$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/GZ3fgng-hVuuOVxFMCqyQrWrgac.roa File: GZ3fgng-hVuuOVxFMCqyQrWrgac.roa (raw, json) Hash identifier: Lm83sCz/NrINkAq7vLlXoK+ju5rgjjb2X+EcMPOXpC8= Subject key identifier: 19:9D:DF:82:78:3E:85:5B:AE:39:5C:45:30:2A:B2:42:B5:AB:81:A7 Certificate issuer: /CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4 Certificate serial: 126B Authority key identifier: 23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/GZ3fgng-hVuuOVxFMCqyQrWrgac.roa Signing time: Fri 22 Aug 2025 08:57:05 +0000 ROA not before: Fri 22 Aug 2025 08:57:05 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131635 IP address blocks: 103.127.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4715 (0x126b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23E0C44033B500F78931D123EBD9F35E9AE17DC4 Validity Not Before: Aug 22 08:57:05 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=199DDF82783E855BAE395C45302AB242B5AB81A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6d:32:4e:58:b4:9e:68:73:a3:fa:3f:de:94: 92:5d:a3:38:e6:0c:57:1e:e1:72:f7:1b:e6:19:58: 94:e8:e9:a4:0e:10:50:93:88:7a:26:88:f0:14:f2: 14:9e:b5:62:1e:8b:c9:69:6d:4e:47:55:2c:33:c1: c0:55:41:f8:37:d8:a9:90:b1:7d:90:96:42:5a:9f: 94:93:02:89:4c:b2:c1:87:ef:87:ee:2c:91:e8:d8: 97:09:37:0f:99:2d:fe:5a:e0:1a:42:2d:7d:6b:0b: d5:05:07:d3:7e:49:30:b5:0b:23:73:9d:37:00:c3: 7a:ee:8d:9a:cf:27:d0:4a:27:b5:8d:71:69:1c:14: 85:93:e2:1a:10:38:44:94:e9:32:92:ce:4f:11:1d: ae:5b:f4:9b:f8:84:1d:6e:6b:a4:e0:07:7b:6a:be: aa:ca:ed:ba:47:dd:76:ec:c4:b6:b9:4c:ee:47:43: d3:50:b0:71:43:01:af:05:df:8a:f9:a5:82:e2:91: 14:61:1c:6e:ae:b7:4a:f8:94:3e:c8:ad:d0:d3:b1: f4:d1:f7:45:15:d1:5a:b0:4b:14:84:f5:2e:29:fd: 31:04:b2:ff:21:a8:d3:9a:d6:83:13:ea:80:36:07: 11:fe:e9:22:de:ac:bf:a3:b5:6e:e2:6b:3f:f5:58: 1d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:9D:DF:82:78:3E:85:5B:AE:39:5C:45:30:2A:B2:42:B5:AB:81:A7 X509v3 Authority Key Identifier: keyid:23:E0:C4:40:33:B5:00:F7:89:31:D1:23:EB:D9:F3:5E:9A:E1:7D:C4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/I-DEQDO1APeJMdEj69nzXprhfcQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/I-DEQDO1APeJMdEj69nzXprhfcQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AIRPAYTW/GZ3fgng-hVuuOVxFMCqyQrWrgac.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.127.232.0/22 Signature Algorithm: sha256WithRSAEncryption 94:c5:86:e7:6d:d0:b4:71:63:dc:3c:91:9e:66:8f:42:37:d0: 8a:e9:35:2e:11:c5:2e:84:c4:0f:ea:6f:2f:83:ba:09:42:07: 90:fb:c4:e1:bb:8d:73:a2:c6:fa:d1:37:e7:d6:30:17:f2:e3: fb:35:d7:a2:8a:3c:0d:86:49:93:fb:45:65:f1:ad:83:ff:5b: ae:01:76:5e:d4:da:23:21:49:c9:77:6f:10:5a:cf:ff:c3:51: c7:03:22:af:f2:a4:91:18:7a:0c:e4:87:8f:2a:a3:96:33:37: 70:39:1b:e6:23:f2:6d:94:03:fe:9e:42:f3:35:f3:df:be:ca: 31:05:90:57:48:6e:1c:08:da:2e:c1:83:17:f5:e1:c4:a5:9e: c0:4b:48:2f:dd:b4:75:3c:8d:90:19:11:87:02:51:fb:97:72: 0e:e8:00:76:4c:c9:fa:d9:22:1f:27:0d:b9:85:45:0a:aa:ab: b2:b4:2f:48:f8:91:be:1a:cd:be:ee:60:2c:27:37:78:95:b7: 24:60:ee:1a:58:1c:47:35:8a:40:c3:95:50:d8:27:13:3c:9d: ae:03:37:8e:9c:3a:53:30:b4:ae:6e:f3:ef:c7:e2:a3:0d:cd: 72:c0:4b:dd:4f:e2:5b:a0:e7:61:f7:b0:91:73:f3:04:9c:66: a6:6f:5c:8e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICEmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjNF MEM0NDAzM0I1MDBGNzg5MzFEMTIzRUJEOUYzNUU5QUUxN0RDNDAeFw0yNTA4MjIw ODU3MDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDE5OURERjgyNzgzRTg1 NUJBRTM5NUM0NTMwMkFCMjQyQjVBQjgxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqbTJOWLSeaHOj+j/elJJdozjmDFce4XL3G+YZWJTo6aQOEFCT iHomiPAU8hSetWIei8lpbU5HVSwzwcBVQfg32KmQsX2QlkJan5STAolMssGH74fu LJHo2JcJNw+ZLf5a4BpCLX1rC9UFB9N+STC1CyNznTcAw3rujZrPJ9BKJ7WNcWkc FIWT4hoQOESU6TKSzk8RHa5b9Jv4hB1ua6TgB3tqvqrK7bpH3XbsxLa5TO5HQ9NQ sHFDAa8F34r5pYLikRRhHG6ut0r4lD7IrdDTsfTR90UV0VqwSxSE9S4p/TEEsv8h qNOa1oMT6oA2BxH+6SLerL+jtW7iaz/1WB15AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUGZ3fgng+hVuuOVxFMCqyQrWrgacwHwYDVR0jBBgwFoAUI+DEQDO1APeJMdEj 69nzXprhfcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUlSUEFZ VFcvSS1ERVFETzFBUGVKTWRFajY5bnpYcHJoZmNRLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9JLURFUURPMUFQZUpNZEVqNjluelhwcmhmY1EuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BSVJQQVlUVy9HWjNmZ25nLWhWdXVP VnhGTUNxeVFyV3JnYWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3/oMA0GCSqGSIb3DQEBCwUAA4IBAQCUxYbnbdC0cWPcPJGeZo9CN9CK6TUu EcUuhMQP6m8vg7oJQgeQ+8Thu41zosb60Tfn1jAX8uP7NdeiijwNhkmT+0Vl8a2D /1uuAXZe1NojIUnJd28QWs//w1HHAyKv8qSRGHoM5IePKqOWMzdwORvmI/JtlAP+ nkLzNfPfvsoxBZBXSG4cCNouwYMX9eHEpZ7AS0gv3bR1PI2QGRGHAlH7l3IO6AB2 TMn62SIfJw25hUUKqquytC9I+JG+Gs2+7mAsJzd4lbckYO4aWBxHNYpAw5VQ2CcT PJ2uAzeOnDpTMLSubvPvx+KjDc1ywEvdT+JboOdh97CRc/MEnGamb1yO -----END CERTIFICATE-----Generated at Sun Aug 24 09:43:24 2025 by rpki-client