$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/OpBiAGMXJJLPpkbKa3NTPQrxtck.roa File: OpBiAGMXJJLPpkbKa3NTPQrxtck.roa (raw, json) Hash identifier: 3+Al/WdVI+jADmg5jenjAgrnfzevW0OuEYqtVgzxwsw= Subject key identifier: 3A:90:62:00:63:17:24:92:CF:A6:46:CA:6B:73:53:3D:0A:F1:B5:C9 Certificate issuer: /CN=4091DB5A6EA03B760F54E090CB909873AE33F649 Certificate serial: 01E5 Authority key identifier: 40:91:DB:5A:6E:A0:3B:76:0F:54:E0:90:CB:90:98:73:AE:33:F6:49 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/QJHbWm6gO3YPVOCQy5CYc64z9kk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/OpBiAGMXJJLPpkbKa3NTPQrxtck.roa Signing time: Wed 25 Mar 2026 08:04:25 +0000 ROA not before: Wed 25 Mar 2026 08:04:25 +0000 ROA not after: Wed 30 Dec 2026 15:30:20 +0000 asID: 18040 IP address blocks: 144.79.236.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QJHbWm6gO3YPVOCQy5CYc64z9kk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QJHbWm6gO3YPVOCQy5CYc64z9kk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/QJHbWm6gO3YPVOCQy5CYc64z9kk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 09:59:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 485 (0x1e5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4091DB5A6EA03B760F54E090CB909873AE33F649 Validity Not Before: Mar 25 08:04:25 2026 GMT Not After : Dec 30 15:30:20 2026 GMT Subject: CN=3A90620063172492CFA646CA6B73533D0AF1B5C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0b:38:8c:9a:e1:7e:a5:d9:3e:c0:d6:87:16: 29:ab:98:bc:39:7d:57:62:14:e8:46:33:f0:eb:74: fd:9f:1b:9d:2b:a3:87:d7:fe:c2:6a:ad:6a:da:5b: 44:54:b9:ca:7e:d2:99:2c:9c:d0:cd:42:29:cb:dc: 4a:0e:b5:76:93:48:7a:11:19:70:9f:6c:71:70:0c: 12:c2:00:f9:81:28:a5:4f:95:c0:1d:bc:9c:2b:f2: f4:4b:0f:5d:ee:4b:b7:30:a2:37:71:5e:47:8c:19: 14:45:b7:3f:e1:8d:7a:58:21:ff:77:b4:06:c9:73: 02:e8:e8:4f:82:8e:1a:44:99:c3:1a:ab:e9:16:c5: be:1c:71:99:a6:50:b6:60:fe:06:d9:26:86:64:a6: 0f:00:ca:87:ee:5c:7e:11:e9:ce:29:3f:9b:6f:fc: 5f:95:34:0a:3c:67:d0:50:ba:c9:36:41:56:9e:fd: a8:19:8d:7a:54:44:e4:c0:e6:80:b6:d5:76:d7:da: 81:b1:2e:12:8b:10:42:04:9b:f8:4e:49:9f:32:d9: 71:ad:d7:d2:86:fe:5f:05:d0:6f:03:80:3d:b3:77: ef:c1:aa:64:4b:05:22:71:16:68:b6:49:32:3c:b2: db:71:90:17:98:99:80:b4:7e:c5:74:b8:de:94:49: 8e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:90:62:00:63:17:24:92:CF:A6:46:CA:6B:73:53:3D:0A:F1:B5:C9 X509v3 Authority Key Identifier: keyid:40:91:DB:5A:6E:A0:3B:76:0F:54:E0:90:CB:90:98:73:AE:33:F6:49 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QJHbWm6gO3YPVOCQy5CYc64z9kk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/QJHbWm6gO3YPVOCQy5CYc64z9kk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/OpBiAGMXJJLPpkbKa3NTPQrxtck.