4b2For6h4XlGj932/AwvFF4Om/TdS44 16R+0afGYl7kx90tgUQcptcCbY+2Qk/z+tsguwWHKOiWK1Tr -----END CERTIFICATE-----Generated at Sun Aug 24 09:43:28 2025 by rpki-client