$ rpki-client -vvf rpkica.twnic.tw/rpki/HINET/0/AS20940.roa File: AS20940.roa (raw, json) Hash identifier: rzIUdOot1cZdfBB5ILOjAyszUq31Q70wh61FBlvOD88= Subject key identifier: D2:08:9A:87:9D:C6:16:58:51:F4:7E:B7:89:F5:FA:2B:04:5C:A7:EC Certificate issuer: /CN=6276AF5AEFB216534D76803A45D67CADC23447BD Certificate serial: 1D4C37D225056FF63C2C7B983E5FDFBCDF6FD2E3 Authority key identifier: 62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer Subject info access: rsync://rpkica.twnic.tw/rpki/HINET/0/AS20940.roa Signing time: Mon 11 May 2026 16:42:31 +0000 ROA not before: Mon 11 May 2026 16:37:31 +0000 ROA not after: Mon 10 May 2027 16:42:31 +0000 asID: 20940 IP address blocks: 203.66.226.0/24 maxlen: 24 203.69.138.0/24 maxlen: 24 203.69.141.0/24 maxlen: 24 203.74.67.0/25 maxlen: 25 203.74.95.0/24 maxlen: 24 210.61.248.0/23 maxlen: 23 210.65.144.128/26 maxlen: 26 210.65.144.192/26 maxlen: 26 2001:b032:104::/48 maxlen: 48 2001:b034:700:580::/64 maxlen: 64 2001:b034:700:600::/56 maxlen: 56 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 15:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:4c:37:d2:25:05:6f:f6:3c:2c:7b:98:3e:5f:df:bc:df:6f:d2:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6276AF5AEFB216534D76803A45D67CADC23447BD Validity Not Before: May 11 16:37:31 2026 GMT Not After : May 10 16:42:31 2027 GMT Subject: CN=D2089A879DC6165851F47EB789F5FA2B045CA7EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:91:d5:fe:8a:9a:1d:ca:12:12:0f:10:05:02: f7:cf:89:d4:2a:2b:99:62:d1:35:77:bb:bd:98:22: b7:18:ba:c8:51:fe:21:a6:b4:73:dc:32:1e:4c:ef: c7:6e:34:70:b2:d3:01:6e:7f:ee:4e:d4:f0:2f:4f: d8:7a:69:0c:c6:72:22:87:b6:4e:ff:2f:a3:49:93: 14:dd:e5:32:b4:1e:81:6b:59:d2:cf:01:6f:fa:9f: 5c:ff:d8:d9:4d:d6:76:bb:4c:92:c7:ed:a4:3a:db: 80:f4:23:38:fa:17:41:05:36:37:f7:c2:50:cb:9b: de:09:5d:0a:f7:f0:ea:81:67:10:6d:65:c5:a6:c5: 11:d2:5d:c0:6a:df:58:b9:36:ae:eb:dd:75:be:b0: 41:ae:df:e4:f7:c2:69:10:b1:43:09:e4:32:df:f5: 8e:ee:15:ac:31:b7:1c:f7:44:5e:56:5a:35:25:ed: 8c:b3:39:db:6b:f0:12:00:74:3b:55:b8:90:12:26: 7a:d6:58:e6:2b:11:03:f4:08:5c:f1:4b:a5:98:27: de:e9:3a:de:6d:2e:d7:d5:8c:5d:2f:6a:52:9d:88: 2d:8d:5c:d3:8f:41:a9:0d:0f:10:b2:e6:ec:58:35: f6:a0:21:a3:91:41:b0:7a:93:f0:59:64:66:36:72: fb:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:08:9A:87:9D:C6:16:58:51:F4:7E:B7:89:F5:FA:2B:04:5C:A7:EC X509v3 Authority Key Identifier: keyid:62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HINET/0/AS20940.