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 144.79.236.0/23 Signature Algorithm: sha256WithRSAEncryption 83:ae:2d:e4:6e:c6:4d:2a:ba:40:e8:34:43:24:80:4c:d6:4b: 7b:84:33:7d:87:22:c3:39:37:e3:db:06:c4:b6:e2:41:23:5b: a9:a7:7f:70:74:6d:e0:54:68:32:16:4c:51:a8:b2:9f:93:ed: ba:2c:ba:72:e0:92:26:22:b7:27:80:fb:4d:4a:51:af:af:bb: b5:64:9f:69:92:44:0e:a5:ed:10:36:68:42:dd:20:62:4c:ed: 4a:63:fa:a2:bd:57:c8:cf:2b:e3:89:99:6a:2a:33:96:f5:d7: a7:b6:60:3e:2d:e4:63:e3:b3:bc:59:62:50:c3:52:b8:1d:f4: 5e:3f:7d:5b:fe:89:30:58:42:ef:cb:7d:81:27:c4:2d:7b:49: 5b:8d:83:ad:31:ee:97:7b:ba:f5:5a:f2:02:12:9e:46:be:f5: 4e:ea:84:68:4f:56:2c:89:4b:ab:73:7d:1c:a7:2e:f4:40:b8: ec:36:68:fa:db:56:15:07:43:40:f9:ce:6d:39:c1:6a:69:24: 8d:a3:61:41:51:79:a2:fa:6b:e3:de:88:f2:5a:d5:ea:6a:9d: 82:24:a5:7c:3b:64:78:dd:ac:9a:14:80:22:cd:6d:fd:02:44: 19:63:a8:4f:cc:9b:8e:0c:7e:99:cc:88:b7:40:1b:cb:44:73: 73:68:af:98 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICAeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA5 MURCNUE2RUEwM0I3NjBGNTRFMDkwQ0I5MDk4NzNBRTMzRjY0OTAeFw0yNjAzMjUw ODA0MjVaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKDNBOTA2MjAwNjMxNzI0 OTJDRkE2NDZDQTZCNzM1MzNEMEFGMUI1QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqCziMmuF+pdk+wNaHFimrmLw5fVdiFOhGM/DrdP2fG50ro4fX /sJqrWraW0RUucp+0pksnNDNQinL3EoOtXaTSHoRGXCfbHFwDBLCAPmBKKVPlcAd vJwr8vRLD13uS7cwojdxXkeMGRRFtz/hjXpYIf93tAbJcwLo6E+CjhpEmcMaq+kW xb4ccZmmULZg/gbZJoZkpg8AyofuXH4R6c4pP5tv/F+VNAo8Z9BQusk2QVae/agZ jXpUROTA5oC21XbX2oGxLhKLEEIEm/hOSZ8y2XGt19KG/l8F0G8DgD2zd+/BqmRL BSJxFmi2STI8sttxkBeYmYC0fsV0uN6USY5jAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUOpBiAGMXJJLPpkbKa3NTPQrxtckwHwYDVR0jBBgwFoAUQJHbWm6gO3YPVOCQ y5CYc64z9kkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO RVQvUUpIYldtNmdPM1lQVk9DUXk1Q1ljNjR6OWtrLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9RSkhiV202Z08zWVBWT0NReTVDWWM2NHo5a2suY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC9PcEJpQUdNWEpKTFBw a2JLYTNOVFBRcnh0Y2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBkE/sMA0GCSqGSIb3DQEBCwUAA4IBAQCDri3kbsZNKrpA6DRDJIBM1kt7hDN9 hyLDOTfj2wbEtuJBI1upp39wdG3gVGgyFkxRqLKfk+26LLpy4JImIrcngPtNSlGv r7u1ZJ9pkkQOpe0QNmhC3SBiTO1KY/qivVfIzyvjiZlqKjOW9dentmA+LeRj47O8 WWJQw1K4HfReP31b/okwWELvy32BJ8Qte0lbjYOtMe6Xe7r1WvICEp5GvvVO6oRo T1YsiUurc30cpy70QLjsNmj621YVB0NA+c5tOcFqaSSNo2FBUXmi+mvj3ojyWtXq ap2CJKV8O2R43ayaFIAizW39AkQZY6hPzJuODH6ZzIi3QBvLRHNzaK+Y -----END CERTIFICATE-----Generated at Fri Mar 27 08:07:53 2026 by rpki-client