$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/_XZpQKZZ_x7ZD493V5aH-gNgBpY.roa File: _XZpQKZZ_x7ZD493V5aH-gNgBpY.roa (raw, json) Hash identifier: pRxGcCHX7shbA0yCiPRsFJezdW5kMufyikF1GDNQ55M= Subject key identifier: FD:76:69:40:A6:59:FF:1E:D9:0F:8F:77:57:96:87:FA:03:60:06:96 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1955 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/_XZpQKZZ_x7ZD493V5aH-gNgBpY.roa Signing time: Fri 22 Aug 2025 09:03:00 +0000 ROA not before: Fri 22 Aug 2025 09:03:00 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 2001:b000::/21 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6485 (0x1955) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:03:00 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=FD766940A659FF1ED90F8F77579687FA03600696 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fa:8f:84:bd:7b:38:59:1f:40:97:a2:4c:e0: a3:f6:ce:11:25:3c:77:53:ea:2e:01:a6:61:c0:fb: b0:b3:0b:be:bd:9d:0a:13:72:fa:61:5a:58:29:47: ce:c4:51:f6:8b:74:4c:18:2c:19:b6:9f:9a:05:8e: 9b:79:16:57:f1:f8:dc:a6:30:43:dd:c5:26:e4:a9: 6f:23:89:a9:ab:f3:25:38:44:38:cf:24:2a:e5:34: 05:b3:b7:70:7d:84:ea:4a:4b:87:73:2d:61:f1:72: bb:a4:ea:dd:2a:50:e2:dc:1f:c7:e8:59:3e:c4:83: 3f:28:da:e9:5c:28:81:2c:cd:61:42:04:37:e7:47: c5:c8:e3:40:85:05:5c:70:9b:41:86:e7:a7:53:5d: 4a:85:80:a1:64:54:c1:76:f7:a7:f0:b4:d7:43:bb: 25:1d:70:13:eb:3a:9c:21:3e:c3:1d:1e:af:cc:53: 73:6d:37:e8:9a:b3:d8:ff:1f:2d:b0:34:82:c1:9e: 04:53:51:8f:a0:67:f7:b3:17:9c:e5:c9:9d:2a:84: 4f:6a:60:b9:7e:eb:a8:b3:b4:a7:5f:c5:50:ce:26: e7:60:a3:33:df:ed:54:29:16:b0:11:49:b7:e8:79: 0f:e3:22:a3:36:5c:0f:55:31:da:ae:20:47:14:98: 5b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:76:69:40:A6:59:FF:1E:D9:0F:8F:77:57:96:87:FA:03:60:06:96 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/_XZpQKZZ_x7ZD493V5aH-gNgBpY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:b000::/21 Signature Algorithm: sha256WithRSAEncryption b2:24:6b:a4:4b:51:e4:d7:04:08:2d:77:3c:88:b9:07:72:5c: 15:8e:ad:e8:33:9f:6a:cc:f2:b0:00:5b:3a:42:1d:43:ad:73: 0e:9d:12:76:30:4d:8c:80:e7:84:6b:c4:a7:c4:d6:2f:43:3c: ef:e0:1a:28:61:63:0c:fa:ec:04:3e:8e:7f:78:d1:9f:60:3d: bb:04:69:f1:62:54:1a:d7:11:b9:66:2b:bc:ed:3c:cc:bc:f4: 48:3d:6a:d2:ef:09:32:e6:ea:85:4e:57:7c:2a:d8:09:7f:f9: 30:f7:0c:de:e9:b9:61:86:d2:10:ff:b0:5c:b5:9d:be:9b:c0: 11:b2:1d:29:d4:42:74:d4:ea:d7:34:ea:b5:20:cd:3e:ad:28: 91:aa:05:06:c8:36:93:2e:f1:f5:cc:1a:17:d3:da:94:ab:d6: 8f:83:9d:ae:15:ce:5d:2e:eb:92:d4:4a:78:a5:72:46:bb:d8: 52:bd:f2:96:b6:8d:4a:44:38:ac:13:8d:25:bf:a4:a0:7d:db: e6:c4:54:37:4b:eb:2e:b3:38:84:2c:b0:23:b6:09:fa:78:10: eb:1a:a8:22:77:70:4e:b9:76:9e:2d:99:01:d0:cb:43:2d:c4: bc:e0:07:10:84:26:f9:92:87:7d:b7:47:01:b2:83:90:b7:d0: 00:53:c1:91 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICGVUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAzMDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEZENzY2OTQwQTY1OUZG MUVEOTBGOEY3NzU3OTY4N0ZBMDM2MDA2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4+o+EvXs4WR9Al6JM4KP2zhElPHdT6i4BpmHA+7CzC769nQoT cvphWlgpR87EUfaLdEwYLBm2n5oFjpt5Flfx+NymMEPdxSbkqW8jiamr8yU4RDjP JCrlNAWzt3B9hOpKS4dzLWHxcruk6t0qUOLcH8foWT7Egz8o2ulcKIEszWFCBDfn R8XI40CFBVxwm0GG56dTXUqFgKFkVMF296fwtNdDuyUdcBPrOpwhPsMdHq/MU3Nt N+ias9j/Hy2wNILBngRTUY+gZ/ezF5zlyZ0qhE9qYLl+66iztKdfxVDOJudgozPf 7VQpFrARSbfoeQ/jIqM2XA9VMdquIEcUmFuTAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU/XZpQKZZ/x7ZD493V5aH+gNgBpYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9fWFpwUUtaWl94N1pENDkzVjVh SC1nTmdCcFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQDIAGw MA0GCSqGSIb3DQEBCwUAA4IBAQCyJGukS1Hk1wQILXc8iLkHclwVjq3oM59qzPKw AFs6Qh1DrXMOnRJ2ME2MgOeEa8SnxNYvQzzv4BooYWMM+uwEPo5/eNGfYD27BGnx YlQa1xG5Ziu87TzMvPRIPWrS7wky5uqFTld8KtgJf/kw9wze6blhhtIQ/7BctZ2+ m8ARsh0p1EJ01OrXNOq1IM0+rSiRqgUGyDaTLvH1zBoX09qUq9aPg52uFc5dLuuS 1Ep4pXJGu9hSvfKWto1KRDisE40lv6SgfdvmxFQ3S+susziELLAjtgn6eBDrGqgi d3BOuXaeLZkB0MtDLcS84AcQhCb5kod9t0cBsoOQt9AAU8GR -----END CERTIFICATE-----Generated at Fri Sep 5 21:10:59 2025 by rpki-client