$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QRnbkM5AcAl5FgR7GO9y9QtvHIc.roa File: QRnbkM5AcAl5FgR7GO9y9QtvHIc.roa (raw, json) Hash identifier: RrTZzOTPCCr5VdsUJACfpPtRGltHjXfTFa3k7aCF36U= Subject key identifier: 41:19:DB:90:CE:40:70:09:79:16:04:7B:18:EF:72:F5:0B:6F:1C:87 Certificate issuer: /CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C Certificate serial: 01EE Authority key identifier: FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QRnbkM5AcAl5FgR7GO9y9QtvHIc.roa Signing time: Mon 23 Mar 2026 15:55:26 +0000 ROA not before: Mon 23 Mar 2026 15:55:26 +0000 ROA not after: Wed 30 Dec 2026 15:30:20 +0000 asID: 216198 IP address blocks: 2402:43e0:9000::/48 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 21:58:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 494 (0x1ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FC752CA59EB8EAEF23D225DC67AA085201F1F79C Validity Not Before: Mar 23 15:55:26 2026 GMT Not After : Dec 30 15:30:20 2026 GMT Subject: CN=4119DB90CE4070097916047B18EF72F50B6F1C87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a7:4e:53:2b:16:d9:9d:c9:87:fe:46:b5:b9: 74:68:eb:18:1b:bf:af:d4:54:99:0a:44:21:7e:72: e1:d9:ab:42:1f:f0:83:c9:31:f5:43:ac:f1:99:d6: d9:12:8f:17:5b:a8:c7:31:f4:cc:2c:16:3b:61:a7: f3:21:82:eb:2d:f1:d8:3d:1b:c2:9e:62:9f:2a:42: fa:c7:f7:d9:89:ae:76:b5:b1:be:0f:62:09:65:d6: 8d:b2:25:c2:bd:0b:de:b6:67:9f:5e:c1:76:4f:af: b4:b4:c2:17:0c:e1:af:9d:a0:fd:07:fe:ea:75:df: e4:15:a7:df:03:00:51:96:f2:33:b7:40:10:1c:c4: cf:9e:56:47:61:8a:c3:38:60:76:3a:21:92:49:93: 25:02:a1:85:ef:ed:fa:90:4d:96:e3:61:a1:21:e7: 73:23:ab:1b:a9:3c:ac:45:b7:78:bc:b2:51:d2:1e: dd:e1:0d:1f:bd:dd:37:ed:68:9a:f7:a2:fa:07:fb: af:09:5b:90:00:51:6b:5b:64:4d:fb:5d:ca:d3:02: 27:8d:03:d3:6b:42:fc:ce:da:18:f2:c5:a5:ee:b5: 9a:ea:d1:8e:23:db:2f:12:b6:93:58:5b:43:be:cb: 3e:ba:a6:09:d8:fd:b8:38:95:99:a0:8c:8e:62:1d: 9e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:19:DB:90:CE:40:70:09:79:16:04:7B:18:EF:72:F5:0B:6F:1C:87 X509v3 Authority Key Identifier: keyid:FC:75:2C:A5:9E:B8:EA:EF:23:D2:25:DC:67:AA:08:52:01:F1:F7:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/_HUspZ646u8j0iXcZ6oIUgHx95w.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_HUspZ646u8j0iXcZ6oIUgHx95w.