$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS131602.roa File: AS131602.roa (raw, json) Hash identifier: dTjUrkwNYrVQmyrRQE/ow0qhjKQ9yJEMFLOf/weghPE= Subject key identifier: 40:08:C3:5D:13:EB:DC:84:CC:F3:B2:53:0F:01:1A:B8:69:38:3D:E2 Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Certificate serial: 34DF6A45FEFC64E3242F76C5E9F1614C984559C5 Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131602.roa Signing time: Mon 11 May 2026 17:52:34 +0000 ROA not before: Mon 11 May 2026 17:47:34 +0000 ROA not after: Mon 10 May 2027 17:52:34 +0000 asID: 131602 IP address blocks: 60.245.96.0/20 maxlen: 24 60.245.112.0/21 maxlen: 24 106.104.236.0/22 maxlen: 24 106.105.111.0/24 maxlen: 24 106.105.128.0/19 maxlen: 24 106.105.160.0/22 maxlen: 24 106.105.168.0/21 maxlen: 24 106.105.192.0/19 maxlen: 24 115.30.72.0/22 maxlen: 24 122.147.16.0/21 maxlen: 24 123.205.128.0/18 maxlen: 24 123.205.128.0/20 maxlen: 24 123.205.144.0/20 maxlen: 24 123.205.160.0/20 maxlen: 24 123.205.176.0/20 maxlen: 24 211.78.4.0/22 maxlen: 24 211.78.8.0/22 maxlen: 24 211.78.24.0/21 maxlen: 24 218.210.32.0/20 maxlen: 24 220.229.66.0/23 maxlen: 24 220.229.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:df:6a:45:fe:fc:64:e3:24:2f:76:c5:e9:f1:61:4c:98:45:59:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Validity Not Before: May 11 17:47:34 2026 GMT Not After : May 10 17:52:34 2027 GMT Subject: CN=4008C35D13EBDC84CCF3B2530F011AB869383DE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:51:64:66:aa:18:47:ce:bd:35:4d:44:d2:94: 87:6f:7f:87:66:2c:59:97:dc:ec:7c:31:46:45:4d: 99:2a:e0:a0:46:dc:7d:18:8a:be:13:79:62:82:84: f4:eb:0d:83:c8:ee:4e:be:95:03:fe:e6:a9:12:58: dd:79:70:e6:d4:af:1f:99:4d:00:54:56:66:e4:ef: 37:6a:5f:23:25:50:4d:70:7a:e4:9f:60:f9:cb:23: 41:75:c1:ca:21:3b:de:6a:1f:b9:76:6a:82:55:f2: b8:e6:89:4a:75:6d:f9:71:06:a2:65:43:00:25:8a: 9b:50:3a:3a:78:cd:27:48:0e:ad:71:1d:48:57:28: 72:c6:31:a7:a8:12:01:a3:a6:68:fe:fa:9a:c3:6c: 4c:80:38:c5:ae:07:61:e1:cb:cb:97:b2:d1:4a:04: 14:37:d9:84:03:92:a8:83:f1:9e:11:0b:1e:d2:b5: e4:18:8e:39:15:d6:8f:66:e5:a9:79:f9:2a:94:ee: d6:87:fb:d7:ca:c1:4c:a0:e0:30:4c:ab:3f:ae:fe: c6:9d:63:43:ec:0a:a4:ba:ab:40:26:b0:00:a4:e7: f7:91:fb:23:7a:ef:c6:0d:6f:93:0e:3a:99:55:2e: 2d:97:73:5a:32:07:b9:af:e9:3e:cf:37:d5:99:88: d8:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:08:C3:5D:13:EB:DC:84:CC:F3:B2:53:0F:01:1A:B8:69:38:3D:E2 X509v3 Authority Key Identifier: keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS131602.