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.66.226.0/24 203.69.138.0/24 203.69.141.0/24 203.74.67.0/25 203.74.95.0/24 210.61.248.0/23 210.65.144.128/25 IPv6: 2001:b032:104::/48 2001:b034:700:580::/64 2001:b034:700:600::/56 Signature Algorithm: sha256WithRSAEncryption 61:a1:f6:d9:1d:c3:40:88:11:78:2e:2d:56:ea:5d:b6:a3:b4: 67:88:97:b1:a7:eb:8f:eb:c8:3d:f4:06:c4:fd:b5:b3:10:a6: 37:88:b4:b2:ab:39:89:8c:e6:82:96:d5:7c:bb:77:81:a6:82: 80:bb:52:d7:af:6c:2f:3a:50:2e:c7:58:b1:7d:a9:c9:7a:c6: 8f:7b:51:ac:e6:d9:d3:e3:62:d2:12:97:8b:2d:03:a8:d9:e8: 81:f8:56:3b:43:8b:3d:db:a0:4e:61:6a:3f:4c:8b:4a:da:79: 44:a5:d8:39:44:33:98:f7:92:2b:55:d1:1b:15:a4:d8:87:8a: 79:6d:ba:ff:18:9e:a3:be:db:a6:74:75:a7:23:7b:23:a2:0e: a8:29:f8:61:e8:6b:a4:0b:1e:d6:ca:6c:d1:ac:3f:d1:45:9a: 1b:22:65:ef:e4:29:f4:52:f0:ca:fe:ff:bf:6b:be:a2:c7:17: b6:16:1d:7c:34:2b:fa:70:24:1f:a3:90:8a:08:bd:3e:0a:45: d7:89:70:a1:a1:3b:73:cd:95:a7:27:14:54:96:f1:51:c3:48: 66:0e:47:ff:21:48:e5:8d:8e:35:70:d1:9b:2a:45:9e:6d:08: 42:a5:5f:ed:8d:9c:d5:7c:75:c2:45:e5:20:1c:bc:63:94:20: a5:db:7a:1a -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUHUw30iUFb/Y8LHuYPl/fvN9v0uMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjI3NkFGNUFFRkIyMTY1MzRENzY4MDNBNDVENjdDQURD MjM0NDdCRDAeFw0yNjA1MTExNjM3MzFaFw0yNzA1MTAxNjQyMzFaMDMxMTAvBgNV BAMTKEQyMDg5QTg3OURDNjE2NTg1MUY0N0VCNzg5RjVGQTJCMDQ1Q0E3RUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJkdX+ipodyhISDxAFAvfPidQq K5li0TV3u72YIrcYushR/iGmtHPcMh5M78duNHCy0wFuf+5O1PAvT9h6aQzGciKH tk7/L6NJkxTd5TK0HoFrWdLPAW/6n1z/2NlN1na7TJLH7aQ624D0Izj6F0EFNjf3 wlDLm94JXQr38OqBZxBtZcWmxRHSXcBq31i5Nq7r3XW+sEGu3+T3wmkQsUMJ5DLf 9Y7uFawxtxz3RF5WWjUl7YyzOdtr8BIAdDtVuJASJnrWWOYrEQP0CFzxS6WYJ97p Ot5tLtfVjF0valKdiC2NXNOPQakNDxCy5uxYNfagIaORQbB6k/BZZGY2cvvlAgMB AAGjggH+MIIB+jAdBgNVHQ4EFgQU0giah53GFlhR9H63ifX6KwRcp+wwHwYDVR0j BBgwFoAUYnavWu+yFlNNdoA6RdZ8rcI0R70wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSElORVQv MC82Mjc2QUY1QUVGQjIxNjUzNEQ3NjgwM0E0NUQ2N0NBREMyMzQ0N0JELmNybDBv BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS8xLzYyNzZBRjVBRUZCMjE2NTM0RDc2ODAzQTQ1RDY3 Q0FEQzIzNDQ3QkQuY2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5 bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ISU5FVC8wL0FTMjA5NDAucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwawYIKwYBBQUHAQcBAf8EXDBaMDIEAgAB MCwDBADLQuIDBADLRYoDBADLRY0DBQfLSkMAAwQAy0pfAwQB0j34AwUH0kGQgDAk BAIAAjAeAwcAIAGwMgEEAwkAIAGwNAcABYADCAAgAbA0BwAGMA0GCSqGSIb3DQEB CwUAA4IBAQBhofbZHcNAiBF4Li1W6l22o7RniJexp+uP68g99AbE/bWzEKY3iLSy qzmJjOaCltV8u3eBpoKAu1LXr2wvOlAux1ixfanJesaPe1Gs5tnT42LSEpeLLQOo 2eiB+FY7Q4s926BOYWo/TItK2nlEpdg5RDOY95IrVdEbFaTYh4p5bbr/GJ6jvtum dHWnI3sjog6oKfhh6GukCx7WymzRrD/RRZobImXv5Cn0UvDK/v+/a76ixxe2Fh18 NCv6cCQfo5CKCL0+CkXXiXChoTtzzZWnJxRUlvFRw0hmDkf/IUjljY41cNGbKkWe bQhCpV/tjZzVfHXCReUgHLxjlCCl23oa -----END CERTIFICATE-----Generated at Wed May 13 21:51:10 2026 by rpki-client