$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYSNET/h9cpAVZ5Yfl_FOvEHuNM_TiMiAA.roa File: h9cpAVZ5Yfl_FOvEHuNM_TiMiAA.roa (raw, json) Hash identifier: WtPcennKDZjxQ4/PbUlW/M3iKTU7VpAajUQBjoSUvy8= Subject key identifier: 87:D7:29:01:56:79:61:F9:7F:14:EB:C4:1E:E3:4C:FD:38:8C:88:00 Certificate issuer: /CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC Certificate serial: 0D82 Authority key identifier: 96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/h9cpAVZ5Yfl_FOvEHuNM_TiMiAA.roa Signing time: Fri 23 May 2025 07:38:46 +0000 ROA not before: Fri 23 May 2025 07:38:46 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 213430 IP address blocks: 210.67.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:57:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3458 (0xd82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96BB94B457F9D82A29B5B2FD9F3A4418899E71EC Validity Not Before: May 23 07:38:46 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=87D72901567961F97F14EBC41EE34CFD388C8800 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c3:59:7b:23:1c:ba:dd:3e:89:36:3b:2e:9e: 6b:9a:e0:42:1c:54:06:24:f0:27:a2:2e:db:cb:db: b7:30:61:d7:e5:63:d0:8a:7e:4d:1a:c7:4a:8e:24: 57:d9:79:f0:23:b5:81:4a:93:3a:ea:3f:d4:54:f7: 6c:dc:07:d2:98:24:55:cc:93:d2:2d:75:5d:d9:7a: af:16:fa:c6:79:54:be:ac:23:5d:ed:84:25:06:93: 3f:01:fe:d2:f2:e4:58:e1:df:ef:e8:a8:7d:7a:41: 34:db:78:83:8b:87:58:c5:d5:07:a7:0d:4e:e4:27: 6b:23:a0:c7:e1:eb:b8:82:6e:f6:be:73:3f:9d:68: 3f:14:95:df:a1:5b:27:13:83:38:31:6e:e3:86:13: 6c:bf:a7:c2:d1:26:c9:66:5b:51:a1:d6:2c:db:7b: 31:95:11:7f:aa:16:39:3a:06:06:8b:f6:c5:40:1d: 6a:00:76:8f:ae:79:a3:cf:e6:fa:aa:81:22:a5:9a: a0:b2:88:3c:bc:b0:0a:46:b5:a6:c0:3a:cd:be:0c: 22:67:2c:1f:d1:ef:7e:08:65:4d:5f:7d:4e:3a:52: be:1d:f4:75:f0:c3:6e:af:87:7b:26:09:9e:f6:0c: 5f:f5:34:6a:3f:1a:d5:2c:6d:03:c9:8c:ea:72:48: a6:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:D7:29:01:56:79:61:F9:7F:14:EB:C4:1E:E3:4C:FD:38:8C:88:00 X509v3 Authority Key Identifier: keyid:96:BB:94:B4:57:F9:D8:2A:29:B5:B2:FD:9F:3A:44:18:89:9E:71:EC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/lruUtFf52CoptbL9nzpEGImecew.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/lruUtFf52CoptbL9nzpEGImecew.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYSNET/h9cpAVZ5Yfl_FOvEHuNM_TiMiAA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.67.140.0/22 Signature Algorithm: sha256WithRSAEncryption 6e:f6:5d:e6:0c:84:ce:e0:26:0f:17:b2:27:ff:07:95:e9:f8: 96:3f:38:fb:a5:dc:8e:5f:a4:57:9e:cd:db:54:b9:cb:9f:c5: 00:41:a6:1e:8b:ff:1c:65:0b:4d:e4:a6:58:af:b7:f5:ef:6d: 58:d2:79:0e:78:bf:b2:f5:37:5b:3d:71:d4:12:fa:df:50:ef: 27:6f:ae:f8:3d:23:34:4c:0a:f5:8c:9c:17:a4:e3:8d:98:3d: 32:31:d6:ae:7d:6c:ac:e4:93:11:da:ed:e9:1b:c5:5d:c5:b4: c3:04:59:f9:fd:98:c6:04:0d:8f:49:e8:77:da:61:f6:76:a6: 22:e0:3f:1e:dc:53:11:9e:de:db:86:83:e5:46:82:ee:73:fd: 04:57:7b:fd:ef:25:f6:24:0b:c3:bc:f2:28:f4:db:62:e3:ec: ba:95:a6:cc:66:e5:b7:74:83:86:f4:0c:a2:9f:9c:cb:5b:32: 6a:81:d9:0b:4a:71:48:33:7b:39:dd:33:b8:d3:44:8a:be:66: cd:53:f6:70:93:bd:7f:c8:8c:e9:13:8c:eb:e1:ac:61:29:91: 69:86:80:22:14:e8:cd:e1:5c:75:3d:af:6b:72:2a:f1:82:26: 01:ed:a1:e0:02:99:6f:2f:26:9a:07:ce:35:ad:be:ba:4d:f2: 62:52:9d:ac -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTZC Qjk0QjQ1N0Y5RDgyQTI5QjVCMkZEOUYzQTQ0MTg4OTlFNzFFQzAeFw0yNTA1MjMw NzM4NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3RDcyOTAxNTY3OTYx Rjk3RjE0RUJDNDFFRTM0Q0ZEMzg4Qzg4MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuw1l7Ixy63T6JNjsunmua4EIcVAYk8CeiLtvL27cwYdflY9CK fk0ax0qOJFfZefAjtYFKkzrqP9RU92zcB9KYJFXMk9ItdV3Zeq8W+sZ5VL6sI13t hCUGkz8B/tLy5Fjh3+/oqH16QTTbeIOLh1jF1QenDU7kJ2sjoMfh67iCbva+cz+d aD8Uld+hWycTgzgxbuOGE2y/p8LRJslmW1Gh1izbezGVEX+qFjk6BgaL9sVAHWoA do+ueaPP5vqqgSKlmqCyiDy8sApGtabAOs2+DCJnLB/R734IZU1ffU46Ur4d9HXw w26vh3smCZ72DF/1NGo/GtUsbQPJjOpySKb5AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUh9cpAVZ5Yfl/FOvEHuNM/TiMiAAwHwYDVR0jBBgwFoAUlruUtFf52CoptbL9 nzpEGImecewwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVU L2xydVV0RmY1MkNvcHRiTDluenBFR0ltZWNldy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbHJ1VXRGZjUyQ29wdGJMOW56cEVHSW1lY2V3LmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lTTkVUL2g5Y3BBVlo1WWZsX0ZPdkVI dU5NX1RpTWlBQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALS Q4wwDQYJKoZIhvcNAQELBQADggEBAG72XeYMhM7gJg8Xsif/B5Xp+JY/OPul3I5f pFeezdtUucufxQBBph6L/xxlC03kplivt/XvbVjSeQ54v7L1N1s9cdQS+t9Q7ydv rvg9IzRMCvWMnBek442YPTIx1q59bKzkkxHa7ekbxV3FtMMEWfn9mMYEDY9J6Hfa YfZ2piLgPx7cUxGe3tuGg+VGgu5z/QRXe/3vJfYkC8O88ij022Lj7LqVpsxm5bd0 g4b0DKKfnMtbMmqB2QtKcUgzezndM7jTRIq+Zs1T9nCTvX/IjOkTjOvhrGEpkWmG gCIU6M3hXHU9r2tyKvGCJgHtoeACmW8vJpoHzjWtvrpN8mJSnaw= -----END CERTIFICATE-----Generated at Wed Jun 4 00:16:33 2025 by rpki-client