$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/tkGH2c94heM-CKWNvAu-9mXHnR8.roa File: tkGH2c94heM-CKWNvAu-9mXHnR8.roa (raw, json) Hash identifier: qV2qd4qseObxoxqj9Ovn4I3PPmUVbGQI+pbeR2dCdMw= Subject key identifier: B6:41:87:D9:CF:78:85:E3:3E:08:A5:8D:BC:0B:BE:F6:65:C7:9D:1F Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1930 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/tkGH2c94heM-CKWNvAu-9mXHnR8.roa Signing time: Fri 22 Aug 2025 09:02:51 +0000 ROA not before: Fri 22 Aug 2025 09:02:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10126 IP address blocks: 220.128.80.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6448 (0x1930) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B64187D9CF7885E33E08A58DBC0BBEF665C79D1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:86:b7:fa:3a:ff:d8:7f:e8:ba:bf:d9:c9:b5: eb:57:53:e5:09:c4:e7:57:65:6d:c8:f0:65:db:e1: 3d:9a:35:e7:3c:c0:59:c5:f4:b8:0c:e0:8f:f4:b1: 9e:c0:7b:58:35:ad:63:4b:2c:57:d3:25:0d:43:1a: ad:e3:00:f0:4e:01:70:dc:aa:4d:f8:27:19:fd:06: 6f:62:c1:27:46:55:ce:fe:58:a4:33:41:7b:df:71: 22:96:04:bb:c0:f4:5e:90:47:3b:08:cf:db:59:23: 55:10:cc:59:49:3b:1c:83:5c:ab:2b:81:65:a1:94: 7d:67:d4:5c:a5:30:4e:18:3f:b1:c7:86:c3:d3:71: cc:2e:a9:fa:e3:e0:72:94:f1:01:a0:32:9d:b9:f1: 5c:39:fe:e3:eb:c5:b3:fe:62:4e:02:fc:2c:bb:de: 85:13:b1:96:f1:b4:c9:d3:69:9b:6f:27:b5:67:ad: 58:b9:04:83:f1:72:aa:2f:24:4d:77:22:2f:1b:c1: ac:5f:be:27:c2:36:29:68:81:8c:86:a2:ab:d4:60: f1:79:d0:72:dd:cb:78:ee:12:6c:7f:f6:01:97:10: 5b:1a:6d:dc:f2:80:cd:5c:a9:ff:92:40:2e:68:b6: 60:a1:df:cd:7a:23:67:9a:4e:7d:ec:6b:88:da:97: 05:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:41:87:D9:CF:78:85:E3:3E:08:A5:8D:BC:0B:BE:F6:65:C7:9D:1F X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/tkGH2c94heM-CKWNvAu-9mXHnR8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 220.128.80.0/20 Signature Algorithm: sha256WithRSAEncryption 8c:b9:97:57:5c:a3:a8:ab:df:4c:55:1d:9f:d2:53:ed:aa:8f: a4:63:e3:0e:96:d8:fe:ec:4b:38:39:09:0c:8d:ea:32:55:ce: 19:e1:10:ed:a3:a7:ad:97:8f:fa:74:d1:82:62:37:fe:5c:d4: fe:91:65:96:61:7a:be:4a:c3:4d:6f:72:55:a0:9a:2b:b0:8e: 92:1d:6e:ee:d8:3f:20:ce:40:95:f3:17:d4:4c:4c:b2:a0:c5: af:19:84:b5:44:a3:80:92:e7:3d:2f:5c:89:59:cb:2e:2c:03: 3d:07:3f:34:9f:3f:a8:b6:52:d7:59:b7:c2:49:00:4a:c7:32: be:bf:6f:6b:d6:20:18:ac:29:67:71:d5:3f:66:3f:90:12:9e: ee:6b:87:ab:18:de:55:01:3a:67:25:ee:de:dd:d4:69:b7:50: d3:9d:89:97:6d:45:70:58:6b:51:e4:86:65:f7:ff:21:13:43: 1f:05:68:1d:12:29:32:e9:06:e5:6b:a3:6d:fe:14:d6:36:b6: b3:90:c5:c0:c6:e1:11:44:2d:d4:75:0c:39:a6:3c:6e:97:cb: b5:36:ef:64:85:ee:36:50:43:75:41:0d:ed:f3:b3:37:da:9f: d6:34:39:3e:e9:c8:56:87:84:98:be:0d:04:aa:c8:a9:04:0c: d7:5d:71:21 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICGTAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEI2NDE4N0Q5Q0Y3ODg1 RTMzRTA4QTU4REJDMEJCRUY2NjVDNzlEMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMhrf6Ov/Yf+i6v9nJtetXU+UJxOdXZW3I8GXb4T2aNec8wFnF 9LgM4I/0sZ7Ae1g1rWNLLFfTJQ1DGq3jAPBOAXDcqk34Jxn9Bm9iwSdGVc7+WKQz QXvfcSKWBLvA9F6QRzsIz9tZI1UQzFlJOxyDXKsrgWWhlH1n1FylME4YP7HHhsPT ccwuqfrj4HKU8QGgMp258Vw5/uPrxbP+Yk4C/Cy73oUTsZbxtMnTaZtvJ7VnrVi5 BIPxcqovJE13Ii8bwaxfvifCNilogYyGoqvUYPF50HLdy3juEmx/9gGXEFsabdzy gM1cqf+SQC5otmCh3816I2eaTn3sa4jalwWjAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUtkGH2c94heM+CKWNvAu+9mXHnR8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC90a0dIMmM5NGhlTS1DS1dOdkF1 LTltWEhuUjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE3IBQ MA0GCSqGSIb3DQEBCwUAA4IBAQCMuZdXXKOoq99MVR2f0lPtqo+kY+MOltj+7Es4 OQkMjeoyVc4Z4RDto6etl4/6dNGCYjf+XNT+kWWWYXq+SsNNb3JVoJorsI6SHW7u 2D8gzkCV8xfUTEyyoMWvGYS1RKOAkuc9L1yJWcsuLAM9Bz80nz+otlLXWbfCSQBK xzK+v29r1iAYrClncdU/Zj+QEp7ua4erGN5VATpnJe7e3dRpt1DTnYmXbUVwWGtR 5IZl9/8hE0MfBWgdEiky6Qbla6Nt/hTWNrazkMXAxuERRC3UdQw5pjxul8u1Nu9k he42UEN1QQ3t87M32p/WNDk+6chWh4SYvg0EqsipBAzXXXEh -----END CERTIFICATE-----Generated at Sun Aug 24 13:40:16 2025 by rpki-client