$ rpki-client -vvf rpkica.twnic.tw/rpki/HINET/0/AS8068.roa File: AS8068.roa (raw, json) Hash identifier: W23IjIJbzWcExtQNU8ziEZqhvBBscGBLFDtqXXOTlKk= Subject key identifier: 41:96:34:A6:F0:D0:23:B9:9F:60:C4:2F:13:B4:EF:D5:5B:07:04:57 Certificate issuer: /CN=6276AF5AEFB216534D76803A45D67CADC23447BD Certificate serial: 1E6A919013D535F4658EE9BFB5D310B42EAF9853 Authority key identifier: 62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer Subject info access: rsync://rpkica.twnic.tw/rpki/HINET/0/AS8068.roa Signing time: Mon 11 May 2026 16:34:09 +0000 ROA not before: Mon 11 May 2026 16:29:09 +0000 ROA not after: Mon 10 May 2027 16:34:09 +0000 asID: 8068 IP address blocks: 61.220.60.200/29 maxlen: 29 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 15:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:6a:91:90:13:d5:35:f4:65:8e:e9:bf:b5:d3:10:b4:2e:af:98:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6276AF5AEFB216534D76803A45D67CADC23447BD Validity Not Before: May 11 16:29:09 2026 GMT Not After : May 10 16:34:09 2027 GMT Subject: CN=419634A6F0D023B99F60C42F13B4EFD55B070457 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:8d:e3:1a:c8:58:29:1e:f3:72:16:67:8c:b6: fb:5b:bf:38:0e:f0:14:32:a7:f3:07:26:e8:9d:f5: 49:ec:d9:53:d5:3a:32:2e:63:dc:c7:ce:93:c8:42: 68:d5:e9:0b:84:2b:57:61:f2:83:b6:50:31:6b:67: c7:d4:be:cc:e5:df:86:1c:b8:b7:62:de:a8:a6:27: 08:26:f7:bd:3b:70:ea:c0:c9:d9:65:f6:f6:e7:6a: d1:3e:a3:3c:e9:d2:e6:63:03:74:a6:f0:24:88:63: b4:ce:49:ea:41:4b:78:d2:04:c4:3f:96:92:dc:de: 73:d2:c4:1a:b0:d5:42:2d:74:e0:46:06:55:4c:2c: 92:46:39:f9:29:51:43:4a:b4:91:9d:0d:9e:eb:ec: 4c:d5:81:f6:03:ee:05:48:82:4e:e7:68:b3:15:43: df:e0:fc:e0:5d:c0:47:6b:bd:5c:0f:b4:19:73:c1: 71:a1:45:bf:dd:34:eb:0a:09:e9:7c:8d:b5:88:21: ff:2d:f3:ec:f6:06:50:04:c2:47:38:01:af:f1:3e: 13:23:24:32:6f:2b:96:bb:a7:91:81:7c:6e:bf:87: 53:88:1f:b8:f3:95:8e:20:88:59:98:a7:76:b8:c9: 8b:4e:f9:5d:c1:33:4b:e5:cf:77:10:99:17:7f:23: d6:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:96:34:A6:F0:D0:23:B9:9F:60:C4:2F:13:B4:EF:D5:5B:07:04:57 X509v3 Authority Key Identifier: keyid:62:76:AF:5A:EF:B2:16:53:4D:76:80:3A:45:D6:7C:AD:C2:34:47:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/HINET/0/6276AF5AEFB216534D76803A45D67CADC23447BD.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/6276AF5AEFB216534D76803A45D67CADC23447BD.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HINET/0/AS8068.