$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BOOKS/DATqF1VlaSz-MapwlM-D2x6-R9s.roa File: DATqF1VlaSz-MapwlM-D2x6-R9s.roa (raw, json) Hash identifier: KFAMqU+h9lvfvsG6l8JSi4EmMkRgSzLn3uRUvNMCpCc= Subject key identifier: 0C:04:EA:17:55:65:69:2C:FE:31:AA:70:94:CF:83:DB:1E:BE:47:DB Certificate issuer: /CN=1AADEB4D45D7941D9B53EF4C2CC61B9602476FCA Certificate serial: 124E Authority key identifier: 1A:AD:EB:4D:45:D7:94:1D:9B:53:EF:4C:2C:C6:1B:96:02:47:6F:CA Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Gq3rTUXXlB2bU-9MLMYblgJHb8o.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BOOKS/DATqF1VlaSz-MapwlM-D2x6-R9s.roa Signing time: Fri 22 Aug 2025 08:44:38 +0000 ROA not before: Fri 22 Aug 2025 08:44:38 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 103.125.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/BOOKS/Gq3rTUXXlB2bU-9MLMYblgJHb8o.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/BOOKS/Gq3rTUXXlB2bU-9MLMYblgJHb8o.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Gq3rTUXXlB2bU-9MLMYblgJHb8o.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4686 (0x124e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1AADEB4D45D7941D9B53EF4C2CC61B9602476FCA Validity Not Before: Aug 22 08:44:38 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0C04EA175565692CFE31AA7094CF83DB1EBE47DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:93:ea:3b:f4:1d:8e:d8:59:f2:4f:d9:57:71: e4:f7:38:49:5e:da:c8:ad:e7:b1:1d:e8:51:23:0a: d1:1b:e2:14:d6:c6:5f:a9:df:c9:12:ee:08:08:21: 84:10:2a:f3:65:1a:33:51:e1:b1:fe:b3:4f:59:f5: 57:6e:7d:0d:30:5e:0d:91:c0:36:27:6b:3b:49:e2: 7a:9d:96:d1:e0:d4:dc:a1:43:17:4e:b7:1d:99:98: 76:43:f6:bf:40:2f:1b:19:c4:e4:f3:0f:2c:e5:45: 36:09:10:8c:45:91:a2:ba:5c:32:a6:24:b9:9c:47: 29:e5:89:6c:48:16:3b:94:78:f0:0f:c8:9d:be:74: d0:c6:26:f5:31:2c:a7:f6:e3:a3:98:33:50:d7:64: 9c:7f:fb:4b:66:75:fc:97:00:88:7a:47:ba:70:45: 19:31:1b:32:18:20:f5:51:91:c2:40:9a:c9:93:60: 40:17:66:b2:1c:3e:b6:aa:d5:7a:1e:e8:5b:6f:58: 55:0c:a1:4d:19:e4:18:f1:27:9c:bb:a8:67:0d:44: fc:7c:d3:9e:4e:4e:e1:2b:a6:62:7d:b3:80:fc:25: 92:4c:fa:83:da:f5:21:37:d1:d3:88:02:d4:49:9e: 01:09:b5:70:09:b1:5c:07:31:11:21:a1:a9:1f:a5: e5:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:04:EA:17:55:65:69:2C:FE:31:AA:70:94:CF:83:DB:1E:BE:47:DB X509v3 Authority Key Identifier: keyid:1A:AD:EB:4D:45:D7:94:1D:9B:53:EF:4C:2C:C6:1B:96:02:47:6F:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BOOKS/Gq3rTUXXlB2bU-9MLMYblgJHb8o.