$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/405EZ1oSDFsazjMXi5yT29im29k.roa File: 405EZ1oSDFsazjMXi5yT29im29k.roa (raw, json) Hash identifier: 1D52BeLcHrCIwVYAT5sZw+YIYnmffOK/IOGtQjPxdMU= Subject key identifier: E3:4E:44:67:5A:12:0C:5B:1A:CE:33:17:8B:9C:93:DB:D8:A6:DB:D9 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 18BF Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/405EZ1oSDFsazjMXi5yT29im29k.roa Signing time: Fri 22 Aug 2025 09:02:24 +0000 ROA not before: Fri 22 Aug 2025 09:02:24 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 61.218.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6335 (0x18bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E34E44675A120C5B1ACE33178B9C93DBD8A6DBD9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3e:ff:74:9d:f3:1f:0a:1d:a2:94:94:67:7a: cf:14:0f:4a:ad:5f:0e:da:e9:39:70:a3:04:b4:22: 6d:80:05:da:f7:39:f6:5e:97:a1:4a:7c:95:f8:c4: 5a:d9:b1:75:16:e1:fa:8b:34:f2:62:34:56:1b:11: 3b:ac:4a:1a:72:4b:21:fa:03:29:cd:9c:58:86:59: 7d:7d:cc:4f:ad:e4:af:fa:98:33:1a:73:31:9d:b5: 4f:d5:a6:ab:04:ec:42:22:1d:f6:0e:f0:39:ca:c1: 10:a3:09:a6:12:45:8c:fd:59:1b:32:15:93:c3:f7: 10:85:6e:5e:47:94:46:58:47:02:a4:95:85:80:18: ea:b4:cd:29:a8:51:05:9c:28:2b:8a:a6:f3:ed:60: 69:5d:6f:2c:72:60:9e:fd:66:b2:a0:82:19:f3:91: 9d:19:44:70:0b:3e:6c:da:1a:43:cc:ba:61:33:18: a4:ee:e2:05:d1:c3:05:24:34:6b:f8:84:d6:74:35: 9c:a3:4e:ce:0e:4c:be:0a:b4:5a:34:de:5b:9a:00: f2:53:d4:1b:f9:4a:41:a0:6b:d1:8e:0d:fb:83:67: 0e:85:60:21:69:d3:62:b1:6e:f6:a7:b4:08:cb:8e: 30:e0:e7:7c:e1:35:85:8c:5c:e2:26:7c:29:3e:1a: b6:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:4E:44:67:5A:12:0C:5B:1A:CE:33:17:8B:9C:93:DB:D8:A6:DB:D9 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/405EZ1oSDFsazjMXi5yT29im29k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.218.0.0/15 Signature Algorithm: sha256WithRSAEncryption 85:e5:09:88:31:62:3c:04:7f:ae:7e:9a:cc:b2:b9:00:5a:a4: ee:5e:8a:04:35:a5:35:3e:d9:ec:ec:40:e4:44:1e:cb:e5:1b: 99:ef:4c:97:9d:0e:7f:f3:94:00:b1:31:d9:da:95:db:e9:4f: 5f:f1:4d:cc:ff:b5:07:27:10:a4:8d:b1:37:a7:38:c1:c8:90: a1:7f:e1:ef:0a:78:b7:d4:45:86:cc:e2:22:e2:71:3f:92:bd: 9a:84:8f:23:3c:5f:49:6f:40:2b:dd:88:0a:06:c8:77:bf:13: c2:1e:02:27:f8:4d:ae:7f:46:ca:32:bf:8a:d2:b2:d2:b0:52: e0:33:1c:90:ef:43:67:1b:4f:f7:36:c1:c3:a7:bc:5a:dd:2d: 00:85:fc:95:f3:ca:84:89:7c:d1:90:ad:12:00:7b:3a:5f:e9: 7e:84:20:12:2e:50:29:7b:d8:77:f3:9a:65:19:0e:02:e8:49: aa:7e:22:3c:0c:db:35:36:51:5f:28:31:27:73:52:af:f2:fa: 9d:f2:ed:13:7a:27:ca:dc:3f:f0:10:2f:ce:9a:ad:00:90:88: ba:25:b8:25:65:a2:2c:a2:15:90:f7:e7:97:6a:1f:b7:f4:c0: 08:7d:ae:04:b6:4e:e4:f5:3b:cd:65:67:de:18:f5:d1:4b:65: 58:ce:9f:bd -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICGL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyMjRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEUzNEU0NDY3NUExMjBD NUIxQUNFMzMxNzhCOUM5M0RCRDhBNkRCRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPPv90nfMfCh2ilJRnes8UD0qtXw7a6TlwowS0Im2ABdr3OfZe l6FKfJX4xFrZsXUW4fqLNPJiNFYbETusShpySyH6AynNnFiGWX19zE+t5K/6mDMa czGdtU/VpqsE7EIiHfYO8DnKwRCjCaYSRYz9WRsyFZPD9xCFbl5HlEZYRwKklYWA GOq0zSmoUQWcKCuKpvPtYGldbyxyYJ79ZrKgghnzkZ0ZRHALPmzaGkPMumEzGKTu 4gXRwwUkNGv4hNZ0NZyjTs4OTL4KtFo03luaAPJT1Bv5SkGga9GODfuDZw6FYCFp 02KxbvantAjLjjDg53zhNYWMXOImfCk+GraDAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU405EZ1oSDFsazjMXi5yT29im29kwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC80MDVFWjFvU0RGc2F6ak1YaTV5 VDI5aW0yOWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBPdow DQYJKoZIhvcNAQELBQADggEBAIXlCYgxYjwEf65+msyyuQBapO5eigQ1pTU+2ezs QOREHsvlG5nvTJedDn/zlACxMdnaldvpT1/xTcz/tQcnEKSNsTenOMHIkKF/4e8K eLfURYbM4iLicT+SvZqEjyM8X0lvQCvdiAoGyHe/E8IeAif4Ta5/Rsoyv4rSstKw UuAzHJDvQ2cbT/c2wcOnvFrdLQCF/JXzyoSJfNGQrRIAezpf6X6EIBIuUCl72Hfz mmUZDgLoSap+IjwM2zU2UV8oMSdzUq/y+p3y7RN6J8rcP/AQL86arQCQiLoluCVl oiyiFZD355dqH7f0wAh9rgS2TuT1O81lZ94Y9dFLZVjOn70= -----END CERTIFICATE-----Generated at Fri Sep 5 21:13:24 2025 by rpki-client