$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/BiHdE8UnHwNcdH5KfY2zEuPShLM.roa File: BiHdE8UnHwNcdH5KfY2zEuPShLM.roa (raw, json) Hash identifier: VNd85Uak86Z/LdtZ5GAstCVduRyrxE9yQFPxtN0vEVQ= Subject key identifier: 06:21:DD:13:C5:27:1F:03:5C:74:7E:4A:7D:8D:B3:12:E3:D2:84:B3 Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07 Certificate serial: 3978 Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/BiHdE8UnHwNcdH5KfY2zEuPShLM.roa Signing time: Fri 22 Aug 2025 08:46:19 +0000 ROA not before: Fri 22 Aug 2025 08:46:19 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38841 IP address blocks: 123.194.152.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14712 (0x3978) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07 Validity Not Before: Aug 22 08:46:19 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0621DD13C5271F035C747E4A7D8DB312E3D284B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e9:b8:db:7e:67:81:ae:b9:d6:3c:39:fc:df: 19:ed:82:fc:0c:f0:e0:fc:cb:f2:ff:e8:2c:3d:05: d5:e9:ed:f9:0b:8d:89:d7:a3:c0:cc:26:80:37:5b: 66:4f:c9:f1:0c:22:95:94:88:88:d1:14:ee:f0:10: 3d:05:62:50:8e:b5:6d:0c:c0:df:fc:78:e6:66:62: 45:c5:50:8a:87:5a:20:f2:64:ac:e1:15:d7:a1:fd: 30:8e:83:47:8a:7d:65:97:08:ac:19:e7:0d:5b:79: e5:9d:19:07:1f:30:2b:8c:7f:62:b0:91:27:72:b0: b0:22:57:2a:6e:66:75:ae:dd:61:a7:6b:71:21:82: 59:fe:d5:ba:b2:19:30:2d:d4:18:d9:86:41:4e:36: b0:24:d2:a0:83:15:c0:94:5a:20:56:11:a2:f6:91: f3:99:89:ab:c1:84:50:25:a2:8d:e9:14:92:0d:c4: b2:a6:10:06:66:21:20:b3:bd:06:84:c5:ae:4b:d6: 76:4d:05:52:ca:d5:e6:89:3d:8c:da:f8:b2:03:61: c7:ef:7e:80:5e:e6:1c:cd:ac:c7:ac:d0:6b:03:30: 58:eb:94:2a:c3:44:26:a4:72:96:02:30:e6:45:5a: 4e:57:b2:19:bd:c7:d6:0b:d7:8a:31:cb:b4:d0:15: d7:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:21:DD:13:C5:27:1F:03:5C:74:7E:4A:7D:8D:B3:12:E3:D2:84:B3 X509v3 Authority Key Identifier: keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/BiHdE8UnHwNcdH5KfY2zEuPShLM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.194.152.0/21 Signature Algorithm: sha256WithRSAEncryption b7:52:c5:42:9c:bb:bd:94:f7:76:bb:e3:2e:fd:6e:75:34:d0: 07:6d:b1:11:92:f1:7e:f6:73:ab:1c:85:44:ce:ca:31:ce:e5: 66:9a:15:52:76:e8:50:94:80:80:e0:fa:c3:70:28:08:d3:51: 8f:44:da:a6:61:15:92:a8:e8:b6:ae:64:c6:80:ef:60:bd:22: 38:29:6d:d8:b4:2b:63:81:bc:86:84:73:f7:d4:dc:fe:43:c4: af:d9:2d:f8:10:7b:6a:ff:7a:79:f6:78:7d:81:a5:47:38:3a: d6:81:dd:99:d3:9b:b5:85:4a:35:54:4c:72:7d:3a:85:7e:32: 47:30:41:9b:e0:16:d1:45:34:20:03:e6:15:f4:11:77:21:1b: a8:3e:da:d3:d0:63:df:e9:3a:3b:8d:0a:47:33:3c:3a:29:fa: 18:db:ec:85:c4:e9:f6:cd:2e:a1:b6:63:62:f9:dc:81:fe:50: 13:22:67:9d:de:bf:4b:68:a0:0d:28:01:71:32:3d:9e:31:3c: 49:10:c6:02:c5:fd:fb:21:d6:ca:0b:32:c1:3b:90:8b:d7:6c: c1:af:1f:d2:d7:6d:e0:22:75:b4:aa:ff:3b:66:6e:e6:3a:04: 88:d1:8d:37:59:a4:6b:07:59:e7:7a:e7:a4:60:67:f0:24:71: 15:93:b2:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICOXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2 NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTA4MjIw ODQ2MTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA2MjFERDEzQzUyNzFG MDM1Qzc0N0U0QTdEOERCMzEyRTNEMjg0QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDX6bjbfmeBrrnWPDn83xntgvwM8OD8y/L/6Cw9BdXp7fkLjYnX o8DMJoA3W2ZPyfEMIpWUiIjRFO7wED0FYlCOtW0MwN/8eOZmYkXFUIqHWiDyZKzh Fdeh/TCOg0eKfWWXCKwZ5w1beeWdGQcfMCuMf2KwkSdysLAiVypuZnWu3WGna3Eh gln+1bqyGTAt1BjZhkFONrAk0qCDFcCUWiBWEaL2kfOZiavBhFAloo3pFJINxLKm EAZmISCzvQaExa5L1nZNBVLK1eaJPYza+LIDYcfvfoBe5hzNrMes0GsDMFjrlCrD RCakcpYCMOZFWk5Xshm9x9YL14oxy7TQFdeTAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUBiHdE8UnHwNcdH5KfY2zEuPShLMwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0JpSGRFOFVuSHdOY2RINUtm WTJ6RXVQU2hMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7 wpgwDQYJKoZIhvcNAQELBQADggEBALdSxUKcu72U93a74y79bnU00AdtsRGS8X72 c6schUTOyjHO5WaaFVJ26FCUgIDg+sNwKAjTUY9E2qZhFZKo6LauZMaA72C9Ijgp bdi0K2OBvIaEc/fU3P5DxK/ZLfgQe2r/enn2eH2BpUc4OtaB3ZnTm7WFSjVUTHJ9 OoV+MkcwQZvgFtFFNCAD5hX0EXchG6g+2tPQY9/pOjuNCkczPDop+hjb7IXE6fbN LqG2Y2L53IH+UBMiZ53ev0tooA0oAXEyPZ4xPEkQxgLF/fsh1soLMsE7kIvXbMGv H9LXbeAidbSq/ztmbuY6BIjRjTdZpGsHWed656RgZ/AkcRWTsjI= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:57 2025 by rpki-client