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 60.245.96.0-60.245.119.255 106.104.236.0/22 106.105.111.0/24 106.105.128.0-106.105.163.255 106.105.168.0/21 106.105.192.0/19 115.30.72.0/22 122.147.16.0/21 123.205.128.0/18 211.78.4.0-211.78.11.255 211.78.24.0/21 218.210.32.0/20 220.229.66.0-220.229.71.255 Signature Algorithm: sha256WithRSAEncryption 03:b6:3c:22:31:e7:1a:6b:d5:8a:21:38:fe:e7:d3:52:1c:6c: 99:41:9f:45:64:a7:fa:98:11:ba:eb:58:33:eb:fc:b1:89:11: 98:d1:91:e9:6b:3c:de:cc:14:20:25:99:fa:91:9b:c1:6d:4d: 04:4f:b4:35:fd:7a:e4:2b:c1:bd:9e:9a:86:c4:67:aa:04:35: 04:c9:cb:f1:27:6b:c6:28:de:1e:26:c1:da:47:e5:a0:30:a0: 85:d4:09:5f:5b:0a:6b:10:c3:ac:b1:90:dd:35:62:8f:e0:9b: 92:6b:63:e0:0d:74:3f:5e:16:a3:2b:04:b4:63:e9:06:b9:28: 66:eb:4d:3b:91:6b:21:f6:bc:3d:33:98:47:eb:b3:bc:88:98: 07:77:c9:d4:c8:b3:7d:fb:99:6e:ab:35:07:8d:03:f3:e3:f2: 74:dd:96:fc:fa:37:0e:df:81:64:40:cb:5e:e4:d7:56:52:20: 35:ff:b8:22:2e:4a:c1:7c:c4:85:bd:b3:d6:78:37:c0:0b:43: d6:dc:fc:3b:14:ea:df:16:bd:d8:31:86:f9:9e:2c:db:f4:ab: 74:0d:af:9f:91:1c:c0:bc:8a:62:93:39:46:69:81:3f:7a:d5: 77:a8:8a:ed:8a:03:cf:6b:dd:83:63:6e:6c:7c:db:96:26:87: 7c:7b:c4:0d -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUNN9qRf78ZOMkL3bF6fFhTJhFWcUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC NDc0RTdGQjAeFw0yNjA1MTExNzQ3MzRaFw0yNzA1MTAxNzUyMzRaMDMxMTAvBgNV BAMTKDQwMDhDMzVEMTNFQkRDODRDQ0YzQjI1MzBGMDExQUI4NjkzODNERTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSUWRmqhhHzr01TUTSlIdvf4dm LFmX3Ox8MUZFTZkq4KBG3H0Yir4TeWKChPTrDYPI7k6+lQP+5qkSWN15cObUrx+Z TQBUVmbk7zdqXyMlUE1weuSfYPnLI0F1wcohO95qH7l2aoJV8rjmiUp1bflxBqJl QwAliptQOjp4zSdIDq1xHUhXKHLGMaeoEgGjpmj++prDbEyAOMWuB2Hhy8uXstFK BBQ32YQDkqiD8Z4RCx7SteQYjjkV1o9m5al5+SqU7taH+9fKwUyg4DBMqz+u/sad Y0PsCqS6q0AmsACk5/eR+yN678YNb5MOOplVLi2Xc1oyB7mv6T7PN9WZiNgPAgMB AAGjggIaMIICFjAdBgNVHQ4EFgQUQAjDXRPr3ITM87JTDwEauGk4PeIwHwYDVR0j BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC MkNCNDc0RTdGQi5jZXIwTAYIKwYBBQUHAQsEQDA+MDwGCCsGAQUFBzALhjByc3lu YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzEzMTYwMi5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYBBQUHAQcBAf8EeDB2MHQEAgAB MG4wDAMEBTz1YAMEAzz1cAMEAmpo7AMEAGppbzAMAwQHammAAwQCammgAwQDammo AwQFamnAAwQCcx5IAwQDepMQAwQGe82AMAwDBALTTgQDBALTTggDBAPTThgDBATa 0iAwDAMEAdzlQgMEA9zlQDANBgkqhkiG9w0BAQsFAAOCAQEAA7Y8IjHnGmvViiE4 /ufTUhxsmUGfRWSn+pgRuutYM+v8sYkRmNGR6Ws83swUICWZ+pGbwW1NBE+0Nf16 5CvBvZ6ahsRnqgQ1BMnL8SdrxijeHibB2kfloDCghdQJX1sKaxDDrLGQ3TVij+Cb kmtj4A10P14WoysEtGPpBrkoZutNO5FrIfa8PTOYR+uzvIiYB3fJ1MizffuZbqs1 B40D8+PydN2W/Po3Dt+BZEDLXuTXVlIgNf+4Ii5KwXzEhb2z1ng3wAtD1tz8OxTq 3xa92DGG+Z4s2/SrdA2vn5EcwLyKYpM5RmmBP3rVd6iK7YoDz2vdg2NubHzbliaH fHvEDQ== -----END CERTIFICATE-----Generated at Tue May 12 22:53:32 2026 by rpki-client