$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/oG2qQxnAkrIqITpICQ7KAiPTAD4.roa File: oG2qQxnAkrIqITpICQ7KAiPTAD4.roa (raw, json) Hash identifier: Co+lIm2V6FRy5SkgoXtlHMTc42avzaCBSoHP37ajnB8= Subject key identifier: A0:6D:AA:43:19:C0:92:B2:2A:21:3A:48:09:0E:CA:02:23:D3:00:3E Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Certificate serial: 147C Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/oG2qQxnAkrIqITpICQ7KAiPTAD4.roa Signing time: Fri 22 Aug 2025 08:54:29 +0000 ROA not before: Fri 22 Aug 2025 08:54:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9924 IP address blocks: 60.199.107.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5244 (0x147c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464 Validity Not Before: Aug 22 08:54:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A06DAA4319C092B22A213A48090ECA0223D3003E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:8a:c8:b3:a0:cd:1f:9f:c0:98:18:ae:91:24: 8b:2a:88:0e:77:be:ab:5d:65:80:bd:6d:a1:5a:db: b7:a3:04:ad:f2:9b:59:5f:ad:66:04:62:c5:e9:83: 6f:0e:8e:ab:af:6e:30:e9:59:79:a3:17:45:05:c5: df:4e:8f:de:bc:1d:5d:18:f7:24:de:15:58:6e:c2: af:75:5a:b5:5f:36:75:6d:b1:4b:89:ba:d3:4f:2b: 5e:a6:64:9f:d6:33:69:cd:b7:dd:84:18:ae:18:88: b2:9e:20:c5:cb:99:f2:3e:c6:fa:cc:09:8a:50:96: a7:a5:28:91:f7:62:e1:1f:f2:1e:de:26:25:fe:00: 87:74:ff:df:88:fd:24:bc:f2:06:04:44:51:12:8d: ed:4e:3e:e3:e4:c1:38:69:52:7b:ce:9c:1f:88:61: ba:a3:b9:3a:62:20:fd:50:5e:5a:3d:15:31:32:5d: 15:8e:bd:e2:f9:f4:3b:49:6b:c4:66:44:27:5e:cc: d7:96:f8:d0:0d:7f:20:4b:d8:f0:52:ad:46:49:8c: 8e:6e:4c:b2:72:74:04:00:9e:32:02:fa:7c:23:59: 14:30:d7:9f:a1:e7:41:f1:b3:54:eb:f7:65:e1:be: da:f6:ac:82:3d:6a:65:53:2b:e8:37:49:d4:d7:b8: 00:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:6D:AA:43:19:C0:92:B2:2A:21:3A:48:09:0E:CA:02:23:D3:00:3E X509v3 Authority Key Identifier: keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/oG2qQxnAkrIqITpICQ7KAiPTAD4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.199.107.0/24 Signature Algorithm: sha256WithRSAEncryption 23:ca:aa:13:88:cf:fd:7e:38:58:55:da:8c:0d:63:b9:25:e6: c4:4f:ab:ae:84:00:69:d9:0a:73:ef:22:74:e2:64:59:ae:12: 80:de:da:5d:65:39:7a:a2:34:19:c2:cd:b4:81:92:22:98:94: 4d:3a:e4:2e:93:1a:3f:17:cf:32:26:34:da:1c:41:f9:17:90: da:51:b4:84:1f:58:9f:8d:e1:5d:5a:d4:e2:a5:28:c6:f3:a3: 2a:68:7b:61:56:22:71:dd:94:bb:4c:dd:f4:ca:55:69:63:48: 75:26:bf:80:55:71:f1:6c:f0:14:e2:6b:1f:4f:e4:1a:24:9c: d2:17:40:e2:11:00:87:1a:87:e0:31:5a:39:b7:23:73:dd:42: f3:a8:3f:96:9c:ce:69:46:a6:cb:37:65:f3:f0:47:38:20:78: cb:5f:9c:01:47:f1:43:e7:f2:e8:95:af:01:ec:74:77:75:15: c4:51:f6:b3:b6:2c:a0:4e:98:1e:3f:f4:cf:a1:be:bf:98:41: 06:68:36:bd:7f:03:47:5b:1f:2f:da:45:c4:3a:f4:51:01:d4: cb:99:35:99:99:8c:0c:9a:dd:b4:28:f0:0a:f8:32:f0:4a:aa: af:f2:cd:53:5b:4f:6d:67:b3:2b:b0:27:32:03:dc:1b:4f:e3: 59:71:0f:6b -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICFHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTA4MjIw ODU0MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEEwNkRBQTQzMTlDMDky QjIyQTIxM0E0ODA5MEVDQTAyMjNEMzAwM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPisizoM0fn8CYGK6RJIsqiA53vqtdZYC9baFa27ejBK3ym1lf rWYEYsXpg28OjquvbjDpWXmjF0UFxd9Oj968HV0Y9yTeFVhuwq91WrVfNnVtsUuJ utNPK16mZJ/WM2nNt92EGK4YiLKeIMXLmfI+xvrMCYpQlqelKJH3YuEf8h7eJiX+ AId0/9+I/SS88gYERFESje1OPuPkwThpUnvOnB+IYbqjuTpiIP1QXlo9FTEyXRWO veL59DtJa8RmRCdezNeW+NANfyBL2PBSrUZJjI5uTLJydAQAnjIC+nwjWRQw15+h 50Hxs1Tr92Xhvtr2rII9amVTK+g3SdTXuABxAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUoG2qQxnAkrIqITpICQ7KAiPTAD4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it /rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvb0cycVF4bkFrcklxSVRw SUNRN0tBaVBUQUQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME ADzHazANBgkqhkiG9w0BAQsFAAOCAQEAI8qqE4jP/X44WFXajA1juSXmxE+rroQA adkKc+8idOJkWa4SgN7aXWU5eqI0GcLNtIGSIpiUTTrkLpMaPxfPMiY02hxB+ReQ 2lG0hB9Yn43hXVrU4qUoxvOjKmh7YVYicd2Uu0zd9MpVaWNIdSa/gFVx8WzwFOJr H0/kGiSc0hdA4hEAhxqH4DFaObcjc91C86g/lpzOaUamyzdl8/BHOCB4y1+cAUfx Q+fy6JWvAex0d3UVxFH2s7YsoE6YHj/0z6G+v5hBBmg2vX8DR1sfL9pFxDr0UQHU y5k1mZmMDJrdtCjwCvgy8Eqqr/LNU1tPbWezK7AnMgPcG0/jWXEPaw== -----END CERTIFICATE-----Generated at Sun Aug 24 06:48:38 2025 by rpki-client