$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Of5r-mRmHs9gLDMdr-wYY_387Dk.roa File: Of5r-mRmHs9gLDMdr-wYY_387Dk.roa (raw, json) Hash identifier: GCTR0Es2u04ESl8XLt/5m84n/NGlLKcj5WV+57ipFb8= Subject key identifier: 39:FE:6B:FA:64:66:1E:CF:60:2C:33:1D:AF:EC:18:63:FD:FC:EC:39 Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 14BA Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Of5r-mRmHs9gLDMdr-wYY_387Dk.roa Signing time: Fri 22 Aug 2025 08:54:44 +0000 ROA not before: Fri 22 Aug 2025 08:54:44 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9924 IP address blocks: 60.198.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5306 (0x14ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 22 08:54:44 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=39FE6BFA64661ECF602C331DAFEC1863FDFCEC39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:1b:d0:97:c6:c7:67:f4:2f:67:8c:24:a7:49: 89:8a:dc:8c:90:76:73:81:c5:39:52:49:0b:f3:16: 63:69:52:2b:c3:cd:87:29:7f:ef:e9:9a:5a:f6:65: f9:b1:06:bd:af:6d:59:c8:d8:8b:89:36:96:4d:ab: 0b:42:61:7b:f8:3c:9b:51:f9:93:ee:c6:6d:21:09: 70:b0:00:7b:03:93:e6:80:ae:b1:ff:27:c3:c0:f2: 86:54:31:9f:e9:72:b0:a9:93:b3:e0:08:d8:c0:40: 3d:03:6f:77:b0:f8:3f:50:10:d9:91:5c:38:90:27: c4:cc:6f:bd:46:04:1a:7d:b5:6a:a6:2f:08:61:8c: 23:77:1b:4d:79:35:4b:92:38:87:39:51:00:c6:bb: 7a:96:42:b1:a6:97:c2:a8:d7:f5:11:03:2a:e2:02: 06:89:a9:0c:49:53:e6:2b:6f:b4:68:f6:a9:43:6b: bb:f7:c4:d3:ca:f9:cc:1d:43:e1:56:55:35:70:cb: 78:5b:fa:b0:b3:09:1c:a2:c1:88:fb:ce:2b:9a:05: d2:d5:23:b6:c2:19:ce:81:da:b0:d7:dc:da:3d:35: cf:9a:47:87:6d:33:74:5d:4c:71:b4:06:07:4f:4b: 95:74:3f:54:3d:fe:3e:8f:1a:e8:b0:cb:86:b6:1f: 3b:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:FE:6B:FA:64:66:1E:CF:60:2C:33:1D:AF:EC:18:63:FD:FC:EC:39 X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/Of5r-mRmHs9gLDMdr-wYY_387Dk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.198.0.0/16 Signature Algorithm: sha256WithRSAEncryption 55:a3:93:d8:e1:09:1c:72:e0:f7:7b:c9:28:08:01:f3:87:d6: 1d:bf:b4:08:79:7a:76:a4:0e:94:e8:66:b4:e2:d3:bc:64:d4: 10:17:59:cd:c9:f9:ca:1e:ff:92:df:72:38:a1:71:91:20:5f: 12:36:b1:90:35:90:3d:1a:27:be:b0:be:c8:7c:92:cf:8a:1f: 9f:b2:6b:5c:19:f0:5a:88:cd:6b:44:1c:b5:5d:9b:9b:8c:24: 0b:35:78:84:22:2a:23:52:75:5c:76:79:96:8f:cb:3e:97:9d: 97:00:68:5f:28:7f:96:94:cc:77:50:66:00:ee:0f:66:44:c9: 2a:53:11:cb:95:30:42:05:71:ab:a4:fa:86:f5:31:55:ee:36: f3:61:a9:d6:55:3e:43:dd:32:56:2e:ee:34:ec:da:e2:fd:3b: 7b:89:6f:af:58:75:0b:5b:43:47:24:f0:0f:90:0e:0b:8a:8f: 62:5b:68:f0:b9:63:38:1a:3f:bc:ae:34:63:e3:11:49:da:d7: fb:89:ab:88:41:74:17:89:d9:1a:e5:a0:e4:ff:95:37:2f:bd: 04:c2:ea:2a:b9:47:e6:ca:45:39:93:83:6e:99:1c:06:f3:2e: 9b:7e:16:0f:cf:af:fa:44:94:b0:8a:37:57:90:fc:74:70:d9: 9f:4b:5b:e2 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICFLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTA4MjIw ODU0NDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM5RkU2QkZBNjQ2NjFF Q0Y2MDJDMzMxREFGRUMxODYzRkRGQ0VDMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqG9CXxsdn9C9njCSnSYmK3IyQdnOBxTlSSQvzFmNpUivDzYcp f+/pmlr2ZfmxBr2vbVnI2IuJNpZNqwtCYXv4PJtR+ZPuxm0hCXCwAHsDk+aArrH/ J8PA8oZUMZ/pcrCpk7PgCNjAQD0Db3ew+D9QENmRXDiQJ8TMb71GBBp9tWqmLwhh jCN3G015NUuSOIc5UQDGu3qWQrGml8Ko1/URAyriAgaJqQxJU+Yrb7Ro9qlDa7v3 xNPK+cwdQ+FWVTVwy3hb+rCzCRyiwYj7ziuaBdLVI7bCGc6B2rDX3No9Nc+aR4dt M3RdTHG0BgdPS5V0P1Q9/j6PGuiwy4a2HzvvAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUOf5r+mRmHs9gLDMdr+wYY/387DkwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvT2Y1ci1tUm1IczlnTERN ZHItd1lZXzM4N0RrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD ADzGMA0GCSqGSIb3DQEBCwUAA4IBAQBVo5PY4QkccuD3e8koCAHzh9Ydv7QIeXp2 pA6U6Ga04tO8ZNQQF1nNyfnKHv+S33I4oXGRIF8SNrGQNZA9Gie+sL7IfJLPih+f smtcGfBaiM1rRBy1XZubjCQLNXiEIiojUnVcdnmWj8s+l52XAGhfKH+WlMx3UGYA 7g9mRMkqUxHLlTBCBXGrpPqG9TFV7jbzYanWVT5D3TJWLu407Nri/Tt7iW+vWHUL W0NHJPAPkA4Lio9iW2jwuWM4Gj+8rjRj4xFJ2tf7iauIQXQXidka5aDk/5U3L70E wuoquUfmykU5k4NumRwG8y6bfhYPz6/6RJSwijdXkPx0cNmfS1vi -----END CERTIFICATE-----Generated at Sun Aug 24 06:49:58 2025 by rpki-client