$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2QBbZ_B3U4BxNg8OUpqqqkvnhA0.roa File: 2QBbZ_B3U4BxNg8OUpqqqkvnhA0.roa (raw, json) Hash identifier: I5fELddbL9x5yvVnjN3G01l30g3WViy8Xps3R9HIyCg= Subject key identifier: D9:00:5B:67:F0:77:53:80:71:36:0F:0E:52:9A:AA:AA:4B:E7:84:0D Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1909 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2QBbZ_B3U4BxNg8OUpqqqkvnhA0.roa Signing time: Fri 22 Aug 2025 09:02:42 +0000 ROA not before: Fri 22 Aug 2025 09:02:42 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 3462 IP address blocks: 125.232.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 11:29:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6409 (0x1909) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Aug 22 09:02:42 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D9005B67F077538071360F0E529AAAAA4BE7840D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:1f:85:74:98:ec:d8:fa:21:80:71:d8:ec:e6: ba:1e:c5:dc:41:33:5f:d2:9c:8a:7e:16:9c:f4:bb: bb:c3:c6:c4:08:0e:c7:00:c0:17:3e:11:7a:37:53: ba:72:25:0b:b6:8b:08:fc:6d:2e:64:51:ec:c3:dc: 37:a8:9e:62:fb:64:2f:c9:d8:b2:12:f4:55:03:46: 56:c2:4c:2f:8a:b2:bb:6a:e5:a2:d1:ce:fd:20:11: 80:a3:0a:38:d7:db:07:05:62:a9:8c:bb:22:ab:be: 2d:c9:4c:ed:7d:09:5a:7a:64:94:d9:95:52:83:51: a3:4a:17:f9:4c:42:70:42:76:f4:78:c3:78:91:22: 94:4d:7e:43:70:72:a3:68:f2:eb:db:44:39:4b:e7: f5:29:f5:6c:9c:71:48:fb:e7:03:62:ec:2c:83:bb: 65:ec:43:2b:db:f4:ac:1d:d1:f4:0c:e3:87:9e:9b: 72:df:23:db:63:8b:6f:56:b4:31:bd:be:70:f6:e3: 56:66:d8:2b:42:f4:f0:17:c9:96:7c:78:aa:eb:8a: 45:81:c3:93:3d:26:de:8b:6d:a5:90:4f:9b:77:2f: 2d:45:dd:c1:56:f9:f0:0b:fa:42:47:f9:b6:2b:84: af:35:15:76:d3:98:be:fc:17:ce:20:e7:17:bf:48: 91:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:00:5B:67:F0:77:53:80:71:36:0F:0E:52:9A:AA:AA:4B:E7:84:0D X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2QBbZ_B3U4BxNg8OUpqqqkvnhA0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 125.232.0.0/15 Signature Algorithm: sha256WithRSAEncryption 92:50:a2:24:54:26:c3:e0:02:88:2c:bc:85:1b:bb:eb:b7:d1: 4f:f5:8e:22:f7:0e:d2:f4:81:11:c2:85:97:ec:a8:c2:1f:63: b7:16:7e:40:57:10:51:cc:58:69:0e:c8:0e:c8:d1:4c:aa:08: a0:52:c3:a5:a0:16:35:c0:8c:4e:2c:7a:79:cf:d6:de:79:e1: b4:d1:b0:b1:b9:b8:2c:85:ec:b8:37:77:cf:38:53:31:f7:88: 79:6f:c7:a8:bd:e8:55:b8:3d:b8:14:ba:66:c8:27:ab:91:51: 2e:61:94:e9:58:89:39:1e:c9:46:24:26:19:05:cd:49:67:c1: 6c:e8:4c:f8:2c:5b:ce:da:5b:9b:d5:00:23:16:ed:a4:1c:bc: 58:05:74:97:ce:93:64:75:07:46:1d:d2:69:4d:25:16:55:b8: 85:8f:f4:7e:55:20:3d:aa:72:35:81:5e:a9:29:41:84:2f:53: 65:b1:24:50:4c:7a:88:b2:97:f6:3b:9f:39:e6:92:99:5a:11: 52:17:85:0c:f7:a2:fe:9a:45:27:31:7d:2a:48:82:41:8d:f7: 93:df:c0:5f:9e:18:a5:15:47:5f:28:ea:41:be:b5:e6:d5:fc: 05:9e:8f:17:14:3e:0b:9d:87:fc:1b:ee:7b:ae:da:28:68:c6: 30:08:6e:6a -----BEGIN CERTIFICATE----- MIIEzzCCA7egAwIBAgICGQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTA4MjIw OTAyNDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ5MDA1QjY3RjA3NzUz ODA3MTM2MEYwRTUyOUFBQUFBNEJFNzg0MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxH4V0mOzY+iGAcdjs5roexdxBM1/SnIp+Fpz0u7vDxsQIDscA wBc+EXo3U7pyJQu2iwj8bS5kUezD3DeonmL7ZC/J2LIS9FUDRlbCTC+Ksrtq5aLR zv0gEYCjCjjX2wcFYqmMuyKrvi3JTO19CVp6ZJTZlVKDUaNKF/lMQnBCdvR4w3iR IpRNfkNwcqNo8uvbRDlL5/Up9WyccUj75wNi7CyDu2XsQyvb9Kwd0fQM44eem3Lf I9tji29WtDG9vnD241Zm2CtC9PAXyZZ8eKrrikWBw5M9Jt6LbaWQT5t3Ly1F3cFW +fAL+kJH+bYrhK81FXbTmL78F84g5xe/SJGxAgMBAAGjggHrMIIB5zAdBgNVHQ4E FgQU2QBbZ/B3U4BxNg8OUpqqqkvnhA0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yUUJiWl9CM1U0QnhOZzhPVXBx cXFrdm5oQTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBfegw DQYJKoZIhvcNAQELBQADggEBAJJQoiRUJsPgAogsvIUbu+u30U/1jiL3DtL0gRHC hZfsqMIfY7cWfkBXEFHMWGkOyA7I0UyqCKBSw6WgFjXAjE4sennP1t554bTRsLG5 uCyF7Lg3d884UzH3iHlvx6i96FW4PbgUumbIJ6uRUS5hlOlYiTkeyUYkJhkFzUln wWzoTPgsW87aW5vVACMW7aQcvFgFdJfOk2R1B0Yd0mlNJRZVuIWP9H5VID2qcjWB XqkpQYQvU2WxJFBMeoiyl/Y7nznmkplaEVIXhQz3ov6aRScxfSpIgkGN95PfwF+e GKUVR18o6kG+tebV/AWejxcUPgudh/wb7nuu2ihoxjAIbmo= -----END CERTIFICATE-----Generated at Wed Nov 5 08:06:40 2025 by rpki-client