$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/RYtRIf1OZ7FcjP6VpPnivzCCEP8.roa File: RYtRIf1OZ7FcjP6VpPnivzCCEP8.roa (raw, json) Hash identifier: cbguKFdRhBeC+D0bEE6mLFOWdGTq+VmGn/2jIhlRjQU= Subject key identifier: 45:8B:51:21:FD:4E:67:B1:5C:8C:FE:95:A4:F9:E2:BF:30:82:10:FF Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Certificate serial: 0131 Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/RYtRIf1OZ7FcjP6VpPnivzCCEP8.roa Signing time: Fri 22 Aug 2025 08:58:52 +0000 ROA not before: Fri 22 Aug 2025 08:58:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9678 IP address blocks: 2.58.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0dL1XCbbKFIKeZb_cu0BBCAHmKI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 12:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 305 (0x131) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Validity Not Before: Aug 22 08:58:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=458B5121FD4E67B15C8CFE95A4F9E2BF308210FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:e5:8b:18:b1:e8:a0:4b:b4:e2:0a:1c:e7: 78:03:fe:4e:77:29:ce:44:60:a0:a6:60:09:00:cc: 1f:40:d3:7b:68:68:c7:a8:f3:27:33:f1:00:48:b0: 02:80:5c:7d:80:7e:f9:ea:26:41:97:be:04:75:ff: 26:df:35:8b:3c:7e:0b:2e:14:77:7f:db:3e:5b:c9: d9:3b:de:48:a1:c5:63:43:42:29:f4:ec:a5:08:79: ec:03:75:cc:5f:b3:dc:bb:1b:67:ad:23:eb:f0:3b: e7:32:39:f4:8b:c5:3d:f7:79:bb:05:61:b6:18:1f: 5c:f1:37:88:d5:dc:1a:c0:14:8e:22:89:11:82:92: 94:53:ce:86:b9:16:14:13:0e:ac:65:33:2e:05:13: f2:b4:3a:f8:b8:92:72:6b:7d:5c:70:10:d3:66:44: b4:d7:e7:c2:ed:bb:f9:27:d7:09:71:9c:d8:af:c6: 16:85:19:8f:28:5a:37:ba:ba:fa:8c:1c:7e:26:54: 16:bc:94:0b:ba:21:39:52:ad:b4:3f:4b:95:b8:07: b2:8b:67:40:76:99:2e:ed:76:12:86:16:07:ab:b4: 2c:0e:88:0e:52:79:45:c3:d3:cb:8e:4f:38:8c:e6: 36:bd:61:8a:d8:e7:00:d7:cd:f6:9a:bc:e2:58:5b: ce:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:8B:51:21:FD:4E:67:B1:5C:8C:FE:95:A4:F9:E2:BF:30:82:10:FF X509v3 Authority Key Identifier: keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/RYtRIf1OZ7FcjP6VpPnivzCCEP8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 2.58.240.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:77:db:6b:60:30:b6:ba:1d:74:61:da:4b:74:83:52:3b:61: fa:59:a6:34:6b:03:07:0a:0a:e0:63:89:cf:9c:9f:24:e1:57: 25:72:46:cc:ac:38:61:48:fb:56:75:f7:33:94:ff:fb:42:97: 98:15:fb:da:6c:21:6d:bf:0c:ed:7a:5e:fa:1e:e8:b1:92:31: 33:fb:87:99:7b:28:68:2d:7c:13:8d:cd:21:11:38:de:32:53: e4:1b:70:9e:43:86:46:91:ee:e5:65:fa:8e:cd:ae:67:9a:f3: c1:a5:91:dd:11:73:11:9b:e4:f6:35:d6:d3:fc:73:72:71:c0: 8a:79:3b:35:c7:32:4e:f6:01:91:a0:bb:c0:33:96:1e:35:db: 08:fb:d2:43:df:3f:b7:14:35:b0:2b:f5:2f:0a:7b:f4:5d:bc: 94:81:a1:e7:46:0a:18:03:6e:eb:43:df:1a:16:52:69:02:49: 0c:5e:01:e8:e5:c1:92:94:89:cd:1f:e2:2b:a6:11:36:5e:3c: c2:d1:d9:5f:58:08:e1:84:34:20:aa:56:29:7d:bb:03:e6:4f: 9a:fd:48:4b:2b:09:26:ed:8e:7a:42:6f:3c:64:e1:09:ac:a9: cd:82:9d:21:27:7a:b1:8a:5a:94:8a:c9:19:2c:a3:ea:a2:2f: dd:d7:0e:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkI4 OEE5MTc4NUE3ODJDOEVBM0NEREVEM0U3QzFGMDlEQTc5RjY0NzAeFw0yNTA4MjIw ODU4NTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ1OEI1MTIxRkQ0RTY3 QjE1QzhDRkU5NUE0RjlFMkJGMzA4MjEwRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOHuWLGLHooEu04goc53gD/k53Kc5EYKCmYAkAzB9A03toaMeo 8ycz8QBIsAKAXH2AfvnqJkGXvgR1/ybfNYs8fgsuFHd/2z5bydk73kihxWNDQin0 7KUIeewDdcxfs9y7G2etI+vwO+cyOfSLxT33ebsFYbYYH1zxN4jV3BrAFI4iiRGC kpRTzoa5FhQTDqxlMy4FE/K0Ovi4knJrfVxwENNmRLTX58Ltu/kn1wlxnNivxhaF GY8oWje6uvqMHH4mVBa8lAu6ITlSrbQ/S5W4B7KLZ0B2mS7tdhKGFgertCwOiA5S eUXD08uOTziM5ja9YYrY5wDXzfaavOJYW85vAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQURYtRIf1OZ7FcjP6VpPnivzCCEP8wHwYDVR0jBBgwFoAUu4ipF4WngsjqPN3t PnwfCdp59kcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO L3U0aXBGNFduZ3NqcVBOM3RQbndmQ2RwNTlrYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvdTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL1JZdFJJZjFPWjdGY2pQNlZw UG5pdnpDQ0VQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAC OvAwDQYJKoZIhvcNAQELBQADggEBAE5322tgMLa6HXRh2kt0g1I7YfpZpjRrAwcK CuBjic+cnyThVyVyRsysOGFI+1Z19zOU//tCl5gV+9psIW2/DO16Xvoe6LGSMTP7 h5l7KGgtfBONzSERON4yU+QbcJ5DhkaR7uVl+o7Nrmea88Glkd0RcxGb5PY11tP8 c3JxwIp5OzXHMk72AZGgu8Azlh412wj70kPfP7cUNbAr9S8Ke/RdvJSBoedGChgD butD3xoWUmkCSQxeAejlwZKUic0f4iumETZePMLR2V9YCOGENCCqVil9uwPmT5r9 SEsrCSbtjnpCbzxk4Qmsqc2CnSEnerGKWpSKyRkso+qiL93XDu4= -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:57 2025 by rpki-client