$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/CSDhfN3elWuvGTnpzlfEET_i2IE.roa File: CSDhfN3elWuvGTnpzlfEET_i2IE.roa (raw, json) Hash identifier: E1ihbf0mJoV1j+MIafp2oBr6TvEJazeGQmTavcGIBuA= Subject key identifier: 09:20:E1:7C:DD:DE:95:6B:AF:19:39:E9:CE:57:C4:11:3F:E2:D8:81 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 1488 Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/CSDhfN3elWuvGTnpzlfEET_i2IE.roa Signing time: Fri 22 Aug 2025 08:54:32 +0000 ROA not before: Fri 22 Aug 2025 08:54:32 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131634 IP address blocks: 124.108.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5256 (0x1488) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 22 08:54:32 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0920E17CDDDE956BAF1939E9CE57C4113FE2D881 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:3d:d0:97:31:9e:f9:48:5f:85:25:15:f0:db: 0c:ff:53:bf:5f:da:b8:9f:f5:24:67:e4:6a:bd:b4: 9a:46:50:d7:56:c8:47:3a:41:a3:38:6d:95:0d:c2: e4:1a:3f:16:01:f0:60:e6:3f:b3:6f:fb:48:ed:87: d1:02:eb:46:12:1a:5c:2a:75:7b:db:ea:42:9d:7b: 49:09:02:87:16:27:57:aa:e9:9f:2b:17:e9:69:5d: f9:b1:91:8c:24:62:00:a8:ee:5f:f9:1f:bb:6a:66: 4a:ba:c3:ea:5a:c9:71:cf:29:df:f1:35:56:7d:a2: 23:69:f8:f8:42:83:9d:3b:69:90:50:24:47:0f:70: 91:f9:54:b4:4c:fd:e6:6a:85:3e:6e:d5:bb:7f:69: 52:73:37:ba:d6:8a:7d:b7:80:5e:c2:a6:1c:82:68: 12:96:95:24:f6:77:21:6a:65:56:46:9b:57:21:bd: e1:28:44:ff:dd:c8:fb:4b:2f:bd:2e:d9:76:30:e0: 9c:9d:92:f5:e6:40:a6:43:21:90:d8:9d:27:e5:a7: ce:35:2f:a9:b9:54:91:8c:0f:d4:41:fc:27:c6:23: e3:60:19:7a:e1:8b:0b:ae:c6:3e:75:7d:68:cc:6e: 0e:46:ed:a0:ce:05:1d:23:f8:4b:9e:6b:ab:31:d3: bd:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:20:E1:7C:DD:DE:95:6B:AF:19:39:E9:CE:57:C4:11:3F:E2:D8:81 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/CSDhfN3elWuvGTnpzlfEET_i2IE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.108.174.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:e0:6f:b3:17:de:35:34:96:46:66:c4:a5:41:43:c5:68:01: b1:84:8c:8f:e4:a1:fa:fc:90:70:bd:55:46:98:5b:c0:4b:6f: 7c:76:d6:a4:19:5f:03:a8:7b:39:fc:fb:b3:f9:f5:e1:69:65: 75:61:1c:8d:c7:f7:33:61:5f:1d:58:1d:f6:b7:a1:3b:a8:0b: 68:1e:fe:64:b9:cf:d8:b0:8b:a2:12:b7:26:ab:cb:23:2b:05: cf:ab:5e:d2:67:49:03:56:6f:21:9a:86:9a:86:16:06:fe:89: 77:c6:ee:67:0f:e6:a6:6f:9b:bc:42:83:37:3d:70:1a:04:0d: cf:d3:f3:b0:6a:e4:16:75:22:cc:7c:18:3a:84:95:ce:5e:6e: d1:e8:18:05:20:97:aa:3f:cd:a4:3e:97:a9:d6:ee:93:9b:a6: ec:0a:cf:a2:04:21:51:7e:c8:c8:19:98:6f:f7:c4:b3:8c:d3: 41:25:ba:88:bf:a9:9f:d8:f5:b6:92:10:e6:ec:42:a8:94:b2: fc:e7:cd:fc:33:21:8b:6a:21:0b:8f:cc:07:1c:4c:30:8d:26: dc:dd:69:82:16:37:da:58:52:99:28:55:3e:96:f0:e8:c3:66: af:fc:9b:67:06:cb:6c:0e:cc:9f:5f:28:72:51:21:6b:f7:55: 4a:56:b3:44 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICFIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTA4MjIw ODU0MzJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA5MjBFMTdDRERERTk1 NkJBRjE5MzlFOUNFNTdDNDExM0ZFMkQ4ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqPdCXMZ75SF+FJRXw2wz/U79f2rif9SRn5Gq9tJpGUNdWyEc6 QaM4bZUNwuQaPxYB8GDmP7Nv+0jth9EC60YSGlwqdXvb6kKde0kJAocWJ1eq6Z8r F+lpXfmxkYwkYgCo7l/5H7tqZkq6w+payXHPKd/xNVZ9oiNp+PhCg507aZBQJEcP cJH5VLRM/eZqhT5u1bt/aVJzN7rWin23gF7CphyCaBKWlST2dyFqZVZGm1chveEo RP/dyPtLL70u2XYw4JydkvXmQKZDIZDYnSflp841L6m5VJGMD9RB/CfGI+NgGXrh iwuuxj51fWjMbg5G7aDOBR0j+Euea6sx070/AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUCSDhfN3elWuvGTnpzlfEET/i2IEwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvQ1NEaGZOM2VsV3V2R1Ru cHpsZkVFVF9pMklFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AHxsrjANBgkqhkiG9w0BAQsFAAOCAQEADOBvsxfeNTSWRmbEpUFDxWgBsYSMj+Sh +vyQcL1VRphbwEtvfHbWpBlfA6h7Ofz7s/n14WlldWEcjcf3M2FfHVgd9rehO6gL aB7+ZLnP2LCLohK3JqvLIysFz6te0mdJA1ZvIZqGmoYWBv6Jd8buZw/mpm+bvEKD Nz1wGgQNz9PzsGrkFnUizHwYOoSVzl5u0egYBSCXqj/NpD6Xqdbuk5um7ArPogQh UX7IyBmYb/fEs4zTQSW6iL+pn9j1tpIQ5uxCqJSy/OfN/DMhi2ohC4/MBxxMMI0m 3N1pghY32lhSmShVPpbw6MNmr/ybZwbLbA7Mn18oclEha/dVSlazRA== -----END CERTIFICATE-----Generated at Sun Aug 24 06:46:43 2025 by rpki-client