$ rpki-client -vvf rpkica.twnic.tw/rpki/NCIC/0/AS36408.roa File: AS36408.roa (raw, json) Hash identifier: 3/RDp6OTIW9h4O6g21hV+ZaJnhOxvBTj9REIGMwOjjY= Subject key identifier: C6:34:B3:48:87:FA:56:C3:77:26:F3:80:24:2F:1B:50:20:C4:98:24 Certificate issuer: /CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Certificate serial: 1537EBFCB982CEDBC00518D7D3C87EAA5E42166C Authority key identifier: CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject info access: rsync://rpkica.twnic.tw/rpki/NCIC/0/AS36408.roa Signing time: Mon 11 May 2026 17:52:30 +0000 ROA not before: Mon 11 May 2026 17:47:30 +0000 ROA not after: Mon 10 May 2027 17:52:30 +0000 asID: 36408 IP address blocks: 61.61.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/1/DA632505767413A1409A3E33B99D256CDFB1901D.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2mMlBXZ0E6FAmj4zuZ0lbN-xkB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 02:30:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:37:eb:fc:b9:82:ce:db:c0:05:18:d7:d3:c8:7e:aa:5e:42:16:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB Validity Not Before: May 11 17:47:30 2026 GMT Not After : May 10 17:52:30 2027 GMT Subject: CN=C634B34887FA56C37726F380242F1B5020C49824 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2f:2c:aa:e0:22:7d:30:cb:f5:4c:0e:13:1e: 3e:b9:d0:82:c3:1e:50:df:1f:d2:4b:21:2f:10:f3: 5e:b1:fb:9f:30:4e:1f:d8:7f:50:33:7c:d9:68:ec: 46:88:f7:9f:c5:41:8e:3c:be:94:09:e4:69:49:8e: f4:eb:63:1d:1f:26:e6:fa:86:46:75:57:5c:5d:90: 38:f9:74:78:a4:8c:88:3e:e7:2c:75:57:45:23:62: 29:9d:6e:86:8e:d2:68:46:6a:51:5c:17:5e:60:32: 9d:48:c5:97:22:44:ab:4d:dd:d0:b6:ee:3f:8f:78: 9a:20:14:f8:7f:c9:0f:ae:04:cd:f5:3c:7d:75:29: d7:18:48:f0:5d:27:1e:50:0a:2b:39:4b:9c:f4:2b: 63:71:b8:d2:18:ea:a5:df:cc:af:c7:f8:24:7c:2c: cd:f1:1a:e6:f9:b6:d8:06:27:73:09:ee:c1:4c:40: 68:2f:2b:09:ac:df:9e:ac:88:41:8f:44:a9:e3:b2: c5:a0:1b:28:85:5b:03:79:6d:bc:3d:75:70:73:ab: e1:cb:5c:8b:df:56:19:0b:03:90:6c:c4:3f:9c:d9: 4c:24:1d:fd:0a:89:8f:a2:62:0e:28:d1:ad:45:12: 37:f8:fb:6a:18:f2:91:a5:95:f5:d0:6d:25:bd:a1: c3:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:34:B3:48:87:FA:56:C3:77:26:F3:80:24:2F:1B:50:20:C4:98:24 X509v3 Authority Key Identifier: keyid:CC:F8:5F:9A:12:4E:B3:15:FA:6F:5A:1B:38:23:7B:2C:B4:74:E7:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/CCF85F9A124EB315FA6F5A1B38237B2CB474E7FB.cer Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/NCIC/0/AS36408.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.61.69.