$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa File: hlH_VnIkbulFHeU6sP-wZgm4aZo.roa (raw, json) Hash identifier: aaeLthtZSFiyQgS6Kgy79ZiFYzKP92ooKUpjVPN8dnk= Subject key identifier: 86:51:FF:56:72:24:6E:E9:45:1D:E5:3A:B0:FF:B0:66:09:B8:69:9A Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Certificate serial: 0DA1 Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa Signing time: Fri 22 Aug 2025 08:54:25 +0000 ROA not before: Fri 22 Aug 2025 08:54:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7539 IP address blocks: 211.73.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3489 (0xda1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Validity Not Before: Aug 22 08:54:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8651FF5672246EE9451DE53AB0FFB06609B8699A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:a5:66:74:18:ef:2c:51:50:b1:8c:9f:52:70: 9b:fa:a4:86:24:93:37:f1:b5:8f:fc:5f:1b:67:bd: 26:e5:81:33:f8:02:10:5d:72:3c:7a:a2:e5:81:1d: 5c:ec:f2:84:22:b5:a8:a7:29:e5:a7:f4:da:27:f6: 92:43:a2:d2:39:9a:c4:4f:d2:91:ed:4a:e6:73:19: d1:53:c7:f3:24:0f:a7:7b:15:e3:a8:6b:a3:93:4c: e7:93:d2:1c:7d:ba:10:fa:f8:c8:e3:6b:da:bb:11: 0b:48:42:25:5a:a7:35:a3:fc:78:07:bd:3b:8c:e8: 34:26:1b:76:05:ed:2e:24:bb:cb:ba:26:08:4d:34: 90:a3:52:f0:9a:6f:fb:14:55:18:5c:3c:14:e6:4c: 95:e9:06:be:96:4d:96:a1:e3:49:32:98:f6:1b:b9: e3:22:ef:eb:77:84:99:b3:4b:98:c7:9f:79:81:42: 2a:f2:05:03:2d:42:6a:53:2b:19:90:9e:f1:60:9c: f3:6f:70:ae:14:53:b8:14:c5:6c:bd:42:36:63:ce: 54:cc:bc:b1:56:27:d8:11:8c:8a:5a:f5:36:c9:75: 8a:ef:cf:d4:ce:eb:fe:48:09:ef:0b:dd:8a:45:e6: 77:cd:f9:4d:85:46:66:28:2f:32:f0:a1:17:f2:d3: 3e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:51:FF:56:72:24:6E:E9:45:1D:E5:3A:B0:FF:B0:66:09:B8:69:9A X509v3 Authority Key Identifier: keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.73.64.0/19 Signature Algorithm: sha256WithRSAEncryption 88:34:fe:35:14:e7:e2:b1:e1:13:e7:c8:7e:c3:8b:6a:84:35: 37:84:5e:12:85:a2:44:9c:8d:48:b3:ce:86:47:ed:3a:78:1d: 22:58:5f:25:b6:d4:e5:a0:02:20:1d:6f:91:c6:e5:f2:6e:4d: 5f:f8:a2:35:1e:99:85:74:40:8d:4f:c4:61:b6:41:55:50:cc: d6:6b:f7:c2:b5:ae:5c:7c:76:a2:f6:35:f2:07:d6:87:59:0d: 95:b8:2b:1b:1c:aa:4c:db:95:cf:87:bd:b6:a0:ae:0b:f2:8e: 9a:82:4e:05:04:c7:d8:9d:bb:e9:1f:f7:ad:34:84:32:37:bd: 55:b9:12:39:e6:bf:7e:64:7a:57:f9:8f:a2:2e:90:ce:be:31: 16:ce:e5:5d:87:3c:2e:aa:03:83:a7:9f:ea:f1:99:53:9f:3d: ed:ab:a3:6e:8d:7f:be:a6:e3:65:52:bd:1a:5e:da:ac:f5:6d: a6:bb:4c:4a:a6:f0:1f:d9:38:33:54:14:0c:e3:52:25:a4:78: 95:1b:70:90:db:f5:b2:5d:ea:2a:94:e8:ac:39:0a:80:82:20: d5:a8:d2:f9:aa:39:83:a8:9d:f2:f5:c7:a2:bc:2d:18:49:04: 46:42:3c:f3:1a:03:71:02:6d:14:f4:19:9d:f2:35:2e:59:84: 86:f8:76:dc -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNTA4MjIw ODU0MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg2NTFGRjU2NzIyNDZF RTk0NTFERTUzQUIwRkZCMDY2MDlCODY5OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqpWZ0GO8sUVCxjJ9ScJv6pIYkkzfxtY/8XxtnvSblgTP4AhBd cjx6ouWBHVzs8oQitainKeWn9Non9pJDotI5msRP0pHtSuZzGdFTx/MkD6d7FeOo a6OTTOeT0hx9uhD6+Mjja9q7EQtIQiVapzWj/HgHvTuM6DQmG3YF7S4ku8u6JghN NJCjUvCab/sUVRhcPBTmTJXpBr6WTZah40kymPYbueMi7+t3hJmzS5jHn3mBQiry BQMtQmpTKxmQnvFgnPNvcK4UU7gUxWy9QjZjzlTMvLFWJ9gRjIpa9TbJdYrvz9TO 6/5ICe8L3YpF5nfN+U2FRmYoLzLwoRfy0z6pAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUhlH/VnIkbulFHeU6sP+wZgm4aZowHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1 fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83 VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvaGxIX1ZuSWtidWxGSGVVNnNQLXda Z200YVpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdNJQDAN BgkqhkiG9w0BAQsFAAOCAQEAiDT+NRTn4rHhE+fIfsOLaoQ1N4ReEoWiRJyNSLPO hkftOngdIlhfJbbU5aACIB1vkcbl8m5NX/iiNR6ZhXRAjU/EYbZBVVDM1mv3wrWu XHx2ovY18gfWh1kNlbgrGxyqTNuVz4e9tqCuC/KOmoJOBQTH2J276R/3rTSEMje9 VbkSOea/fmR6V/mPoi6Qzr4xFs7lXYc8LqoDg6ef6vGZU5897aujbo1/vqbjZVK9 Gl7arPVtprtMSqbwH9k4M1QUDONSJaR4lRtwkNv1sl3qKpTorDkKgIIg1ajS+ao5 g6id8vXHorwtGEkERkI88xoDcQJtFPQZnfI1LlmEhvh23A== -----END CERTIFICATE-----Generated at Sun Aug 24 13:40:22 2025 by rpki-client