$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/McXaDuCpty1A49uYTynb9CjTw80.roa File: McXaDuCpty1A49uYTynb9CjTw80.roa (raw, json) Hash identifier: VUbet3IQt43anegTWb01f/wUfEi3G2lZLwPUmiJPbMw= Subject key identifier: 31:C5:DA:0E:E0:A9:B7:2D:40:E3:DB:98:4F:29:DB:F4:28:D3:C3:CD Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 18CD Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/McXaDuCpty1A49uYTynb9CjTw80.roa Signing time: Fri 22 Aug 2025 09:02:28 +0000 ROA not before: Fri 22 Aug 2025 09:02:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 21859 IP address blocks: 210.61.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6349 (0x18cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=31C5DA0EE0A9B72D40E3DB984F29DBF428D3C3CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9e:24:0b:2d:c6:bd:e6:bd:48:8d:4c:6d:98: 31:4c:b7:e5:d5:d6:29:d7:63:6d:ad:42:60:f2:46: e0:78:36:82:5a:01:56:4c:c9:12:89:f1:8f:e2:fe: 31:83:18:2b:32:f4:b2:50:61:93:41:00:63:93:2a: c9:69:d8:2c:c1:d7:00:fb:a4:29:db:aa:88:f8:bb: 93:f3:f0:5e:11:0b:e5:f1:96:25:ac:31:48:71:f3: 49:77:87:26:ee:7d:ba:b1:02:16:a2:a3:fe:61:8e: 07:74:2c:10:3c:9a:e0:de:07:b5:97:88:77:2d:81: f0:f2:de:35:6f:b1:f7:af:49:e1:90:44:1f:c6:26: 41:26:94:0e:aa:e9:98:bb:ac:7b:f2:97:f2:fa:43: 63:9c:e4:9c:4a:f4:0d:4e:f8:39:fa:ea:8f:6f:ef: 1e:98:a1:4c:31:a9:55:c0:df:0f:71:c2:fc:c5:d7: 29:6a:c7:b2:3e:0a:48:44:14:d3:76:6d:06:27:91: 82:b2:57:96:c7:75:72:ee:12:2c:98:47:7c:e4:d0: dd:b5:bc:e4:36:0b:d3:5d:52:dc:5d:da:46:7a:29: 6a:3c:ef:8c:3f:46:a4:43:25:81:6b:19:b9:a0:a6: e3:ca:3d:15:47:d0:7b:37:ef:d4:5a:22:ef:4b:89: 77:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C5:DA:0E:E0:A9:B7:2D:40:E3:DB:98:4F:29:DB:F4:28:D3:C3:CD X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/McXaDuCpty1A49uYTynb9CjTw80.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.61.104.0/24 Signature Algorithm: sha256WithRSAEncryption 46:98:e1:94:af:74:af:20:ef:1a:6c:7d:49:15:a4:36:f3:66: 69:26:db:63:70:c0:60:cd:d0:c9:5a:4a:b8:4a:ca:7b:17:6d: 9e:3a:c3:13:d1:29:59:8c:0e:f0:d5:47:9b:ca:e8:09:ef:57: f6:ff:e3:ec:21:42:70:df:b4:fe:03:a0:c1:a2:0a:9d:f4:4b: 10:ec:7e:54:48:94:0c:13:b1:4d:48:e8:ee:d5:ad:46:4a:01: 37:f4:35:8a:80:bc:87:ac:dd:01:71:f4:35:67:4a:0d:30:bb: fc:e9:41:1f:ff:1c:aa:d5:09:f0:bb:f3:a4:5a:b0:49:17:7d: a6:e5:b4:47:a3:4f:7b:63:35:da:fe:63:13:e5:ac:cb:d3:d6: 85:30:90:14:fc:63:64:c3:88:69:d6:48:ca:08:a8:0c:cd:f5: 25:d0:5c:f8:17:fa:79:bf:3b:cc:57:8f:24:e6:d4:91:c5:f4: f3:83:33:f4:d1:7c:77:51:b5:4f:f7:e6:19:ab:b8:ff:75:bd: 53:f5:33:b9:dc:18:a4:3c:6c:39:85:57:64:7c:3a:45:45:06: ff:26:30:99:09:08:19:cc:61:7a:59:12:07:73:ad:57:59:7d: 87:54:97:60:3c:60:b1:a5:93:89:10:89:64:30:da:23:26:69: 4a:73:7e:4c -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICGM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyMjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDMxQzVEQTBFRTBBOUI3 MkQ0MEUzREI5ODRGMjlEQkY0MjhEM0MzQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKniQLLca95r1IjUxtmDFMt+XV1inXY22tQmDyRuB4NoJaAVZM yRKJ8Y/i/jGDGCsy9LJQYZNBAGOTKslp2CzB1wD7pCnbqoj4u5Pz8F4RC+XxliWs MUhx80l3hybufbqxAhaio/5hjgd0LBA8muDeB7WXiHctgfDy3jVvsfevSeGQRB/G JkEmlA6q6Zi7rHvyl/L6Q2Oc5JxK9A1O+Dn66o9v7x6YoUwxqVXA3w9xwvzF1ylq x7I+CkhEFNN2bQYnkYKyV5bHdXLuEiyYR3zk0N21vOQ2C9NdUtxd2kZ6KWo874w/ RqRDJYFrGbmgpuPKPRVH0Hs379RaIu9LiXe9AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUMcXaDuCpty1A49uYTynb9CjTw80wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9NY1hhRHVDcHR5MUE0OXVZVHlu YjlDalR3ODAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j1o MA0GCSqGSIb3DQEBCwUAA4IBAQBGmOGUr3SvIO8abH1JFaQ282ZpJttjcMBgzdDJ Wkq4Ssp7F22eOsMT0SlZjA7w1UebyugJ71f2/+PsIUJw37T+A6DBogqd9EsQ7H5U SJQME7FNSOju1a1GSgE39DWKgLyHrN0BcfQ1Z0oNMLv86UEf/xyq1Qnwu/OkWrBJ F32m5bRHo097YzXa/mMT5azL09aFMJAU/GNkw4hp1kjKCKgMzfUl0Fz4F/p5vzvM V48k5tSRxfTzgzP00Xx3UbVP9+YZq7j/db1T9TO53BikPGw5hVdkfDpFRQb/JjCZ CQgZzGF6WRIHc61XWX2HVJdgPGCxpZOJEIlkMNojJmlKc35M -----END CERTIFICATE-----Generated at Fri Sep 5 21:08:48 2025 by rpki-client