$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/HRMAxRXK5pKcPb7PHO24g9nrhrg.roa File: HRMAxRXK5pKcPb7PHO24g9nrhrg.roa (raw, json) Hash identifier: V+4ZHFaGAWIdxHvkzBaLqJ1SvTIiYhyUkTdY7kPLyBw= Subject key identifier: 1D:13:00:C5:15:CA:E6:92:9C:3D:BE:CF:1C:ED:B8:83:D9:EB:86:B8 Certificate issuer: /CN=830BC4410162A58D0DB17E0A351551FBB3D751A1 Certificate serial: 0DA7 Authority key identifier: 83:0B:C4:41:01:62:A5:8D:0D:B1:7E:0A:35:15:51:FB:B3:D7:51:A1 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gwvEQQFipY0NsX4KNRVR-7PXUaE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/HRMAxRXK5pKcPb7PHO24g9nrhrg.roa Signing time: Fri 22 Aug 2025 08:56:46 +0000 ROA not before: Fri 22 Aug 2025 08:56:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131619 IP address blocks: 103.116.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/gwvEQQFipY0NsX4KNRVR-7PXUaE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/gwvEQQFipY0NsX4KNRVR-7PXUaE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/gwvEQQFipY0NsX4KNRVR-7PXUaE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3495 (0xda7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=830BC4410162A58D0DB17E0A351551FBB3D751A1 Validity Not Before: Aug 22 08:56:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=1D1300C515CAE6929C3DBECF1CEDB883D9EB86B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f5:ce:a4:f3:c3:35:76:d0:d6:de:57:eb:66: 89:32:d3:99:b7:99:1a:d8:e7:cf:10:cd:d4:e4:2a: 51:4c:e9:12:bc:e4:77:27:ef:82:db:1c:5f:a6:fe: 7a:3c:c4:6c:f6:54:fb:1f:23:c4:c2:56:05:34:dd: bf:5f:99:61:07:bb:3d:e7:18:1c:bc:53:89:bf:a9: 9f:30:d6:46:cd:a4:dd:43:4d:14:0a:d3:6d:2d:a2: d1:03:79:df:99:f4:a3:03:1d:fc:ee:87:6d:ef:a0: cd:fc:fb:2f:ea:c1:ff:a7:89:33:6d:96:9a:fb:1f: 79:3e:80:f2:d4:92:79:a2:32:e4:b9:99:e6:ff:78: 25:2b:e8:e8:17:84:d2:59:80:db:1e:f7:4b:2a:2f: 64:e7:1d:61:d9:c9:81:7e:aa:b3:e1:7a:e3:fb:ee: e9:0a:5a:c3:a3:59:41:3f:9f:3c:64:73:97:58:fb: fc:7b:a4:eb:47:97:2a:dd:8e:44:d9:6d:f6:e1:d7: 18:66:5f:32:bf:49:2a:0c:48:8e:d2:44:10:ea:29: 31:55:82:28:fc:68:8e:b7:57:ac:f9:e0:20:0a:30: 62:b7:f8:95:6d:b9:c4:82:d3:41:1b:a7:b3:45:ef: 69:16:46:0e:96:d6:0d:90:e0:b7:85:75:88:e3:be: e4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:13:00:C5:15:CA:E6:92:9C:3D:BE:CF:1C:ED:B8:83:D9:EB:86:B8 X509v3 Authority Key Identifier: keyid:83:0B:C4:41:01:62:A5:8D:0D:B1:7E:0A:35:15:51:FB:B3:D7:51:A1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/gwvEQQFipY0NsX4KNRVR-7PXUaE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gwvEQQFipY0NsX4KNRVR-7PXUaE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JIGENTEC/HRMAxRXK5pKcPb7PHO24g9nrhrg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.96.0/24 