$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2-2dCs0N6z6BaZY6qPNsXm_5e1Y.roa File: 2-2dCs0N6z6BaZY6qPNsXm_5e1Y.roa (raw, json) Hash identifier: JYO6ZXR4sZH0KmW8z/0M6YJBi/KWgC4qX7258KcXlhM= Subject key identifier: DB:ED:9D:0A:CD:0D:EB:3E:81:69:96:3A:A8:F3:6C:5E:6F:F9:7B:56 Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A Certificate serial: 0EC6 Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2-2dCs0N6z6BaZY6qPNsXm_5e1Y.roa Signing time: Fri 22 Aug 2025 09:03:09 +0000 ROA not before: Fri 22 Aug 2025 09:03:09 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 168.95.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3782 (0xec6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A Validity Not Before: Aug 22 09:03:09 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DBED9D0ACD0DEB3E8169963AA8F36C5E6FF97B56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:79:b8:b0:fe:1f:02:60:d6:cc:a6:25:33:05: 0d:e9:5f:ce:41:12:d1:2f:91:7a:83:b1:7c:0e:89: 35:24:f2:68:95:5c:ca:86:4a:1d:50:9a:fc:63:68: 84:22:8d:cb:69:30:7f:5c:b5:30:91:fd:70:2d:7a: e3:e3:a8:93:cf:b7:0c:30:f7:81:ed:b1:71:19:cf: 3f:46:41:58:84:dc:41:8d:cc:f7:1a:ae:be:b7:5e: ee:36:08:f6:cc:c3:13:ac:77:9d:a3:f4:ef:68:71: 2f:56:f8:a9:ff:8a:35:13:57:b5:fe:5c:2a:85:19: cf:4a:fa:c0:38:00:c2:67:7a:ff:81:1c:5b:dc:c1: f0:34:d9:b3:84:63:15:bc:c5:ea:89:e5:1a:c3:46: bd:3b:4c:14:de:a4:a6:ec:e1:50:1a:17:7c:32:82: ca:ee:37:43:64:f4:e7:09:ee:ff:df:70:41:47:af: ac:b4:19:54:45:d9:88:29:82:0e:6d:15:24:31:54: 4e:e5:b4:25:15:79:c5:29:db:ff:e5:a6:21:3a:99: af:d1:58:f2:f2:f3:ba:cc:e1:ee:fe:37:89:13:c0: 8a:d3:8f:1b:53:1e:8f:11:75:b9:20:f6:e1:03:09: a9:dc:5c:85:4e:9e:85:f0:e5:ba:03:c7:82:43:ad: 0e:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:ED:9D:0A:CD:0D:EB:3E:81:69:96:3A:A8:F3:6C:5E:6F:F9:7B:56 X509v3 Authority Key Identifier: keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2-2dCs0N6z6BaZY6qPNsXm_5e1Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 168.95.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2f:8a:10:3e:ea:c9:88:2f:56:52:c4:1e:17:d8:b6:18:a5:75: 98:7c:18:4c:6e:5a:ce:19:bc:e3:cd:86:00:70:3d:5f:bb:ef: e4:73:45:fc:05:89:44:36:89:f4:68:fc:a2:b1:5f:8a:b7:b4: bd:47:4c:b9:8e:95:d0:cf:60:d2:c7:6c:37:86:b9:41:fb:6b: 72:66:43:9b:c6:64:28:67:ce:50:29:3d:d3:1c:68:ab:5f:95: 1a:2f:28:a7:9d:ba:2e:91:29:a1:0d:51:b2:40:97:2c:0e:2a: c3:e4:69:c7:12:cb:13:dc:6f:c1:45:c1:91:ad:75:dd:5a:1f: d2:2d:ab:c8:8b:4a:9f:3b:19:b0:92:d0:e2:54:cf:9e:30:1e: 52:63:3f:d0:1f:b5:9c:8a:51:d3:1e:99:22:c6:a9:74:94:c2: d2:e6:f1:a2:8b:04:9d:eb:b5:51:da:ff:0d:ac:ca:16:79:27: b5:e4:53:8c:8d:8e:21:50:cc:8c:b6:df:22:fc:d9:72:f2:36: 07:21:d2:e5:e8:0e:98:4c:df:d5:54:77:51:6d:0b:e7:3b:01: 60:d7:66:d4:77:29:cc:e0:37:eb:c7:99:1b:af:d3:ea:6b:d3: 15:4a:e4:b0:6d:b3:b2:47:ad:dc:55:d1:c1:9c:3a:d8:e8:2a: 10:c1:70:1e -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICDsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3 NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yNTA4MjIw OTAzMDlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERCRUQ5RDBBQ0QwREVC M0U4MTY5OTYzQUE4RjM2QzVFNkZGOTdCNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEebiw/h8CYNbMpiUzBQ3pX85BEtEvkXqDsXwOiTUk8miVXMqG Sh1QmvxjaIQijctpMH9ctTCR/XAteuPjqJPPtwww94HtsXEZzz9GQViE3EGNzPca rr63Xu42CPbMwxOsd52j9O9ocS9W+Kn/ijUTV7X+XCqFGc9K+sA4AMJnev+BHFvc wfA02bOEYxW8xeqJ5RrDRr07TBTepKbs4VAaF3wygsruN0Nk9OcJ7v/fcEFHr6y0 GVRF2Ygpgg5tFSQxVE7ltCUVecUp2//lpiE6ma/RWPLy87rM4e7+N4kTwIrTjxtT Ho8Rdbkg9uEDCancXIVOnoXw5boDx4JDrQ79AgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU2+2dCs0N6z6BaZY6qPNsXm/5e1YwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yLTJkQ3MwTjZ6NkJhWlk2cVBO c1htXzVlMVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAqF8w DQYJKoZIhvcNAQELBQADggEBAC+KED7qyYgvVlLEHhfYthildZh8GExuWs4ZvOPN hgBwPV+77+RzRfwFiUQ2ifRo/KKxX4q3tL1HTLmOldDPYNLHbDeGuUH7a3JmQ5vG ZChnzlApPdMcaKtflRovKKedui6RKaENUbJAlywOKsPkaccSyxPcb8FFwZGtdd1a H9Itq8iLSp87GbCS0OJUz54wHlJjP9AftZyKUdMemSLGqXSUwtLm8aKLBJ3rtVHa /w2syhZ5J7XkU4yNjiFQzIy23yL82XLyNgch0uXoDphM39VUd1FtC+c7AWDXZtR3 KczgN+vHmRuv0+pr0xVK5LBts7JHrdxV0cGcOtjoKhDBcB4= -----END CERTIFICATE-----Generated at Wed Nov 5 12:43:05 2025 by rpki-client