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AOTERNET/QRnbkM5AcAl5FgR7GO9y9QtvHIc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:43e0:9000::/48 Signature Algorithm: sha256WithRSAEncryption 7f:98:16:34:6f:e4:e6:e0:db:99:2e:c8:bd:55:61:8a:f4:5f: b4:84:0b:d0:85:a6:e0:6e:54:0c:22:46:17:ad:36:90:7e:9d: 34:5b:4c:75:a5:63:c3:7a:8d:5f:1e:6c:b2:c5:a5:32:3f:63: 19:ac:3b:1c:bd:51:1c:3a:30:3e:f0:1e:c8:41:a1:0d:6b:dd: 4b:e9:95:25:68:96:38:7f:80:ce:2f:e9:f6:c9:6b:2a:68:41: 87:59:46:84:9d:14:c9:7f:b4:d7:ba:32:68:f0:4c:75:55:29: cf:ab:a0:5b:64:c4:b8:16:84:ce:66:ef:91:0f:56:37:ff:4d: 13:db:ef:56:9f:02:05:31:28:e0:91:54:9f:4e:4d:bd:7f:21: 0b:cb:20:5f:09:88:37:c8:b1:49:a2:2c:73:26:35:c0:ef:78: 1c:41:aa:49:c4:cd:6a:c9:63:6d:06:73:29:c6:36:28:b4:58: 08:36:b1:f4:46:44:05:3d:b8:af:1a:81:02:09:ea:f7:22:db: ac:98:a1:9c:f6:61:8f:26:79:bf:2c:28:b4:f1:96:45:c7:99: e4:e2:b5:75:0b:73:1e:22:a9:2c:0c:32:e8:56:b4:64:6a:6a: 4e:53:bd:ca:ab:5b:af:0d:ef:99:60:77:89:e1:22:ed:38:3d: 3f:4a:87:ab -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkM3 NTJDQTU5RUI4RUFFRjIzRDIyNURDNjdBQTA4NTIwMUYxRjc5QzAeFw0yNjAzMjMx NTU1MjZaFw0yNjEyMzAxNTMwMjBaMDMxMTAvBgNVBAMTKDQxMTlEQjkwQ0U0MDcw MDk3OTE2MDQ3QjE4RUY3MkY1MEI2RjFDODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8p05TKxbZncmH/ka1uXRo6xgbv6/UVJkKRCF+cuHZq0If8IPJ MfVDrPGZ1tkSjxdbqMcx9MwsFjthp/Mhgust8dg9G8KeYp8qQvrH99mJrna1sb4P Ygll1o2yJcK9C962Z59ewXZPr7S0whcM4a+doP0H/up13+QVp98DAFGW8jO3QBAc xM+eVkdhisM4YHY6IZJJkyUCoYXv7fqQTZbjYaEh53MjqxupPKxFt3i8slHSHt3h DR+93TftaJr3ovoH+68JW5AAUWtbZE37XcrTAieNA9NrQvzO2hjyxaXutZrq0Y4j 2y8StpNYW0O+yz66pgnY/bg4lZmgjI5iHZ5PAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUQRnbkM5AcAl5FgR7GO9y9QtvHIcwHwYDVR0jBBgwFoAU/HUspZ646u8j0iXc Z6oIUgHx95wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU9URVJO RVQvX0hVc3BaNjQ2dThqMGlYY1o2b0lVZ0h4OTV3LmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9fSFVzcFo2NDZ1OGowaVhjWjZvSVVnSHg5NXcuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BT1RFUk5FVC9RUm5ia001QWNBbDVG Z1I3R085eTlRdHZISWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJAJD4JAAMA0GCSqGSIb3DQEBCwUAA4IBAQB/mBY0b+Tm4NuZLsi9VWGK9F+0 hAvQhabgblQMIkYXrTaQfp00W0x1pWPDeo1fHmyyxaUyP2MZrDscvVEcOjA+8B7I QaENa91L6ZUlaJY4f4DOL+n2yWsqaEGHWUaEnRTJf7TXujJo8Ex1VSnPq6BbZMS4 FoTOZu+RD1Y3/00T2+9WnwIFMSjgkVSfTk29fyELyyBfCYg3yLFJoixzJjXA73gc QapJxM1qyWNtBnMpxjYotFgINrH0RkQFPbivGoECCer3ItusmKGc9mGPJnm/LCi0 8ZZFx5nk4rV1C3MeIqksDDLoVrRkampOU73Kq1uvDe+ZYHeJ4SLtOD0/Soer -----END CERTIFICATE-----Generated at Thu Mar 26 20:40:12 2026 by rpki-client