$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/AP2Vzq-jsqqwGTzqBy9m7BQjBHE.roa File: AP2Vzq-jsqqwGTzqBy9m7BQjBHE.roa (raw, json) Hash identifier: 21q7s+xX0qIyKi2SKBlJoyh8NBuw2Gc6BqzfG+7vjn0= Subject key identifier: 00:FD:95:CE:AF:A3:B2:AA:B0:19:3C:EA:07:2F:66:EC:14:23:04:71 Certificate issuer: /CN=646D69C88D096F7D39220D288688914729045EF8 Certificate serial: 07E1 Authority key identifier: 64:6D:69:C8:8D:09:6F:7D:39:22:0D:28:86:88:91:47:29:04:5E:F8 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZG1pyI0Jb305Ig0ohoiRRykEXvg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/AP2Vzq-jsqqwGTzqBy9m7BQjBHE.roa Signing time: Fri 22 Aug 2025 08:58:08 +0000 ROA not before: Fri 22 Aug 2025 08:58:08 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17420 IP address blocks: 211.79.192.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/ZG1pyI0Jb305Ig0ohoiRRykEXvg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/ZG1pyI0Jb305Ig0ohoiRRykEXvg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/ZG1pyI0Jb305Ig0ohoiRRykEXvg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2017 (0x7e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=646D69C88D096F7D39220D288688914729045EF8 Validity Not Before: Aug 22 08:58:08 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=00FD95CEAFA3B2AAB0193CEA072F66EC14230471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:69:b2:7c:9c:ad:46:a6:14:8d:f4:ac:69:fc: 46:a1:22:c6:22:61:7c:f8:0e:22:3f:5d:60:3e:3b: 49:61:bc:6b:f7:2b:1e:0f:37:67:0e:b4:9f:58:13: 75:c0:b7:d0:4a:54:96:bc:1d:de:23:f3:28:38:c4: e0:72:1d:b9:03:da:a0:5c:55:8b:05:ef:b4:68:40: 0c:39:2d:a9:a8:16:6d:ba:9b:e0:08:48:1b:53:a3: 28:dd:78:b8:eb:44:3d:cf:97:68:55:9c:70:70:b6: fa:a9:68:f1:d2:64:fd:a5:ce:c5:7f:6c:b2:b0:0e: 70:f2:ae:7a:04:c5:b9:ea:ee:d5:bc:29:28:40:52: 29:fc:0a:27:ce:90:f8:c6:70:a1:42:b6:9c:6c:46: 00:84:c1:2f:cc:21:7b:84:72:07:f3:d5:48:fc:a3: a7:1c:45:16:fa:6e:e8:60:6d:c7:68:4a:05:1f:87: a1:77:e8:a9:86:d4:fb:2a:8b:ba:1a:52:c7:76:e5: dd:70:49:5c:0c:a3:88:99:9f:62:c6:18:79:75:88: 10:35:8a:be:85:eb:07:ea:ed:0e:09:bd:3d:6c:a0: 18:40:12:f2:f5:95:4f:74:ad:20:e6:ed:e7:71:68: 7b:65:08:f4:bf:6a:b8:ed:ce:fe:81:67:11:9e:e9: a5:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:FD:95:CE:AF:A3:B2:AA:B0:19:3C:EA:07:2F:66:EC:14:23:04:71 X509v3 Authority Key Identifier: keyid:64:6D:69:C8:8D:09:6F:7D:39:22:0D:28:86:88:91:47:29:04:5E:F8 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/ZG1pyI0Jb305Ig0ohoiRRykEXvg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZG1pyI0Jb305Ig0ohoiRRykEXvg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ACEREDC/AP2Vzq-jsqqwGTzqBy9m7BQjBHE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.79.192.0/20 