$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa File: 1NvRIIgsw36jv1JPruOnfe6B5l0.roa (raw, json) Hash identifier: wr3wO5pomnNqcHXEV81x9pHMfpgLRKocC+eB8odzGOM= Subject key identifier: D4:DB:D1:20:88:2C:C3:7E:A3:BF:52:4F:AE:E3:A7:7D:EE:81:E6:5D Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0D93 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa Signing time: Fri 22 Aug 2025 08:52:54 +0000 ROA not before: Fri 22 Aug 2025 08:52:54 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 114.29.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3475 (0xd93) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Aug 22 08:52:54 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D4DBD120882CC37EA3BF524FAEE3A77DEE81E65D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:5a:c3:23:3c:bb:aa:e6:7b:69:80:bc:08:85: 37:8a:c8:6c:17:a3:c1:72:ae:32:78:13:1f:fe:66: 6f:cc:34:4a:05:14:68:74:99:1c:09:7f:40:3b:c1: be:06:a2:a5:34:df:c9:3b:3d:5d:24:e2:95:08:71: f2:cd:6c:6f:aa:e8:e1:be:bc:3d:18:e9:c9:e8:8a: 70:d2:4e:d5:0c:a7:83:71:57:cb:f7:7c:ce:d3:04: ed:af:37:c2:26:a2:8a:73:68:5a:ce:bd:32:d6:c0: 89:a3:e1:3a:38:76:d4:ad:1e:e9:8a:77:51:8d:bb: a3:a3:f7:55:49:61:ee:55:da:ad:37:53:4b:1f:8c: 7f:35:7f:7c:5e:08:d8:ad:c3:16:39:18:f6:43:c6: 81:74:f8:92:26:4a:1e:e1:ef:99:a3:06:bf:ee:e7: 13:fb:b7:0f:ad:98:3f:7d:64:b3:16:29:b1:35:09: 12:22:48:83:3a:ef:a1:b5:6f:bc:12:9c:11:77:65: cd:61:e7:ee:71:d4:55:df:34:7a:df:d0:30:e1:1d: 24:25:22:d0:3c:e2:6c:35:bb:a1:49:6a:0a:dc:26: bf:9d:6b:17:53:dd:fd:9e:43:0d:a9:d3:e7:3a:a1: 9c:d8:62:c6:6e:76:8f:2f:3f:a4:3f:40:7f:e6:fc: bd:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:DB:D1:20:88:2C:C3:7E:A3:BF:52:4F:AE:E3:A7:7D:EE:81:E6:5D X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.29.240.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:28:34:db:bc:8e:73:ca:b0:0c:f7:e1:50:42:d9:d7:3d:59: 83:fe:b4:cd:fa:a3:df:70:41:10:83:37:7c:50:63:a5:dc:c0: 11:27:14:de:6e:bb:d4:78:86:79:c5:9d:9b:89:c2:6b:a2:a3: 60:01:c3:40:92:f7:d7:a4:3d:a2:49:ae:0a:b5:c0:f6:c0:a1: 23:95:3d:2d:e8:6c:26:f9:8d:77:5d:3a:7e:5e:0f:5d:83:94: 23:c2:18:12:c8:df:ca:3c:d9:e7:2e:f6:e4:4d:3f:8b:85:a4: cd:d8:71:9f:2e:e5:ad:d9:83:7e:dd:33:12:a1:3f:f3:21:9d: d6:90:1d:84:4a:bc:e0:24:ac:5e:a0:a0:4d:a9:da:d8:8c:72: be:c3:1a:30:98:04:f2:51:97:7a:41:e8:9e:f8:ac:6c:b4:8b: 86:fa:0c:3d:2e:62:4c:e1:bc:cd:64:28:89:f4:3d:13:83:b9: 98:7a:5a:77:d5:b4:3e:2c:9f:3b:1c:56:ab:c6:90:10:b2:35: 3a:f9:61:0e:36:e2:c5:59:41:5d:22:84:d6:37:91:d2:57:73: 69:e8:16:f9:cf:73:76:f3:a2:5f:01:b2:57:e1:11:bf:d3:97: 5b:6e:58:5e:9e:44:86:d1:49:f1:0d:8e:a6:08:3e:ef:7d:6f: 45:6f:41:48 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTA4MjIw ODUyNTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ0REJEMTIwODgyQ0Mz N0VBM0JGNTI0RkFFRTNBNzdERUU4MUU2NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiWsMjPLuq5ntpgLwIhTeKyGwXo8FyrjJ4Ex/+Zm/MNEoFFGh0 mRwJf0A7wb4GoqU038k7PV0k4pUIcfLNbG+q6OG+vD0Y6cnoinDSTtUMp4NxV8v3 fM7TBO2vN8ImoopzaFrOvTLWwImj4To4dtStHumKd1GNu6Oj91VJYe5V2q03U0sf jH81f3xeCNitwxY5GPZDxoF0+JImSh7h75mjBr/u5xP7tw+tmD99ZLMWKbE1CRIi SIM676G1b7wSnBF3Zc1h5+5x1FXfNHrf0DDhHSQlItA84mw1u6FJagrcJr+daxdT 3f2eQw2p0+c6oZzYYsZudo8vP6Q/QH/m/L0FAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU1NvRIIgsw36jv1JPruOnfe6B5l0wHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzFOdlJJSWdzdzM2anYxSlBydU9uZmU2 QjVsMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ KoZIhvcNAQELBQADggEBAFooNNu8jnPKsAz34VBC2dc9WYP+tM36o99wQRCDN3xQ Y6XcwBEnFN5uu9R4hnnFnZuJwmuio2ABw0CS99ekPaJJrgq1wPbAoSOVPS3obCb5 jXddOn5eD12DlCPCGBLI38o82ecu9uRNP4uFpM3YcZ8u5a3Zg37dMxKhP/MhndaQ HYRKvOAkrF6goE2p2tiMcr7DGjCYBPJRl3pB6J74rGy0i4b6DD0uYkzhvM1kKIn0 PRODuZh6WnfVtD4snzscVqvGkBCyNTr5YQ424sVZQV0ihNY3kdJXc2noFvnPc3bz ol8BslfhEb/Tl1tuWF6eRIbRSfENjqYIPu99b0VvQUg= -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:25 2025 by rpki-client