$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/HiE-9ThQjRXK6DzFG_dSzKow22c.roa File: HiE-9ThQjRXK6DzFG_dSzKow22c.roa (raw, json) Hash identifier: NioTyB4ltZ4DWlndYuTAvBd+fLU2JoBa1jNn4vs8/Fw= Subject key identifier: 1E:21:3E:F5:38:50:8D:15:CA:E8:3C:C5:1B:F7:52:CC:AA:30:DB:67 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F07 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HiE-9ThQjRXK6DzFG_dSzKow22c.roa Signing time: Fri 22 Aug 2025 09:03:44 +0000 ROA not before: Fri 22 Aug 2025 09:03:44 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9918 IP address blocks: 61.61.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3847 (0xf07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:44 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=1E213EF538508D15CAE83CC51BF752CCAA30DB67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:cf:57:cd:df:04:12:40:da:d6:f7:21:64:fb: 0f:d0:c4:0d:fa:56:4f:9b:d4:2f:c1:08:bd:79:14: ca:23:69:df:8c:d5:1d:03:a9:c0:41:51:74:fd:7e: a6:b4:f3:a3:8a:70:b7:73:8e:f3:ab:4c:29:a0:98: 4d:e3:72:72:59:59:18:5b:09:0d:ca:b5:f8:0d:0e: cb:4e:e2:33:21:61:79:28:eb:a9:70:22:8b:a5:7e: cc:f1:60:51:01:fe:8d:84:34:05:33:ee:5b:17:8b: 9d:22:09:b5:23:3b:4a:d1:6e:0c:33:83:80:70:ed: 0b:50:b4:db:df:a3:1e:bd:9a:4f:a4:64:f4:48:ca: b6:4d:ee:3c:00:2f:35:c1:a1:51:35:68:68:68:c9: 80:32:af:fa:74:24:9a:41:4c:3c:d7:0f:2a:0b:25: ab:0f:99:46:11:17:1a:f1:14:c9:e9:f5:2c:ce:9d: 00:a9:b7:a7:39:a0:9a:cc:5b:a1:92:0a:92:94:a8: 94:aa:34:92:00:8f:57:89:e5:bf:cc:2c:43:99:24: 2f:61:39:61:3e:bb:b0:3c:9d:85:63:e3:57:f8:9b: 7d:c1:c2:b1:50:8f:2b:eb:95:be:dd:f7:54:99:a8: 14:9f:55:97:bd:69:f0:90:c8:04:2f:f2:fa:2f:dd: 39:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:21:3E:F5:38:50:8D:15:CA:E8:3C:C5:1B:F7:52:CC:AA:30:DB:67 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/HiE-9ThQjRXK6DzFG_dSzKow22c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.0.0/17 Signature Algorithm: sha256WithRSAEncryption 9c:ef:9e:13:bc:60:61:a3:09:60:1f:6d:3d:72:9e:9e:bc:2b: 6e:49:e1:8e:88:9c:26:65:0a:64:8c:ad:05:47:e8:80:65:e2: fa:25:a0:fe:a6:57:ce:99:c3:30:d3:1f:da:64:1b:05:84:8c: 5f:b5:48:c9:e7:e7:03:77:bf:ea:f9:ed:1c:00:6f:87:88:6c: 72:95:92:9d:60:f9:4d:03:6f:8e:ab:7d:36:1c:05:41:09:a8: 90:ce:12:d9:dd:ba:65:71:10:bc:b3:30:a6:14:a7:6c:e4:34: 1b:34:23:5f:98:5f:42:d0:94:dc:68:bf:14:9c:8a:e6:40:15: b3:c4:14:12:a7:fe:44:f2:8a:f9:4b:11:b1:7d:72:51:3a:9d: 08:1c:9d:6e:e1:88:d3:c0:d3:87:60:3a:84:0e:20:1b:13:34: 57:d9:68:87:73:74:cc:0f:a8:c1:8d:c4:95:a5:7f:c4:3d:4c: 8d:4e:e5:e4:3f:af:1b:f7:b7:85:d6:cc:9d:72:65:f3:77:db: 60:d1:85:de:c4:18:6b:23:97:4d:bb:fb:5d:71:23:57:d8:e9: e4:f5:e4:67:c1:f3:2d:c7:4a:52:76:30:de:47:f7:84:e0:49: a1:c7:fc:dc:1d:2c:05:37:22:56:d0:16:36:2a:33:7d:b9:98: 3d:67:00:93 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDwcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDFFMjEzRUY1Mzg1MDhE MTVDQUU4M0NDNTFCRjc1MkNDQUEzMERCNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBz1fN3wQSQNrW9yFk+w/QxA36Vk+b1C/BCL15FMojad+M1R0D qcBBUXT9fqa086OKcLdzjvOrTCmgmE3jcnJZWRhbCQ3KtfgNDstO4jMhYXko66lw IoulfszxYFEB/o2ENAUz7lsXi50iCbUjO0rRbgwzg4Bw7QtQtNvfox69mk+kZPRI yrZN7jwALzXBoVE1aGhoyYAyr/p0JJpBTDzXDyoLJasPmUYRFxrxFMnp9SzOnQCp t6c5oJrMW6GSCpKUqJSqNJIAj1eJ5b/MLEOZJC9hOWE+u7A8nYVj41f4m33BwrFQ jyvrlb7d91SZqBSfVZe9afCQyAQv8vov3TnLAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUHiE+9ThQjRXK6DzFG/dSzKow22cwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0hpRS05VGhRalJYSzZEekZHX2RTektv dzIyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9PQAwDQYJ KoZIhvcNAQELBQADggEBAJzvnhO8YGGjCWAfbT1ynp68K25J4Y6InCZlCmSMrQVH 6IBl4voloP6mV86ZwzDTH9pkGwWEjF+1SMnn5wN3v+r57RwAb4eIbHKVkp1g+U0D b46rfTYcBUEJqJDOEtndumVxELyzMKYUp2zkNBs0I1+YX0LQlNxovxSciuZAFbPE FBKn/kTyivlLEbF9clE6nQgcnW7hiNPA04dgOoQOIBsTNFfZaIdzdMwPqMGNxJWl f8Q9TI1O5eQ/rxv3t4XWzJ1yZfN322DRhd7EGGsjl027+11xI1fY6eT15GfB8y3H SlJ2MN5H94TgSaHH/NwdLAU3IlbQFjYqM325mD1nAJM= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:16 2025 by rpki-client