$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/KtPckVgPrmwUrP7gqpngcSb9M1U.roa File: KtPckVgPrmwUrP7gqpngcSb9M1U.roa (raw, json) Hash identifier: j8yuCLeMyOpndX0Wyc89gmh1toMDc/cH4v5EOH8xAII= Subject key identifier: 2A:D3:DC:91:58:0F:AE:6C:14:AC:FE:E0:AA:99:E0:71:26:FD:33:55 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1920 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KtPckVgPrmwUrP7gqpngcSb9M1U.roa Signing time: Fri 22 Aug 2025 09:02:47 +0000 ROA not before: Fri 22 Aug 2025 09:02:47 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 36040 IP address blocks: 2001:b032:c0ff:2::/64 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6432 (0x1920) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:47 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=2AD3DC91580FAE6C14ACFEE0AA99E07126FD3355 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e4:a8:7c:a7:15:24:df:ff:9a:32:3d:4b:7e: 70:19:0b:d9:33:42:2e:3d:a4:7d:5d:c6:bb:81:bd: 77:a4:49:f6:93:ab:8b:3f:3d:04:de:04:6f:a8:31: b1:41:0d:ac:16:ef:e8:90:59:6b:db:fd:ba:fb:fe: 84:6f:1b:72:1d:bd:fe:0b:a0:8c:6e:7d:e6:62:17: 6b:f4:6e:21:31:f0:02:a8:58:f0:a1:64:e5:d7:0c: e9:c1:c1:db:bf:04:a7:fe:5f:a8:f2:c0:f4:d4:c5: 10:05:b2:a8:ef:a0:f4:d1:bb:c9:f5:0d:c8:6e:1d: a1:b4:84:d8:bf:60:36:d5:44:d5:de:1e:dd:44:88: 34:a8:77:8f:af:de:80:44:8e:b9:ca:09:ff:8e:82: 14:68:b9:81:96:68:66:7e:01:2e:71:2a:fc:e8:4a: d0:9e:a8:59:42:b8:89:fc:2a:02:e2:cd:bd:8a:36: 87:4f:a2:61:3f:56:ec:03:69:45:97:10:01:13:62: fe:44:89:f2:66:e1:85:74:84:8d:ee:46:02:fd:b1: 63:f4:84:01:83:b2:16:1a:5c:7c:40:8b:63:d6:17: 8d:4b:80:e6:e3:7d:70:f4:12:f2:ef:71:de:68:8f: 45:85:d2:00:24:40:96:af:b5:3c:6a:f2:a1:db:7a: af:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:D3:DC:91:58:0F:AE:6C:14:AC:FE:E0:AA:99:E0:71:26:FD:33:55 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KtPckVgPrmwUrP7gqpngcSb9M1U.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b032:c0ff:2::/64 Signature Algorithm: sha256WithRSAEncryption 78:5c:78:50:55:bd:02:24:a9:99:58:03:5e:65:16:e4:2a:f6: f8:d6:a8:ae:bb:a3:4e:3d:42:be:ce:e5:22:7b:1f:ee:70:34: a4:7f:cd:c4:71:ff:dc:b4:45:ca:28:54:09:ce:24:22:21:91: 1d:d7:88:c9:67:ec:f9:e1:83:71:8b:7c:a1:7d:37:94:01:cd: 27:ec:04:9f:98:e3:8d:5e:7a:c5:8a:8f:57:72:83:0a:5a:fb: b8:c0:12:23:74:c7:4d:10:76:a9:0e:3a:1e:d8:a9:cb:e9:ce: 24:45:6d:0d:12:71:3e:ac:0d:2f:86:d5:7a:5a:b2:85:81:83: 86:47:b9:c0:30:8d:20:ba:7f:02:73:43:4e:90:c7:89:af:88: fc:4a:57:eb:4c:0e:43:5c:a4:3b:4b:5b:70:1e:5e:0a:49:8f: 30:df:5b:6f:28:ba:3f:6d:4f:48:9b:79:94:55:32:39:e8:44: 77:2f:d6:f4:be:2a:3e:ee:a0:f4:f3:65:fd:0a:d1:02:ca:f2: d3:4e:23:3e:64:4d:86:42:e0:8c:df:38:88:9c:ed:68:39:b0: fc:21:d4:7e:24:9d:e8:d9:00:b5:23:a0:3d:27:05:5a:25:01: bb:90:c6:96:9a:1f:a4:73:82:10:4a:d9:fa:9c:08:e3:14:9d: 15:6b:0d:f2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJBRDNEQzkxNTgwRkFF NkMxNEFDRkVFMEFBOTlFMDcxMjZGRDMzNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCd5Kh8pxUk3/+aMj1LfnAZC9kzQi49pH1dxruBvXekSfaTq4s/ PQTeBG+oMbFBDawW7+iQWWvb/br7/oRvG3Idvf4LoIxufeZiF2v0biEx8AKoWPCh ZOXXDOnBwdu/BKf+X6jywPTUxRAFsqjvoPTRu8n1DchuHaG0hNi/YDbVRNXeHt1E iDSod4+v3oBEjrnKCf+OghRouYGWaGZ+AS5xKvzoStCeqFlCuIn8KgLizb2KNodP omE/VuwDaUWXEAETYv5EifJm4YV0hI3uRgL9sWP0hAGDshYaXHxAi2PWF41LgObj fXD0EvLvcd5oj0WF0gAkQJavtTxq8qHbeq/HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKtPckVgPrmwUrP7gqpngcSb9M1UwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9LdFBja1ZnUHJtd1VyUDdncXBu Z2NTYjlNMVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAIAGw MsD/AAIwDQYJKoZIhvcNAQELBQADggEBAHhceFBVvQIkqZlYA15lFuQq9vjWqK67 o049Qr7O5SJ7H+5wNKR/zcRx/9y0RcooVAnOJCIhkR3XiMln7Pnhg3GLfKF9N5QB zSfsBJ+Y441eesWKj1dygwpa+7jAEiN0x00QdqkOOh7YqcvpziRFbQ0ScT6sDS+G 1XpasoWBg4ZHucAwjSC6fwJzQ06Qx4mviPxKV+tMDkNcpDtLW3AeXgpJjzDfW28o uj9tT0ibeZRVMjnoRHcv1vS+Kj7uoPTzZf0K0QLK8tNOIz5kTYZC4IzfOIic7Wg5 sPwh1H4knejZALUjoD0nBVolAbuQxpaaH6RzghBK2fqcCOMUnRVrDfI= -----END CERTIFICATE-----Generated at Fri Sep 5 21:10:58 2025 by rpki-client