$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/hiXIKwkKHNtrQK_f4958YJjv4yo.roa File: hiXIKwkKHNtrQK_f4958YJjv4yo.roa (raw, json) Hash identifier: Jcv3X3Nv30G+P3BCS01oO657zCmMw9s8c4nz8kBc0Vw= Subject key identifier: 86:25:C8:2B:09:0A:1C:DB:6B:40:AF:DF:E3:DE:7C:60:98:EF:E3:2A Certificate issuer: /CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Certificate serial: 09DA Authority key identifier: CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/hiXIKwkKHNtrQK_f4958YJjv4yo.roa Signing time: Fri 22 Aug 2025 08:50:44 +0000 ROA not before: Fri 22 Aug 2025 08:50:44 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9678 IP address blocks: 2405:fbc0:112::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2522 (0x9da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAD527022C8CD07568EC9FC82A1CE0DDE5B2C4AC Validity Not Before: Aug 22 08:50:44 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8625C82B090A1CDB6B40AFDFE3DE7C6098EFE32A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:3f:39:0d:e4:54:1b:0c:c6:ee:f8:96:14:8d: 06:d1:6f:e2:4b:78:c7:65:09:9e:8f:4b:bc:05:12: 59:3b:66:33:e9:7c:73:89:17:38:b7:73:5f:11:29: b4:ad:d8:27:f7:b5:14:4f:b0:92:9d:65:8b:c3:cc: 55:9a:fb:16:78:08:17:12:ae:89:98:93:6c:41:d2: 12:c1:69:e3:80:39:a3:7c:5d:59:6e:b6:b3:26:7c: 17:d1:e4:76:9d:a5:97:7d:0d:75:41:24:01:e2:90: 96:c6:3b:2d:aa:1c:cb:c1:de:94:45:e6:20:85:29: fd:73:37:a2:ec:e2:03:66:4f:b8:01:94:1d:b5:8c: 4c:b0:8e:7f:35:58:3e:38:87:83:11:d9:a6:33:90: 7a:72:8b:27:6e:bd:19:cf:9e:e7:39:97:f2:cd:cc: 18:5c:c1:6c:b5:f0:b4:90:1c:6d:5b:31:92:a1:f6: c4:2f:7a:a7:57:75:a9:8c:ca:be:3a:26:50:f0:5b: 67:95:e8:ae:1c:9d:8d:69:bb:e1:13:a9:2d:a1:b4: 52:fc:50:1b:49:3d:fc:1d:69:77:fa:6a:c4:fc:df: 6b:c1:77:bd:c2:ee:ab:00:fe:af:aa:41:14:9d:75: f5:77:8c:53:45:22:70:2b:20:b4:b1:82:6c:86:f5: ba:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:25:C8:2B:09:0A:1C:DB:6B:40:AF:DF:E3:DE:7C:60:98:EF:E3:2A X509v3 Authority Key Identifier: keyid:CA:D5:27:02:2C:8C:D0:75:68:EC:9F:C8:2A:1C:E0:DD:E5:B2:C4:AC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/ytUnAiyM0HVo7J_IKhzg3eWyxKw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ytUnAiyM0HVo7J_IKhzg3eWyxKw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWBESTWARE/hiXIKwkKHNtrQK_f4958YJjv4yo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:fbc0:112::/48 Signature Algorithm: sha256WithRSAEncryption b9:a1:7f:32:98:65:7c:25:c3:f2:6a:2f:ae:f1:86:32:23:9c: fe:dc:ac:df:9c:81:ef:26:ea:22:2d:e1:82:67:9f:d0:eb:3f: 28:a7:42:dd:43:f7:c3:5d:53:56:66:75:10:ee:45:09:f0:fb: 13:63:f5:95:a9:08:6b:33:ee:7a:5a:ef:2c:a7:2a:fc:8a:e4: 14:8f:fb:a2:5e:89:0c:ba:8a:51:b7:73:bf:8d:43:9f:b9:96: 71:4f:4c:b8:75:d0:01:5b:21:cb:b7:36:44:03:df:c6:66:f7: d9:88:9e:cb:a2:b7:9e:c3:b3:6a:1c:f6:9e:30:ed:c0:73:cc: 77:50:b4:1b:f1:f7:d8:54:8c:d6:d6:25:07:e4:c8:05:78:3e: 1d:2b:ea:19:ea:59:46:77:f6:78:39:50:66:df:29:48:79:01: 86:30:67:23:07:a7:99:24:ae:75:41:f1:71:e7:ac:5f:b5:9a: dc:27:cd:f7:58:a7:62:ab:f4:3c:1c:31:0b:7a:4f:76:71:19: e2:c6:33:93:c7:92:1d:1a:33:1e:3e:62:a6:e4:e5:b2:54:c7: 24:a0:a5:83:7e:c4:f1:34:fa:ae:97:fc:c4:06:89:11:57:d5: 11:b0:c7:8b:a8:13:b2:de:44:64:8e:49:ea:7c:05:e1:9a:05: 90:4f:7c:c7 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICCdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0FE NTI3MDIyQzhDRDA3NTY4RUM5RkM4MkExQ0UwRERFNUIyQzRBQzAeFw0yNTA4MjIw ODUwNDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg2MjVDODJCMDkwQTFD REI2QjQwQUZERkUzREU3QzYwOThFRkUzMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiPzkN5FQbDMbu+JYUjQbRb+JLeMdlCZ6PS7wFElk7ZjPpfHOJ Fzi3c18RKbSt2Cf3tRRPsJKdZYvDzFWa+xZ4CBcSromYk2xB0hLBaeOAOaN8XVlu trMmfBfR5HadpZd9DXVBJAHikJbGOy2qHMvB3pRF5iCFKf1zN6Ls4gNmT7gBlB21 jEywjn81WD44h4MR2aYzkHpyiyduvRnPnuc5l/LNzBhcwWy18LSQHG1bMZKh9sQv eqdXdamMyr46JlDwW2eV6K4cnY1pu+ETqS2htFL8UBtJPfwdaXf6asT832vBd73C 7qsA/q+qQRSddfV3jFNFInArILSxgmyG9brrAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUhiXIKwkKHNtrQK/f4958YJjv4yowHwYDVR0jBBgwFoAUytUnAiyM0HVo7J/I Khzg3eWyxKwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdCRVNU V0FSRS95dFVuQWl5TTBIVm83Sl9JS2h6ZzNlV3l4S3cuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL3l0VW5BaXlNMEhWbzdKX0lLaHpnM2VXeXhLdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1RXQkVTVFdBUkUvaGlYSUt3a0tI TnRyUUtfZjQ5NThZSmp2NHlvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQC AAIwCQMHACQF+8ABEjANBgkqhkiG9w0BAQsFAAOCAQEAuaF/MphlfCXD8movrvGG MiOc/tys35yB7ybqIi3hgmef0Os/KKdC3UP3w11TVmZ1EO5FCfD7E2P1lakIazPu elrvLKcq/IrkFI/7ol6JDLqKUbdzv41Dn7mWcU9MuHXQAVshy7c2RAPfxmb32Yie y6K3nsOzahz2njDtwHPMd1C0G/H32FSM1tYlB+TIBXg+HSvqGepZRnf2eDlQZt8p SHkBhjBnIwenmSSudUHxceesX7Wa3CfN91inYqv0PBwxC3pPdnEZ4sYzk8eSHRoz Hj5ipuTlslTHJKClg37E8TT6rpf8xAaJEVfVEbDHi6gTst5EZI5J6nwF4ZoFkE98 xw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:42:26 2025 by rpki-client