$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HJ7Dy1pX9tTTGU0VBRxbjqPEIRE.roa File: HJ7Dy1pX9tTTGU0VBRxbjqPEIRE.roa (raw, json) Hash identifier: XXPmIKw1bGoaBUclmN3eYLH6JvJtOpERJ4p4Bxe5vrg= Subject key identifier: 1C:9E:C3:CB:5A:57:F6:D4:D3:19:4D:15:05:1C:5B:8E:A3:C4:21:11 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 147A Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HJ7Dy1pX9tTTGU0VBRxbjqPEIRE.roa Signing time: Fri 22 Aug 2025 08:54:29 +0000 ROA not before: Fri 22 Aug 2025 08:54:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24158 IP address blocks: 49.214.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5242 (0x147a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 22 08:54:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=1C9EC3CB5A57F6D4D3194D15051C5B8EA3C42111 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:52:21:af:60:de:c1:8c:bd:d3:e3:29:50:65: cd:93:a6:2f:e1:23:ce:7c:a1:60:d8:9d:c5:4d:77: 9b:82:57:50:28:de:b2:ea:57:72:6d:c4:ab:3e:a0: 0b:a3:38:19:46:01:f4:9c:76:bb:bc:fe:b9:89:58: 62:6c:3d:7a:f1:86:fc:de:21:67:c5:be:e3:28:50: 3d:88:cb:ff:0e:57:49:35:13:22:a3:63:0f:2f:77: e9:cf:9f:c9:d7:33:59:59:54:d8:b9:69:45:78:50: a1:9d:c6:17:03:33:2b:ac:25:39:29:c3:62:fb:fd: d7:29:4e:54:02:f9:86:e4:f0:bc:44:5c:53:fc:09: 79:6e:fd:21:0b:c3:28:c4:8e:5c:0b:34:4e:4f:4f: 58:17:77:38:d7:c1:da:27:fb:71:f3:bb:81:70:3a: 7e:2d:38:b0:a0:85:1d:be:ba:98:fe:ea:04:25:0c: 3e:2b:63:fb:16:a3:0b:bf:85:5b:5b:16:7f:5e:0b: 9c:f3:3f:7a:89:41:d9:55:16:05:de:c0:0a:ad:95: f5:8b:1e:e6:8a:bf:f8:64:20:c8:5b:76:a0:30:95: 83:d9:c4:6d:67:f7:af:ea:f9:fd:ba:02:87:85:a6: ed:5f:a6:85:82:60:d5:32:99:33:97:3c:c1:80:e7: 9d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:9E:C3:CB:5A:57:F6:D4:D3:19:4D:15:05:1C:5B:8E:A3:C4:21:11 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/HJ7Dy1pX9tTTGU0VBRxbjqPEIRE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.214.0.0/15 Signature Algorithm: sha256WithRSAEncryption 65:69:8e:3b:da:d4:86:c3:66:73:99:3a:11:bf:f9:ae:7f:84: 83:29:17:64:b4:a6:8c:cf:49:95:61:83:eb:7c:9f:7f:31:40: fd:9d:e4:06:9a:2c:0d:56:0e:f4:6a:9d:ed:48:b7:5e:be:0a: af:78:41:26:a4:ff:74:fb:f9:e3:18:41:72:0c:db:6e:f1:71: 69:84:68:cc:be:21:d4:7f:e0:f5:f3:3c:65:57:bb:92:e7:ca: 67:db:e1:7f:e0:26:26:a8:23:c9:7d:e7:c4:ee:54:5a:48:1a: 0a:df:ff:d0:28:39:9b:96:bd:6d:77:6c:81:6d:f1:11:da:09: 15:2f:f3:f1:d0:2e:b8:3b:51:74:9b:05:e3:a0:a9:69:48:29: 27:3e:96:9a:9e:46:82:9e:ca:43:89:b8:e3:64:e1:4e:29:8a: a9:f7:c9:d4:56:5b:d7:e5:4e:59:4f:1c:22:6e:24:1c:e5:59: d5:53:15:9d:1e:94:21:2e:1f:88:ed:33:f9:5c:3b:71:e8:f5: 07:50:69:4a:77:6c:83:fa:61:5f:de:8d:d6:34:eb:e4:f5:12: 89:72:7f:f7:12:66:06:8b:9e:63:4c:d0:ae:1c:54:d4:3b:2f: ac:af:16:59:5b:18:ec:44:bb:99:16:98:27:e1:85:6d:98:bc: c9:c4:16:53 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICFHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTA4MjIw ODU0MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDFDOUVDM0NCNUE1N0Y2 RDREMzE5NEQxNTA1MUM1QjhFQTNDNDIxMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAUiGvYN7BjL3T4ylQZc2Tpi/hI858oWDYncVNd5uCV1Ao3rLq V3JtxKs+oAujOBlGAfScdru8/rmJWGJsPXrxhvzeIWfFvuMoUD2Iy/8OV0k1EyKj Yw8vd+nPn8nXM1lZVNi5aUV4UKGdxhcDMyusJTkpw2L7/dcpTlQC+Ybk8LxEXFP8 CXlu/SELwyjEjlwLNE5PT1gXdzjXwdon+3Hzu4FwOn4tOLCghR2+upj+6gQlDD4r Y/sWowu/hVtbFn9eC5zzP3qJQdlVFgXewAqtlfWLHuaKv/hkIMhbdqAwlYPZxG1n 96/q+f26AoeFpu1fpoWCYNUymTOXPMGA552bAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUHJ7Dy1pX9tTTGU0VBRxbjqPEIREwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvSEo3RHkxcFg5dFRUR1Uw VkJSeGJqcVBFSVJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD ATHWMA0GCSqGSIb3DQEBCwUAA4IBAQBlaY472tSGw2ZzmToRv/muf4SDKRdktKaM z0mVYYPrfJ9/MUD9neQGmiwNVg70ap3tSLdevgqveEEmpP90+/njGEFyDNtu8XFp hGjMviHUf+D18zxlV7uS58pn2+F/4CYmqCPJfefE7lRaSBoK3//QKDmblr1td2yB bfER2gkVL/Px0C64O1F0mwXjoKlpSCknPpaankaCnspDibjjZOFOKYqp98nUVlvX 5U5ZTxwibiQc5VnVUxWdHpQhLh+I7TP5XDtx6PUHUGlKd2yD+mFf3o3WNOvk9RKJ cn/3EmYGi55jTNCuHFTUOy+srxZZWxjsRLuZFpgn4YVtmLzJxBZT -----END CERTIFICATE-----Generated at Sun Aug 24 06:49:21 2025 by rpki-client