$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS131597.roa File: AS131597.roa (raw, json) Hash identifier: D4GAxqyk51rR4YDa8aoQIQFiV2ERQ9HcnJ3dyV6ukFw= Subject key identifier: C2:4D:D3:50:24:A6:56:FB:93:8D:0F:25:6B:44:B5:D7:63:A5:6E:3A Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Certificate serial: 59EBB1894699F488CB90711B3297071106B0B5BE Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131597.roa Signing time: Mon 11 May 2026 17:45:12 +0000 ROA not before: Mon 11 May 2026 17:40:12 +0000 ROA not after: Mon 10 May 2027 17:45:12 +0000 asID: 131597 IP address blocks: 61.61.71.0/24 maxlen: 24 106.105.224.0/20 maxlen: 24 106.105.224.0/21 maxlen: 24 106.105.232.0/21 maxlen: 24 106.105.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:eb:b1:89:46:99:f4:88:cb:90:71:1b:32:97:07:11:06:b0:b5:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Validity Not Before: May 11 17:40:12 2026 GMT Not After : May 10 17:45:12 2027 GMT Subject: CN=C24DD35024A656FB938D0F256B44B5D763A56E3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:13:fe:d0:1d:a0:41:08:a8:72:38:cb:80:dc: 2f:cf:db:64:1a:46:6e:ca:12:9d:f9:b3:53:5b:3e: 5b:c1:ad:c9:fd:cd:02:e2:1a:1b:60:92:e4:cf:14: 85:a2:27:ab:9d:d0:5e:ef:21:e9:09:13:eb:0a:78: 19:64:46:d8:65:3a:ec:70:8d:c1:e8:bb:b6:dd:36: bf:7f:1b:54:15:1e:02:8f:9d:dd:cb:c9:c1:2e:af: 74:b2:83:e1:14:48:4f:99:b9:f4:cb:2d:61:7d:42: 58:f0:7a:44:de:46:69:e8:fd:58:e0:0b:43:b7:f1: 17:5a:c2:b2:4b:ba:fa:1e:07:e0:db:4c:5c:41:78: 63:37:b3:54:23:c0:c4:ae:11:09:30:14:45:e9:07: 2c:f9:7c:ca:81:a9:30:ad:f0:91:d5:cf:1c:71:3f: 4f:2b:d6:0f:97:bd:c5:53:d4:5b:fd:77:26:f5:ac: 78:5d:34:10:7c:da:15:af:a3:fd:f0:e8:c5:7c:a7: 14:93:4d:c3:b9:d6:83:b9:7a:ef:3d:6b:1a:fd:78: 61:6c:1c:6b:36:0e:03:e2:3b:fd:45:bf:2c:e1:6a: ab:f4:2b:1e:70:83:89:d6:c1:1b:32:88:ee:8e:be: e0:26:cc:6b:33:35:3f:9e:fe:e1:d0:00:d9:be:d3: 14:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:4D:D3:50:24:A6:56:FB:93:8D:0F:25:6B:44:B5:D7:63:A5:6E:3A X509v3 Authority Key Identifier: keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131597.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.61.71.0/24 106.105.224.0-106.105.247.255 Signature Algorithm: sha256WithRSAEncryption 85:cc:41:06:1a:7e:ff:84:36:0e:7a:69:1b:2c:09:ae:45:8d: ff:07:7a:2a:3a:04:81:5d:be:30:43:a6:ad:43:f0:a5:a8:05: b5:31:aa:cb:ad:e0:70:ed:5a:98:f5:b9:d8:54:93:54:c5:cc: c4:6e:19:0a:5a:4d:d5:50:0e:be:a9:89:84:dd:81:44:61:cf: e0:dc:af:2a:16:6d:45:e5:8c:86:f6:f4:93:dd:45:17:23:6d: 5e:1b:ee:ed:5d:47:b4:e6:2e:95:09:4a:9d:99:a9:87:66:03: 30:f2:60:b5:c2:7f:90:c2:17:cd:0c:7e:20:15:6a:68:43:0f: 47:6f:04:ea:bd:32:b3:fe:9c:e2:19:da:54:ad:0d:76:c3:d1: b5:71:92:f3:4c:80:b0:a4:96:d0:26:64:90:7d:6c:6c:f1:94: b1:9e:b5:d7:dd:ce:6e:8c:59:a9:1d:8c:8e:cc:c7:21:fd:81: a9:e6:e3:77:f4:22:95:e6:47:0b:6d:0c:06:45:bc:76:00:b7: 37:fa:aa:6d:ff:e6:fb:54:6b:c3:a4:ca:1f:dd:84:7b:00:b1: 1a:d6:cf:17:52:a9:90:13:d4:96:73:88:71:28:3d:47:ab:92: 69:45:34:76:d0:4c:06:5c:a4:07:6e:3b:ea:ba:3b:f1:58:d7: d7:bb:04:c7 -----BEGIN CERTIFICATE----- MIIEtTCCA52gAwIBAgIUWeuxiUaZ9IjLkHEbMpcHEQawtb4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC NDc0RTdGQjAeFw0yNjA1MTExNzQwMTJaFw0yNzA1MTAxNzQ1MTJaMDMxMTAvBgNV BAMTKEMyNEREMzUwMjRBNjU2RkI5MzhEMEYyNTZCNDRCNUQ3NjNBNTZFM0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2E/7QHaBBCKhyOMuA3C/P22Qa Rm7KEp35s1NbPlvBrcn9zQLiGhtgkuTPFIWiJ6ud0F7vIekJE+sKeBlkRthlOuxw jcHou7bdNr9/G1QVHgKPnd3LycEur3Syg+EUSE+ZufTLLWF9QljwekTeRmno/Vjg C0O38RdawrJLuvoeB+DbTFxBeGM3s1QjwMSuEQkwFEXpByz5fMqBqTCt8JHVzxxx P08r1g+XvcVT1Fv9dyb1rHhdNBB82hWvo/3w6MV8pxSTTcO51oO5eu89axr9eGFs HGs2DgPiO/1Fvyzhaqv0Kx5wg4nWwRsyiO6OvuAmzGszNT+e/uHQANm+0xTfAgMB AAGjggG/MIIBuzAdBgNVHQ4EFgQUwk3TUCSmVvuTjQ8la0S112OlbjowHwYDVR0j BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC MkNCNDc0RTdGQi5jZXIwTAYIKwYBBQUHAQsEQDA+MDwGCCsGAQUFBzALhjByc3lu YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzEzMTU5Ny5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEw FAMEAD09RzAMAwQFamngAwQDamnwMA0GCSqGSIb3DQEBCwUAA4IBAQCFzEEGGn7/ hDYOemkbLAmuRY3/B3oqOgSBXb4wQ6atQ/ClqAW1MarLreBw7VqY9bnYVJNUxczE bhkKWk3VUA6+qYmE3YFEYc/g3K8qFm1F5YyG9vST3UUXI21eG+7tXUe05i6VCUqd mamHZgMw8mC1wn+QwhfNDH4gFWpoQw9HbwTqvTKz/pziGdpUrQ12w9G1cZLzTICw pJbQJmSQfWxs8ZSxnrXX3c5ujFmpHYyOzMch/YGp5uN39CKV5kcLbQwGRbx2ALc3 +qpt/+b7VGvDpMof3YR7ALEa1s8XUqmQE9SWc4hxKD1Hq5JpRTR20EwGXKQHbjvq ujvxWNfXuwTH -----END CERTIFICATE-----Generated at Tue May 12 22:53:30 2026 by rpki-client