Signature Algorithm: sha256WithRSAEncryption 29:73:87:d5:ba:e1:f7:01:54:2f:2b:2f:59:9e:bf:54:63:bb: 50:20:88:39:ea:18:0b:d7:a9:6b:2a:0c:3a:c0:1f:4e:26:dc: 45:5c:9e:58:31:82:fe:74:22:18:55:68:ac:e4:89:8e:7a:62: 40:fe:4f:1e:4a:b6:ce:51:98:e5:e7:c9:47:0b:7b:a8:1e:e1: 13:46:f5:c7:a3:5d:b1:68:e1:34:62:2b:36:5c:17:a9:5f:0a: e3:af:70:c3:bd:46:2b:ef:8b:26:20:0e:d1:09:ac:06:ca:96: 08:2d:8d:c2:c1:85:8e:a7:2f:f4:58:0c:a3:4a:81:06:87:a1: 12:70:df:6f:c9:82:46:44:74:ab:b4:45:31:b8:22:aa:2b:c9: ad:2f:73:ab:27:d7:2b:82:d6:ca:13:12:a3:de:bf:35:2b:f9: ec:93:fe:22:fa:68:af:12:99:34:23:3f:08:e8:00:d5:e9:75: 57:66:97:32:c0:24:ea:c7:6b:d3:5b:2c:d5:30:e4:1d:63:c0: 40:b7:62:5a:3a:4f:45:d2:76:15:8a:d4:c9:c5:3e:6b:f4:ba: d7:80:7d:e6:2c:23:c9:5d:6f:87:39:c3:b4:ea:e3:be:10:4d: 6b:b4:fe:a0:07:ce:4f:34:32:bc:d2:5f:94:d7:4b:6e:81:4a: 5b:84:6f:1b -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICDacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMw QkM0NDEwMTYyQTU4RDBEQjE3RTBBMzUxNTUxRkJCM0Q3NTFBMTAeFw0yNTA4MjIw ODU2NDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDFEMTMwMEM1MTVDQUU2 OTI5QzNEQkVDRjFDRURCODgzRDlFQjg2QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO9c6k88M1dtDW3lfrZoky05m3mRrY588QzdTkKlFM6RK85Hcn 74LbHF+m/no8xGz2VPsfI8TCVgU03b9fmWEHuz3nGBy8U4m/qZ8w1kbNpN1DTRQK 020totEDed+Z9KMDHfzuh23voM38+y/qwf+niTNtlpr7H3k+gPLUknmiMuS5meb/ eCUr6OgXhNJZgNse90sqL2TnHWHZyYF+qrPheuP77ukKWsOjWUE/nzxkc5dY+/x7 pOtHlyrdjkTZbfbh1xhmXzK/SSoMSI7SRBDqKTFVgij8aI63V6z54CAKMGK3+JVt ucSC00Ebp7NF72kWRg6W1g2Q4LeFdYjjvuSjAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUHRMAxRXK5pKcPb7PHO24g9nrhrgwHwYDVR0jBBgwFoAUgwvEQQFipY0NsX4K NRVR+7PXUaEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSklHRU5U RUMvZ3d2RVFRRmlwWTBOc1g0S05SVlItN1BYVWFFLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9nd3ZFUVFGaXBZME5zWDRLTlJWUi03UFhVYUUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9KSUdFTlRFQy9IUk1BeFJYSzVwS2NQ YjdQSE8yNGc5bnJocmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ3RgMA0GCSqGSIb3DQEBCwUAA4IBAQApc4fVuuH3AVQvKy9Znr9UY7tQIIg5 6hgL16lrKgw6wB9OJtxFXJ5YMYL+dCIYVWis5ImOemJA/k8eSrbOUZjl58lHC3uo HuETRvXHo12xaOE0Yis2XBepXwrjr3DDvUYr74smIA7RCawGypYILY3CwYWOpy/0 WAyjSoEGh6EScN9vyYJGRHSrtEUxuCKqK8mtL3OrJ9crgtbKExKj3r81K/nsk/4i +mivEpk0Iz8I6ADV6XVXZpcywCTqx2vTWyzVMOQdY8BAt2JaOk9F0nYVitTJxT5r 9LrXgH3mLCPJXW+HOcO06uO+EE1rtP6gB85PNDK80l+U10tugUpbhG8b -----END CERTIFICATE-----Generated at Sun Aug 24 13:40:20 2025 by rpki-client