$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/EXWh1KrQWoGlq2NStWA8kZU1F6w.roa File: EXWh1KrQWoGlq2NStWA8kZU1F6w.roa (raw, json) Hash identifier: wzXSGZJzNqvTH7OvfV1em+/WljYC6I6gwBONflJgevk= Subject key identifier: 11:75:A1:D4:AA:D0:5A:81:A5:AB:63:52:B5:60:3C:91:95:35:17:AC Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 14A6 Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/EXWh1KrQWoGlq2NStWA8kZU1F6w.roa Signing time: Fri 22 Aug 2025 08:54:39 +0000 ROA not before: Fri 22 Aug 2025 08:54:39 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9924 IP address blocks: 2001:4540::/27 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5286 (0x14a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 22 08:54:39 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=1175A1D4AAD05A81A5AB6352B5603C91953517AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:f0:ab:6e:33:4c:51:72:83:66:fa:c7:cf:70: a6:c9:c6:07:c2:3a:15:74:5f:ab:49:62:31:fa:a3: 08:f9:db:5f:ec:ad:e2:38:2a:e0:60:55:a3:22:6f: ec:1e:8d:f5:2d:4c:22:c2:78:f3:0a:18:04:e5:9e: c5:53:9f:53:73:39:65:c8:4d:93:a4:8d:cd:82:34: cc:56:23:6d:2a:28:72:9a:ac:5b:51:31:f4:94:c9: d0:fe:54:c2:c8:5c:2f:72:4f:89:fb:f8:cb:10:61: 88:47:ed:10:57:ef:4b:01:83:54:cf:27:f4:eb:9a: 68:71:30:9f:71:aa:aa:74:bb:cb:aa:32:3a:b9:82: 07:ad:c4:47:ff:a3:1b:4b:ca:ed:aa:b9:3d:20:6d: 39:67:01:14:fa:b3:63:58:06:ad:84:e1:bf:7f:d6: d5:8a:38:99:39:00:01:b9:17:54:e8:5e:b1:71:5d: 9a:d1:43:eb:25:0a:f4:a8:b0:71:79:a5:a2:ac:75: 0d:53:fe:53:04:c0:8a:db:cc:f1:5a:10:bc:f3:66: 07:f5:ce:e7:ee:20:48:31:2a:64:bc:d6:e2:a5:11: 8f:e8:e0:ae:cb:f6:74:4f:e3:ba:77:fe:73:91:78: a1:fc:c2:e2:6b:f3:2c:7d:3c:6a:87:e9:ca:2d:3b: 53:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:75:A1:D4:AA:D0:5A:81:A5:AB:63:52:B5:60:3C:91:95:35:17:AC X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/EXWh1KrQWoGlq2NStWA8kZU1F6w.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:4540::/27 Signature Algorithm: sha256WithRSAEncryption 33:ea:d6:f2:90:a5:a2:4c:78:89:9a:df:67:e2:09:ea:60:9c: 84:51:0a:bf:af:af:d3:dd:a4:58:d9:0c:00:cb:d6:b5:d0:9e: c6:97:87:5a:bb:ca:1f:22:c3:2d:dc:fc:62:1c:d1:9e:93:5b: dd:81:33:a7:bc:79:9a:51:93:89:42:58:2c:b5:77:25:0d:21: 81:c1:2e:77:6f:45:5b:2c:c0:73:78:a6:3c:55:0e:a7:6f:60: 18:8e:28:d6:a4:ea:f4:e8:b2:dd:3d:82:a9:2a:bb:8d:4a:a8: 14:e1:91:d9:29:86:48:3c:ae:8e:a1:f8:29:ac:7d:0d:31:75: d2:83:99:61:67:31:65:b2:0f:f6:eb:bd:06:82:95:71:bb:d4: 29:fb:9e:6f:01:d2:45:0e:63:75:7e:b7:ab:36:47:2b:6e:d0: bc:b1:fe:9f:e7:5e:85:0f:fb:c2:1f:f8:03:96:04:04:10:7a: 2c:de:fa:46:6a:be:bb:4c:57:6c:58:4d:d2:c1:d6:a2:46:45: 6c:9e:b1:d2:90:a1:ac:ab:52:7a:d0:bb:c1:c6:3f:73:92:a2: 1c:d1:96:9b:f1:8c:3a:50:db:94:07:df:62:1a:32:c1:37:cf: ce:8c:62:08:b6:31:ee:71:98:3f:cc:57:b8:ad:bc:ed:01:38: be:df:2c:3a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTA4MjIw ODU0MzlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDExNzVBMUQ0QUFEMDVB ODFBNUFCNjM1MkI1NjAzQzkxOTUzNTE3QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDN8KtuM0xRcoNm+sfPcKbJxgfCOhV0X6tJYjH6owj521/sreI4 KuBgVaMib+wejfUtTCLCePMKGATlnsVTn1NzOWXITZOkjc2CNMxWI20qKHKarFtR MfSUydD+VMLIXC9yT4n7+MsQYYhH7RBX70sBg1TPJ/TrmmhxMJ9xqqp0u8uqMjq5 ggetxEf/oxtLyu2quT0gbTlnART6s2NYBq2E4b9/1tWKOJk5AAG5F1ToXrFxXZrR Q+slCvSosHF5paKsdQ1T/lMEwIrbzPFaELzzZgf1zufuIEgxKmS81uKlEY/o4K7L 9nRP47p3/nOReKH8wuJr8yx9PGqH6cotO1N9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEXWh1KrQWoGlq2NStWA8kZU1F6wwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvRVhXaDFLclFXb0dscTJO U3RXQThrWlUxRjZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF BSABRUAwDQYJKoZIhvcNAQELBQADggEBADPq1vKQpaJMeIma32fiCepgnIRRCr+v r9PdpFjZDADL1rXQnsaXh1q7yh8iwy3c/GIc0Z6TW92BM6e8eZpRk4lCWCy1dyUN IYHBLndvRVsswHN4pjxVDqdvYBiOKNak6vTost09gqkqu41KqBThkdkphkg8ro6h +CmsfQ0xddKDmWFnMWWyD/brvQaClXG71Cn7nm8B0kUOY3V+t6s2Rytu0Lyx/p/n XoUP+8If+AOWBAQQeize+kZqvrtMV2xYTdLB1qJGRWyesdKQoayrUnrQu8HGP3OS ohzRlpvxjDpQ25QH32IaMsE3z86MYgi2Me5xmD/MV7itvO0BOL7fLDo= -----END CERTIFICATE-----Generated at Sun Aug 24 06:50:34 2025 by rpki-client