$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/ovCYzIIpOsT-2HHybh5YY3EQmm0.roa File: ovCYzIIpOsT-2HHybh5YY3EQmm0.roa (raw, json) Hash identifier: szTm/2exTOba4RS3gDCJ5AYkBCpCJsbFoEmW+CHstxw= Subject key identifier: A2:F0:98:CC:82:29:3A:C4:FE:D8:71:F2:6E:1E:58:63:71:10:9A:6D Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1905 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ovCYzIIpOsT-2HHybh5YY3EQmm0.roa Signing time: Fri 22 Aug 2025 09:02:41 +0000 ROA not before: Fri 22 Aug 2025 09:02:41 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 114.32.0.0/12 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 00:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6405 (0x1905) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:41 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A2F098CC82293AC4FED871F26E1E586371109A6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7e:9f:c5:bb:14:11:b5:b9:84:75:fa:ef:ef: 4c:16:53:41:ba:00:8f:8e:66:d8:4a:b2:8a:61:1e: d7:bc:68:63:50:f6:8c:94:4a:4e:0d:4c:5b:da:8e: 22:13:d6:31:d3:7e:fa:9f:c5:e6:ce:83:c7:81:24: fe:18:5c:fa:5f:a9:a5:f9:b8:6b:05:00:63:19:19: 7a:10:36:76:62:8f:a5:53:ae:74:2c:be:57:54:30: 7d:8f:94:4c:73:2c:50:90:6b:61:ae:3f:44:26:e9: ae:26:13:25:be:8d:1b:64:ec:51:e0:72:8d:34:f9: bd:94:9f:7d:0b:99:cf:28:5c:dc:18:29:e9:11:ce: 40:db:9c:6d:87:9d:a2:fd:86:c0:9b:3e:a2:1c:52: 5f:31:36:02:4a:90:c7:0d:30:18:d6:5d:3a:98:db: 15:d6:b9:6e:26:a7:f0:6b:bd:bc:a6:4f:95:a1:26: 04:b7:7f:26:34:72:cd:89:b7:3d:fc:db:2a:77:35: 25:c4:df:5d:31:e1:b0:51:11:f9:ae:68:25:87:8f: 8e:e3:90:f4:e8:fc:62:61:04:be:5d:a2:8d:ac:ee: 6b:0c:44:6f:80:5c:9d:b1:1f:b1:57:c9:a9:b4:60: 61:f9:26:20:6e:71:8c:21:ee:57:4b:d7:ce:d6:8a: 7a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:F0:98:CC:82:29:3A:C4:FE:D8:71:F2:6E:1E:58:63:71:10:9A:6D X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ovCYzIIpOsT-2HHybh5YY3EQmm0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.32.0.0/12 Signature Algorithm: sha256WithRSAEncryption 3f:3c:41:aa:14:93:c3:16:a5:18:92:e9:f9:45:c4:09:f6:ee: 69:84:93:2f:9b:3e:f8:3e:12:8c:b3:0f:84:c4:6f:6c:9a:f0: 17:2a:c0:c3:f1:ce:82:23:89:23:18:a3:5e:a6:b0:f3:24:c6: 30:2b:75:51:97:ab:7d:20:34:c7:cd:16:3d:3e:f5:18:61:2f: d7:8a:44:de:ce:26:e8:18:68:0e:f4:c7:3c:45:ef:de:84:63: ac:f5:7b:b4:d7:39:29:64:42:95:0f:ae:3a:37:07:05:8c:c4: 55:ad:f6:e7:04:6f:15:ac:8c:50:60:07:62:db:58:14:dc:72: df:3e:c8:4e:e0:f0:17:ad:72:8f:a6:2b:dc:a9:3a:d2:7a:aa: 54:68:dd:29:c6:09:4e:8a:98:8e:8a:5b:52:64:c7:a9:b5:5b: 33:23:db:c3:ba:5c:8b:61:f0:c0:7b:aa:f5:95:d5:4a:05:53: 74:b8:78:f0:a5:c5:e8:fb:13:2a:e2:56:e4:18:11:ab:b1:46: 30:35:bd:15:3b:47:18:ef:36:4a:b5:a0:b2:70:b5:05:95:d7: 2f:c0:7a:b4:6e:c2:7a:31:9d:d2:c0:7c:18:02:58:87:73:d6: 2f:7b:4f:65:d5:0b:66:c0:fe:05:66:84:f1:f1:48:f1:09:6e: fb:87:10:5c -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICGQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNDFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEEyRjA5OENDODIyOTNB QzRGRUQ4NzFGMjZFMUU1ODYzNzExMDlBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdfp/FuxQRtbmEdfrv70wWU0G6AI+OZthKsophHte8aGNQ9oyU Sk4NTFvajiIT1jHTfvqfxebOg8eBJP4YXPpfqaX5uGsFAGMZGXoQNnZij6VTrnQs vldUMH2PlExzLFCQa2GuP0Qm6a4mEyW+jRtk7FHgco00+b2Un30Lmc8oXNwYKekR zkDbnG2HnaL9hsCbPqIcUl8xNgJKkMcNMBjWXTqY2xXWuW4mp/BrvbymT5WhJgS3 fyY0cs2Jtz382yp3NSXE310x4bBREfmuaCWHj47jkPTo/GJhBL5doo2s7msMRG+A XJ2xH7FXyam0YGH5JiBucYwh7ldL187WinqTAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQUovCYzIIpOsT+2HHybh5YY3EQmm0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vdkNZeklJcE9zVC0ySEh5Ymg1 WVkzRVFtbTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEciAw DQYJKoZIhvcNAQELBQADggEBAD88QaoUk8MWpRiS6flFxAn27mmEky+bPvg+Eoyz D4TEb2ya8BcqwMPxzoIjiSMYo16msPMkxjArdVGXq30gNMfNFj0+9RhhL9eKRN7O JugYaA70xzxF796EY6z1e7TXOSlkQpUPrjo3BwWMxFWt9ucEbxWsjFBgB2LbWBTc ct8+yE7g8Betco+mK9ypOtJ6qlRo3SnGCU6KmI6KW1Jkx6m1WzMj28O6XIth8MB7 qvWV1UoFU3S4ePClxej7EyriVuQYEauxRjA1vRU7RxjvNkq1oLJwtQWV1y/AerRu wnoxndLAfBgCWIdz1i97T2XVC2bA/gVmhPHxSPEJbvuHEFw= -----END CERTIFICATE-----Generated at Fri Sep 5 21:08:03 2025 by rpki-client