Signature Algorithm: sha256WithRSAEncryption 64:ca:e5:db:0a:dc:02:e1:4b:64:ac:1b:cc:98:ae:08:63:ec: f7:b6:a4:a0:c1:b9:57:a0:2e:ad:cc:0f:4e:c9:e9:b3:62:e3: b2:d3:22:b6:57:7b:ab:15:e0:f8:b3:2c:69:ef:2b:4b:53:d4: 15:b7:2a:ab:1f:68:fb:9f:7d:56:97:9c:25:79:e9:5c:ee:63: f7:08:c8:b2:0c:3a:08:1c:b6:44:ab:e8:3c:54:92:a2:a3:5d: a3:20:e8:93:0e:9a:cc:fa:00:65:a3:81:d6:b0:33:52:2b:8e: de:b3:d2:93:1a:b3:f3:30:95:fd:f1:d7:1e:03:f3:84:45:99: 03:43:13:63:99:f2:ff:a2:74:07:91:2f:d3:8b:14:1c:2d:17: 92:1b:ab:84:30:0e:bc:0c:b5:c4:21:22:f2:9c:26:50:e0:30: 26:d1:40:3b:8c:9b:f4:66:50:b0:48:0b:86:aa:7f:11:4c:ed: f8:ad:e3:dc:f3:ed:99:02:74:f6:ab:8b:96:52:f7:d0:0e:4b: 72:88:89:38:10:ee:d9:0a:82:74:47:b8:1f:2e:4e:e0:78:30: d7:0b:6a:4b:d1:3c:5b:a1:e8:44:ee:0f:6a:dc:f1:8b:bf:cb: 83:3f:31:b7:a5:1f:a2:35:1b:46:a0:3c:9f:d0:77:38:9f:5d: 52:98:39:61 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICB+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjQ2 RDY5Qzg4RDA5NkY3RDM5MjIwRDI4ODY4ODkxNDcyOTA0NUVGODAeFw0yNTA4MjIw ODU4MDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAwRkQ5NUNFQUZBM0Iy QUFCMDE5M0NFQTA3MkY2NkVDMTQyMzA0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiabJ8nK1GphSN9Kxp/EahIsYiYXz4DiI/XWA+O0lhvGv3Kx4P N2cOtJ9YE3XAt9BKVJa8Hd4j8yg4xOByHbkD2qBcVYsF77RoQAw5LamoFm26m+AI SBtToyjdeLjrRD3Pl2hVnHBwtvqpaPHSZP2lzsV/bLKwDnDyrnoExbnq7tW8KShA Uin8CifOkPjGcKFCtpxsRgCEwS/MIXuEcgfz1Uj8o6ccRRb6buhgbcdoSgUfh6F3 6KmG1Psqi7oaUsd25d1wSVwMo4iZn2LGGHl1iBA1ir6F6wfq7Q4JvT1soBhAEvL1 lU90rSDm7edxaHtlCPS/arjtzv6BZxGe6aX/AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUAP2Vzq+jsqqwGTzqBy9m7BQjBHEwHwYDVR0jBBgwFoAUZG1pyI0Jb305Ig0o hoiRRykEXvgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUNFUkVE Qy9aRzFweUkwSmIzMDVJZzBvaG9pUlJ5a0VYdmcuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1pHMXB5STBKYjMwNUlnMG9ob2lSUnlrRVh2Zy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FDRVJFREMvQVAyVnpxLWpzcXF3R1R6 cUJ5OW03QlFqQkhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BNNPwDANBgkqhkiG9w0BAQsFAAOCAQEAZMrl2wrcAuFLZKwbzJiuCGPs97akoMG5 V6AurcwPTsnps2LjstMitld7qxXg+LMsae8rS1PUFbcqqx9o+599VpecJXnpXO5j 9wjIsgw6CBy2RKvoPFSSoqNdoyDokw6azPoAZaOB1rAzUiuO3rPSkxqz8zCV/fHX HgPzhEWZA0MTY5ny/6J0B5Ev04sUHC0XkhurhDAOvAy1xCEi8pwmUOAwJtFAO4yb 9GZQsEgLhqp/EUzt+K3j3PPtmQJ09quLllL30A5LcoiJOBDu2QqCdEe4Hy5O4Hgw 1wtqS9E8W6HoRO4Patzxi7/Lgz8xt6UfojUbRqA8n9B3OJ9dUpg5YQ== -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:42 2025 by rpki-client