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.220.60.200/29 Signature Algorithm: sha256WithRSAEncryption a7:14:60:3a:4e:4e:38:ab:01:68:4c:14:b0:36:e5:6b:e0:2f: 4e:f5:ca:11:8d:34:9e:29:8b:9c:57:29:01:ee:53:9d:12:9a: ee:17:76:11:d3:26:43:1e:48:1c:3d:b8:33:ed:d2:35:64:cd: 0f:d5:73:cf:9f:f9:6d:87:82:0c:2e:83:7c:22:6b:46:68:c4: 86:e3:a4:13:79:d3:8a:43:c8:4a:54:8b:10:e3:bb:37:2f:52: 72:b8:3d:27:8e:b4:f7:b3:c7:81:eb:9d:3c:13:fc:14:c6:96: 8d:b7:ce:ca:c3:60:7d:ad:89:ea:bf:e6:0d:bc:0c:fd:6f:9b: af:cd:e3:66:24:c5:a7:ac:56:f9:9b:54:ee:28:94:cd:06:83: 30:6d:df:96:44:5d:e4:e3:d8:0e:e3:a8:c6:8d:4e:5b:b7:73: cd:37:4a:94:9b:c2:11:c8:59:6f:28:9a:3b:1d:30:01:73:29: 9b:de:f2:b2:64:aa:5f:20:eb:d0:a8:25:f7:9e:e0:d4:6a:f7: 97:b3:24:11:52:1a:28:97:7b:7a:64:fc:d7:7f:82:9b:f6:e0: 85:2f:4b:25:83:4e:25:64:53:48:64:ff:50:46:30:6d:92:27: c7:8a:68:dd:59:ef:77:69:62:95:6e:c5:c8:e6:4d:7c:4f:fa: 73:b0:f3:94 -----BEGIN CERTIFICATE----- MIIEqDCCA5CgAwIBAgIUHmqRkBPVNfRljum/tdMQtC6vmFMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjI3NkFGNUFFRkIyMTY1MzRENzY4MDNBNDVENjdDQURD MjM0NDdCRDAeFw0yNjA1MTExNjI5MDlaFw0yNzA1MTAxNjM0MDlaMDMxMTAvBgNV BAMTKDQxOTYzNEE2RjBEMDIzQjk5RjYwQzQyRjEzQjRFRkQ1NUIwNzA0NTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjeMayFgpHvNyFmeMtvtbvzgO 8BQyp/MHJuid9Uns2VPVOjIuY9zHzpPIQmjV6QuEK1dh8oO2UDFrZ8fUvszl34Yc uLdi3qimJwgm9707cOrAydll9vbnatE+ozzp0uZjA3Sm8CSIY7TOSepBS3jSBMQ/ lpLc3nPSxBqw1UItdOBGBlVMLJJGOfkpUUNKtJGdDZ7r7EzVgfYD7gVIgk7naLMV Q9/g/OBdwEdrvVwPtBlzwXGhRb/dNOsKCel8jbWIIf8t8+z2BlAEwkc4Aa/xPhMj JDJvK5a7p5GBfG6/h1OIH7jzlY4giFmYp3a4yYtO+V3BM0vlz3cQmRd/I9ahAgMB AAGjggGyMIIBrjAdBgNVHQ4EFgQUQZY0pvDQI7mfYMQvE7Tv1VsHBFcwHwYDVR0j BBgwFoAUYnavWu+yFlNNdoA6RdZ8rcI0R70wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSElORVQv MC82Mjc2QUY1QUVGQjIxNjUzNEQ3NjgwM0E0NUQ2N0NBREMyMzQ0N0JELmNybDBv BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj LnR3L3Jwa2kvVFdOSUNDQS8xLzYyNzZBRjVBRUZCMjE2NTM0RDc2ODAzQTQ1RDY3 Q0FEQzIzNDQ3QkQuY2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5 bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9ISU5FVC8wL0FTODA2OC5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEw BwMFAz3cPMgwDQYJKoZIhvcNAQELBQADggEBAKcUYDpOTjirAWhMFLA25WvgL071 yhGNNJ4pi5xXKQHuU50Smu4XdhHTJkMeSBw9uDPt0jVkzQ/Vc8+f+W2Hggwug3wi a0ZoxIbjpBN504pDyEpUixDjuzcvUnK4PSeOtPezx4HrnTwT/BTGlo23zsrDYH2t ieq/5g28DP1vm6/N42YkxaesVvmbVO4olM0GgzBt35ZEXeTj2A7jqMaNTlu3c803 SpSbwhHIWW8omjsdMAFzKZve8rJkql8g69CoJfee4NRq95ezJBFSGiiXe3pk/Nd/ gpv24IUvSyWDTiVkU0hk/1BGMG2SJ8eKaN1Z73dpYpVuxcjmTXxP+nOw85Q= -----END CERTIFICATE-----Generated at Wed May 13 21:51:11 2026 by rpki-client