$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/fG8LGxK6gtWCqsPfRD5NZp8KFLQ.roa File: fG8LGxK6gtWCqsPfRD5NZp8KFLQ.roa (raw, json) Hash identifier: eBpeqhGKQbX3otzkqnA1e7BilaUeX1Yf2I1ld3mU5MY= Subject key identifier: 7C:6F:0B:1B:12:BA:82:D5:82:AA:C3:DF:44:3E:4D:66:9F:0A:14:B4 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 18EC Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fG8LGxK6gtWCqsPfRD5NZp8KFLQ.roa Signing time: Fri 22 Aug 2025 09:02:37 +0000 ROA not before: Fri 22 Aug 2025 09:02:37 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 20940 IP address blocks: 203.69.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6380 (0x18ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=7C6F0B1B12BA82D582AAC3DF443E4D669F0A14B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:32:1b:77:16:af:55:e8:a7:d3:a8:b5:81:a5: 0f:11:82:ef:6c:63:af:1a:01:f9:fd:e4:50:4f:17: 37:cb:5e:5b:ac:d4:c2:c2:49:ec:dc:c6:9e:c8:fd: 83:85:ad:91:76:16:6d:e2:52:b3:99:41:9d:0f:1a: 43:54:11:ce:19:8f:77:2b:87:6c:09:0b:71:66:3b: 88:31:29:38:0e:df:5c:00:0c:2f:fa:6e:98:69:6e: b1:c2:28:53:aa:37:d9:07:1c:35:dd:18:4c:1e:31: b5:c7:7f:45:9f:aa:48:69:da:2c:ad:88:96:69:59: de:8a:06:87:d0:64:1b:fa:1b:1a:f0:eb:d3:d9:b1: b3:a4:e2:26:ba:fb:b5:38:c9:c9:18:47:8a:4b:4e: 05:b4:fe:82:57:05:83:a5:82:f8:d8:ce:d2:30:8c: ef:b0:05:12:1b:4c:2e:66:52:ba:6e:98:91:ad:c6: 11:b2:67:4e:21:0e:f8:35:29:b6:89:89:5e:74:8e: 98:8f:3f:af:fd:89:30:64:b9:c1:5f:4e:bc:3d:fd: 5e:a8:2f:c4:62:8c:23:30:f6:91:da:6e:22:d0:2a: d2:71:c2:ca:8d:40:77:18:d7:73:d5:83:78:41:ed: 0b:b8:06:01:54:66:0f:90:70:8e:e2:82:c2:19:d8: 07:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:6F:0B:1B:12:BA:82:D5:82:AA:C3:DF:44:3E:4D:66:9F:0A:14:B4 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/fG8LGxK6gtWCqsPfRD5NZp8KFLQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.69.138.0/24 Signature Algorithm: sha256WithRSAEncryption 94:94:37:eb:6d:c3:81:9f:d2:fa:22:bc:71:c8:67:1c:25:49: 6f:0a:ed:f9:09:84:41:1b:cf:78:4d:23:86:cc:1d:cb:00:08: 13:05:32:31:16:23:98:02:ed:42:f1:4b:5d:6e:15:cc:84:ca: 97:bc:eb:cc:2e:b5:ca:a5:08:b8:55:31:bf:80:b1:d8:b8:01: 0c:88:7d:69:99:7f:b4:c2:44:bf:c2:fe:90:d3:12:5f:a6:d9: 53:cf:a7:c9:c3:02:b4:26:e3:34:d5:d6:dc:8e:22:d3:20:0d: 9e:e1:95:83:5f:71:0c:33:e7:cc:f5:65:18:cb:53:09:8f:d7: e6:26:48:f4:c8:6f:1d:77:8a:59:61:43:96:ae:f2:0e:79:bf: 1e:d7:b3:39:81:b8:cc:d3:1c:19:a3:da:86:73:5b:36:ce:fa: 4f:97:aa:0c:1a:ac:02:aa:44:c2:d0:2c:93:d2:af:37:bd:89: d8:f4:32:f7:4b:1d:df:f0:aa:4b:5f:2b:91:16:40:b2:ef:ba: 70:5d:7a:6c:90:13:c8:d7:99:5e:5c:06:b3:50:63:c0:08:76: ec:f0:cc:29:15:09:80:37:32:4d:05:3b:91:40:fd:5c:f3:86: 4f:92:2f:19:68:73:74:dc:c3:9d:a0:e1:2b:d8:e6:66:2a:2f: c4:3b:ea:08 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICGOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyMzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDdDNkYwQjFCMTJCQTgy RDU4MkFBQzNERjQ0M0U0RDY2OUYwQTE0QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6Mht3Fq9V6KfTqLWBpQ8Rgu9sY68aAfn95FBPFzfLXlus1MLC Sezcxp7I/YOFrZF2Fm3iUrOZQZ0PGkNUEc4Zj3crh2wJC3FmO4gxKTgO31wADC/6 bphpbrHCKFOqN9kHHDXdGEweMbXHf0Wfqkhp2iytiJZpWd6KBofQZBv6Gxrw69PZ sbOk4ia6+7U4yckYR4pLTgW0/oJXBYOlgvjYztIwjO+wBRIbTC5mUrpumJGtxhGy Z04hDvg1KbaJiV50jpiPP6/9iTBkucFfTrw9/V6oL8RijCMw9pHabiLQKtJxwsqN QHcY13PVg3hB7Qu4BgFUZg+QcI7igsIZ2AebAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUfG8LGxK6gtWCqsPfRD5NZp8KFLQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9mRzhMR3hLNmd0V0Nxc1BmUkQ1 TlpwOEtGTFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0WK MA0GCSqGSIb3DQEBCwUAA4IBAQCUlDfrbcOBn9L6IrxxyGccJUlvCu35CYRBG894 TSOGzB3LAAgTBTIxFiOYAu1C8UtdbhXMhMqXvOvMLrXKpQi4VTG/gLHYuAEMiH1p mX+0wkS/wv6Q0xJfptlTz6fJwwK0JuM01dbcjiLTIA2e4ZWDX3EMM+fM9WUYy1MJ j9fmJkj0yG8dd4pZYUOWrvIOeb8e17M5gbjM0xwZo9qGc1s2zvpPl6oMGqwCqkTC 0CyT0q83vYnY9DL3Sx3f8KpLXyuRFkCy77pwXXpskBPI15leXAazUGPACHbs8Mwp FQmANzJNBTuRQP1c84ZPki8ZaHN03MOdoOEr2OZmKi/EO+oI -----END CERTIFICATE-----Generated at Fri Sep 5 21:15:37 2025 by rpki-client