$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS23675.roa File: AS23675.roa (raw, json) Hash identifier: T3XNdefS4QO6hVP89rl2glxMhtRx+vWwJEbbNcJHo7U= Subject key identifier: 86:51:1B:C2:81:7D:E1:C7:DE:1E:4F:C9:43:82:BB:A6:0C:81:B8:69 Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Certificate serial: 5A169391CAAFFD195E1FE10410E8D5B3E348FF93 Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS23675.roa Signing time: Mon 11 May 2026 17:18:14 +0000 ROA not before: Mon 11 May 2026 17:13:14 +0000 ROA not after: Mon 10 May 2027 17:18:14 +0000 asID: 23675 IP address blocks: 106.105.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:16:93:91:ca:af:fd:19:5e:1f:e1:04:10:e8:d5:b3:e3:48:ff:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Validity Not Before: May 11 17:13:14 2026 GMT Not After : May 10 17:18:14 2027 GMT Subject: CN=86511BC2817DE1C7DE1E4FC94382BBA60C81B869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b1:ff:92:0b:bd:1c:67:29:fc:be:86:a4:b8: b0:5c:2c:41:03:09:0d:36:f0:0f:7c:7d:c6:e9:2d: c9:73:82:28:29:e6:4b:da:9f:5d:a9:e1:a8:7d:d7: 1c:76:9c:89:1c:5f:83:6d:74:82:e0:a3:62:99:35: 88:72:3c:f1:9a:39:c3:be:2c:69:ba:43:96:41:80: 5e:3c:31:12:5e:22:01:9c:32:be:e5:79:69:44:ea: 34:e6:3d:55:6e:78:ef:dc:d6:d3:e0:ed:5a:08:c1: b3:6f:ed:ee:e2:61:2a:7a:21:50:3d:5a:a1:8e:a6: 26:b1:a5:4b:3a:da:c4:02:68:50:3c:14:62:b7:41: b5:85:b0:8b:c4:84:36:3a:45:0b:45:de:30:9d:5f: 8c:9f:9b:4f:7b:8b:bd:b9:f0:95:db:d7:04:26:91: a3:4f:af:2f:49:c0:7e:5e:05:c9:08:2c:f9:60:41: df:23:17:e4:37:97:f2:d6:be:67:05:72:23:34:85: fb:1c:76:9c:08:8e:f9:76:ee:91:66:6c:d5:20:23: f8:4b:63:1d:aa:f9:37:63:a3:84:d8:3c:5d:36:a0: d9:11:95:1d:d4:fd:f6:d6:ef:19:3b:55:b0:5b:4f: c4:5f:09:48:ef:c1:f6:bc:db:fa:1d:f2:d5:cb:bf: b5:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:51:1B:C2:81:7D:E1:C7:DE:1E:4F:C9:43:82:BB:A6:0C:81:B8:69 X509v3 Authority Key Identifier: keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS23675.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 106.105.110.0/24 Signature Algorithm: sha256WithRSAEncryption 35:9e:02:a8:3c:50:15:66:39:1d:95:73:25:2f:ce:9a:c9:55: 3f:1c:ad:5c:d5:1e:04:ec:8b:e6:c7:45:f5:23:2a:6e:f4:9d: 60:38:7a:8e:70:96:e9:66:0c:0a:b8:ac:ed:01:d8:1a:01:4b: 48:aa:90:80:cd:72:98:f4:1e:ab:75:ed:c2:b6:5c:64:28:3f: 90:7c:b8:ac:7d:a7:1f:3e:39:f5:26:75:22:a0:ff:87:b1:39: b6:26:27:1b:ce:d0:32:fb:49:a7:4a:f1:d4:9a:a4:2f:82:1c: 5d:94:b2:4d:fe:7c:75:71:a5:f2:22:50:18:5b:82:8b:69:40: ca:e3:35:6d:71:0a:ed:4f:e9:80:21:e2:8e:2d:47:fb:a4:35: 75:1f:92:43:0a:b7:8f:98:87:06:48:66:5a:be:45:06:59:58: e8:28:b9:6f:f2:96:81:f6:4e:7c:5d:5f:e2:64:7a:cc:92:7f: df:c7:92:3c:7c:3e:df:9d:8e:ba:b2:3a:12:b9:5d:58:3e:b0: b6:3e:b6:52:a7:fd:15:47:10:c6:29:b0:fd:e3:d7:2f:4a:94: e9:14:58:47:df:3f:c1:f3:31:bb:43:d0:68:1c:10:9c:31:f4: fd:25:f5:e9:bb:af:fe:9b:70:e8:9e:a7:f9:a5:6a:8c:12:13: 5c:33:7b:30 -----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgIUWhaTkcqv/RleH+EEEOjVs+NI/5MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC NDc0RTdGQjAeFw0yNjA1MTExNzEzMTRaFw0yNzA1MTAxNzE4MTRaMDMxMTAvBgNV BAMTKDg2NTExQkMyODE3REUxQzdERTFFNEZDOTQzODJCQkE2MEM4MUI4NjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqsf+SC70cZyn8voakuLBcLEED CQ028A98fcbpLclzgigp5kvan12p4ah91xx2nIkcX4NtdILgo2KZNYhyPPGaOcO+ LGm6Q5ZBgF48MRJeIgGcMr7leWlE6jTmPVVueO/c1tPg7VoIwbNv7e7iYSp6IVA9 WqGOpiaxpUs62sQCaFA8FGK3QbWFsIvEhDY6RQtF3jCdX4yfm097i7258JXb1wQm kaNPry9JwH5eBckILPlgQd8jF+Q3l/LWvmcFciM0hfscdpwIjvl27pFmbNUgI/hL Yx2q+Tdjo4TYPF02oNkRlR3U/fbW7xk7VbBbT8RfCUjvwfa82/od8tXLv7WvAgMB AAGjggGwMIIBrDAdBgNVHQ4EFgQUhlEbwoF94cfeHk/JQ4K7pgyBuGkwHwYDVR0j BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC MkNCNDc0RTdGQi5jZXIwSwYIKwYBBQUHAQsEPzA9MDsGCCsGAQUFBzALhi9yc3lu YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzIzNjc1LnJvYTAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAamluMA0GCSqGSIb3DQEBCwUAA4IBAQA1ngKoPFAVZjkdlXMlL86ayVU/HK1c 1R4E7Ivmx0X1Iypu9J1gOHqOcJbpZgwKuKztAdgaAUtIqpCAzXKY9B6rde3Ctlxk KD+QfLisfacfPjn1JnUioP+HsTm2JicbztAy+0mnSvHUmqQvghxdlLJN/nx1caXy IlAYW4KLaUDK4zVtcQrtT+mAIeKOLUf7pDV1H5JDCrePmIcGSGZavkUGWVjoKLlv 8paB9k58XV/iZHrMkn/fx5I8fD7fnY66sjoSuV1YPrC2PrZSp/0VRxDGKbD949cv SpTpFFhH3z/B8zG7Q9BoHBCcMfT9JfXpu6/+m3Donqf5pWqMEhNcM3sw -----END CERTIFICATE-----Generated at Tue May 12 22:53:34 2026 by rpki-client