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Gq3rTUXXlB2bU-9MLMYblgJHb8o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BOOKS/DATqF1VlaSz-MapwlM-D2x6-R9s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.228.0/22 Signature Algorithm: sha256WithRSAEncryption b7:a2:d6:ca:4d:d5:81:3e:b5:c2:82:95:db:14:9c:81:d6:1e: fd:57:7f:09:09:7d:94:0d:3d:0b:50:87:98:14:e1:d1:d3:7c: b5:8e:af:28:6a:45:c5:ce:a6:48:70:b3:57:72:34:d2:c8:10: af:2a:8d:bc:a8:3b:e8:c3:8d:f3:ce:7b:59:95:aa:66:c3:7b: 66:ea:a6:ae:b1:1e:37:e4:8c:3c:93:91:3b:91:c5:58:b5:bf: cd:14:20:66:09:d4:c2:f4:c2:4a:65:ba:8d:31:b3:1a:4f:be: 3a:78:1a:db:33:5c:6b:ef:54:1e:6c:49:7f:78:52:9a:8c:9b: 1d:17:a8:b3:e8:54:95:0a:f1:c5:ff:a1:d2:83:3e:72:59:33: a4:bf:c9:56:c3:d6:b2:3a:a3:43:77:27:00:b7:9d:7c:42:cb: 1c:28:ab:af:06:51:50:a5:90:40:cd:e2:a3:08:cf:9f:57:60: f1:8d:6a:c2:7e:bc:9a:50:24:b8:2a:28:92:10:c1:e2:a5:83: 21:bd:12:20:d8:f0:89:e0:80:f1:ed:91:80:16:68:55:c9:88: 64:88:7a:80:bc:7b:8c:b4:01:05:9a:01:47:00:2e:fe:a1:5a: 7f:f2:3b:7c:ae:02:a8:a1:5f:cc:9c:2e:17:04:65:e9:91:0e: fb:de:56:f8 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICEk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUFB REVCNEQ0NUQ3OTQxRDlCNTNFRjRDMkNDNjFCOTYwMjQ3NkZDQTAeFw0yNTA4MjIw ODQ0MzhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBDMDRFQTE3NTU2NTY5 MkNGRTMxQUE3MDk0Q0Y4M0RCMUVCRTQ3REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBk+o79B2O2FnyT9lXceT3OEle2sit57Ed6FEjCtEb4hTWxl+p 38kS7ggIIYQQKvNlGjNR4bH+s09Z9VdufQ0wXg2RwDYnaztJ4nqdltHg1NyhQxdO tx2ZmHZD9r9ALxsZxOTzDyzlRTYJEIxFkaK6XDKmJLmcRynliWxIFjuUePAPyJ2+ dNDGJvUxLKf246OYM1DXZJx/+0tmdfyXAIh6R7pwRRkxGzIYIPVRkcJAmsmTYEAX ZrIcPraq1Xoe6FtvWFUMoU0Z5BjxJ5y7qGcNRPx8055OTuErpmJ9s4D8JZJM+oPa 9SE30dOIAtRJngEJtXAJsVwHMREhoakfpeUzAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUDATqF1VlaSz+MapwlM+D2x6+R9swHwYDVR0jBBgwFoAUGq3rTUXXlB2bU+9M LMYblgJHb8owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQk9PS1Mv R3EzclRVWFhsQjJiVS05TUxNWWJsZ0pIYjhvLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9HcTNyVFVYWGxCMmJVLTlNTE1ZYmxnSkhiOG8uY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9CT09LUy9EQVRxRjFWbGFTei1NYXB3bE0t RDJ4Ni1SOXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ33k MA0GCSqGSIb3DQEBCwUAA4IBAQC3otbKTdWBPrXCgpXbFJyB1h79V38JCX2UDT0L UIeYFOHR03y1jq8oakXFzqZIcLNXcjTSyBCvKo28qDvow43zzntZlapmw3tm6qau sR435Iw8k5E7kcVYtb/NFCBmCdTC9MJKZbqNMbMaT746eBrbM1xr71QebEl/eFKa jJsdF6iz6FSVCvHF/6HSgz5yWTOkv8lWw9ayOqNDdycAt518QsscKKuvBlFQpZBA zeKjCM+fV2DxjWrCfryaUCS4KiiSEMHipYMhvRIg2PCJ4IDx7ZGAFmhVyYhkiHqA vHuMtAEFmgFHAC7+oVp/8jt8rgKooV/MnC4XBGXpkQ773lb4 -----END CERTIFICATE-----Generated at Sun Aug 24 09:40:28 2025 by rpki-client