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:2f:38:8d:da:27:b3:10:d8:6a:cb:c9:1c:5f:97:2a:2d:55: 69:37:9f:9c:b4:bc:20:e7:ad:1a:b7:c9:7f:ac:90:10:6e:40: 67:18:68:c2:15:1b:22:f8:ab:44:16:43:a9:30:6e:e0:05:41: f2:96:79:82:21:eb:02:e6:1d:e6:a4:84:4e:e4:77:12:25:4c: 92:79:60:fb:c8:7f:c3:41:94:af:ae:ab:64:11:a9:eb:3e:0f: bc:9c:fa:62:da:b6:a2:3c:fd:5c:87:c4:ba:cd:e6:2f:4a:1c: 9e:f8:9a:f7:4b:a6:86:43:9f:a0:cf:8e:30:2d:83:88:b6:fb: 3f:d7:28:0c:9b:9d:44:56:93:02:d0:1a:03:0a:05:b5:89:32: f4:5d:12:bf:19:43:f2:98:54:c8:8b:0d:a3:1f:dd:83:70:d3: 39:cc:3c:ad:c5:b5:4e:6b:e9:aa:df:54:ea:3d:34:9a:65:ea: 6d:11:4a:b4:4c:57:c1:d8:aa:4a:52:f6:69:86:9e:02:fd:74: dc:5e:a3:12:88:e7:5a:b2:e9:07:19:73:a1:f7:5b:c0:38:e0: 9d:a5:c9:59:f9:df:57:84:c7:c0:ce:44:5f:8a:51:05:5d:1f: 52:e2:3f:96:d7:91:32:22:4d:0d:2a:86:29:f8:98:95:75:3e: 1b:62:0c:68 -----BEGIN CERTIFICATE----- MIIEpjCCA46gAwIBAgIUFTfr/LmCztvABRjX08h+ql5CFmwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdCMkNC NDc0RTdGQjAeFw0yNjA1MTExNzQ3MzBaFw0yNzA1MTAxNzUyMzBaMDMxMTAvBgNV BAMTKEM2MzRCMzQ4ODdGQTU2QzM3NzI2RjM4MDI0MkYxQjUwMjBDNDk4MjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLyyq4CJ9MMv1TA4THj650ILD HlDfH9JLIS8Q816x+58wTh/Yf1AzfNlo7EaI95/FQY48vpQJ5GlJjvTrYx0fJub6 hkZ1V1xdkDj5dHikjIg+5yx1V0UjYimdboaO0mhGalFcF15gMp1IxZciRKtN3dC2 7j+PeJogFPh/yQ+uBM31PH11KdcYSPBdJx5QCis5S5z0K2NxuNIY6qXfzK/H+CR8 LM3xGub5ttgGJ3MJ7sFMQGgvKwms356siEGPRKnjssWgGyiFWwN5bbw9dXBzq+HL XIvfVhkLA5BsxD+c2UwkHf0KiY+iYg4o0a1FEjf4+2oY8pGllfXQbSW9ocMtAgMB AAGjggGwMIIBrDAdBgNVHQ4EFgQUxjSzSIf6VsN3JvOAJC8bUCDEmCQwHwYDVR0j BBgwFoAUzPhfmhJOsxX6b1obOCN7LLR05/swDgYDVR0PAQH/BAQDAgeAMGEGA1Ud HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvTkNJQy8w L0NDRjg1RjlBMTI0RUIzMTVGQTZGNUExQjM4MjM3QjJDQjQ3NEU3RkIuY3JsMG8G CCsGAQUFBwEBBGMwYTBfBggrBgEFBQcwAoZTcnN5bmM6Ly9ycGtpY2EudHduaWMu dHcvcnBraS9UV05JQ0NBLzEvQ0NGODVGOUExMjRFQjMxNUZBNkY1QTFCMzgyMzdC MkNCNDc0RTdGQi5jZXIwSwYIKwYBBQUHAQsEPzA9MDsGCCsGAQUFBzALhi9yc3lu YzovL3Jwa2ljYS50d25pYy50dy9ycGtpL05DSUMvMC9BUzM2NDA4LnJvYTAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAPT1FMA0GCSqGSIb3DQEBCwUAA4IBAQCdLziN2iezENhqy8kcX5cqLVVpN5+c tLwg560at8l/rJAQbkBnGGjCFRsi+KtEFkOpMG7gBUHylnmCIesC5h3mpIRO5HcS JUySeWD7yH/DQZSvrqtkEanrPg+8nPpi2raiPP1ch8S6zeYvShye+Jr3S6aGQ5+g z44wLYOItvs/1ygMm51EVpMC0BoDCgW1iTL0XRK/GUPymFTIiw2jH92DcNM5zDyt xbVOa+mq31TqPTSaZeptEUq0TFfB2KpKUvZphp4C/XTcXqMSiOdasukHGXOh91vA OOCdpclZ+d9XhMfAzkRfilEFXR9S4j+W15EyIk0NKoYp+JiVdT4bYgxo -----END CERTIFICATE-----Generated at Tue May 12 22:53:32 2026 by rpki-client