$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/Qt9atZ3GcC-y3iBsCuaMHsUopwI.roa File: Qt9atZ3GcC-y3iBsCuaMHsUopwI.roa (raw, json) Hash identifier: LUMGOFfqaa3HagbagohUH6ixJDCnZTF4hbvYcOb/iu4= Subject key identifier: 42:DF:5A:B5:9D:C6:70:2F:B2:DE:20:6C:0A:E6:8C:1E:C5:28:A7:02 Certificate issuer: /CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A Certificate serial: 0317 Authority key identifier: A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/Qt9atZ3GcC-y3iBsCuaMHsUopwI.roa Signing time: Fri 22 Aug 2025 09:00:47 +0000 ROA not before: Fri 22 Aug 2025 09:00:47 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131657 IP address blocks: 2400:c9e0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 791 (0x317) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A5A6AC38EE68C364CF79188F06427E9C766D4C1A Validity Not Before: Aug 22 09:00:47 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=42DF5AB59DC6702FB2DE206C0AE68C1EC528A702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:da:c1:91:02:f8:92:34:59:e6:01:59:66:35: 31:a7:9e:58:75:4a:16:90:80:d8:78:6b:65:99:8a: a3:3e:a2:8b:a6:e6:ef:cb:55:1f:3e:5b:f9:c9:9e: bc:8d:41:bf:63:67:47:58:1a:2b:9e:51:14:44:a8: be:18:da:54:56:34:dd:ee:c3:c8:70:7e:7e:b5:bb: ff:74:75:3c:64:4d:99:4f:f3:05:13:76:02:cb:70: 66:a2:a2:5c:09:23:93:90:09:b0:03:64:a5:25:d2: 70:b0:c1:48:2a:20:52:7f:de:84:88:d8:fb:bc:c1: 26:04:45:df:dc:9f:02:1d:4f:80:10:9f:e9:89:1d: cf:10:94:0a:28:4d:d0:c0:bc:c7:94:ef:f4:17:05: 7a:75:92:66:bf:53:91:fe:e3:f8:23:4e:48:86:36: c6:8a:79:93:a1:4f:c4:c5:aa:dc:0b:dd:9b:8d:dd: ad:0c:ab:33:e5:41:c9:27:fb:03:29:90:1d:27:83: 17:ab:c8:41:90:b6:70:50:c7:0d:46:b2:20:00:d5: 06:17:54:e9:16:94:eb:1a:82:74:ad:d0:48:be:45: 43:20:8f:4e:6d:42:ce:51:14:48:93:f9:cd:00:11: c8:5f:26:36:29:f2:5e:ff:32:66:d3:0f:56:23:50: c7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:DF:5A:B5:9D:C6:70:2F:B2:DE:20:6C:0A:E6:8C:1E:C5:28:A7:02 X509v3 Authority Key Identifier: keyid:A5:A6:AC:38:EE:68:C3:64:CF:79:18:8F:06:42:7E:9C:76:6D:4C:1A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/paasOO5ow2TPeRiPBkJ-nHZtTBo.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/paasOO5ow2TPeRiPBkJ-nHZtTBo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/BRICKSINC/Qt9atZ3GcC-y3iBsCuaMHsUopwI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:c9e0::/32 Signature Algorithm: sha256WithRSAEncryption 18:c4:b6:3a:62:0f:e4:8c:35:67:e1:36:df:5f:2d:15:8d:6f: f0:cb:15:de:e9:0a:39:14:2c:89:00:92:21:c3:17:e4:1a:ab: bd:2a:f6:1f:76:09:9e:e7:3d:7c:53:3b:2d:d1:db:70:d2:e5: c4:98:09:3b:d3:d9:de:89:64:26:0e:65:f5:a5:98:6d:64:00: fa:ee:e9:7f:96:79:50:d1:21:1c:82:91:a0:6f:47:4a:a3:d6: d1:ce:35:7d:f2:9a:5d:85:36:5f:1e:0f:37:84:dd:88:2b:36: 85:b6:c0:84:09:a4:f8:8b:9e:a7:ce:b5:3d:da:16:f8:b3:61: df:9a:d1:03:3f:09:b5:d4:d5:50:b0:dc:db:8c:4b:87:b8:1a: 36:aa:99:35:b7:22:cd:d7:74:9c:f1:9e:a8:a9:ce:43:03:db: 2e:74:6b:2f:15:06:c4:6b:2a:d6:bf:a7:53:70:03:d8:63:62: 22:db:93:fb:27:d7:9b:c3:95:82:c3:c4:44:a7:aa:d5:b8:6a: 83:1c:33:05:33:5e:8d:1c:cc:52:ad:31:c6:17:57:ef:ba:85: d7:2e:9a:f9:d6:a0:17:0f:d3:92:cc:b1:fc:e5:e8:d3:67:46: 46:28:65:06:a5:37:5a:90:3e:c1:b7:62:90:fb:3d:c5:20:88: 73:d6:cb:af -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICAxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTVB NkFDMzhFRTY4QzM2NENGNzkxODhGMDY0MjdFOUM3NjZENEMxQTAeFw0yNTA4MjIw OTAwNDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQyREY1QUI1OURDNjcw MkZCMkRFMjA2QzBBRTY4QzFFQzUyOEE3MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCf2sGRAviSNFnmAVlmNTGnnlh1ShaQgNh4a2WZiqM+ooum5u/L VR8+W/nJnryNQb9jZ0dYGiueURREqL4Y2lRWNN3uw8hwfn61u/90dTxkTZlP8wUT dgLLcGaiolwJI5OQCbADZKUl0nCwwUgqIFJ/3oSI2Pu8wSYERd/cnwIdT4AQn+mJ Hc8QlAooTdDAvMeU7/QXBXp1kma/U5H+4/gjTkiGNsaKeZOhT8TFqtwL3ZuN3a0M qzPlQckn+wMpkB0ngxeryEGQtnBQxw1GsiAA1QYXVOkWlOsagnSt0Ei+RUMgj05t Qs5RFEiT+c0AEchfJjYp8l7/MmbTD1YjUMftAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUQt9atZ3GcC+y3iBsCuaMHsUopwIwHwYDVR0jBBgwFoAUpaasOO5ow2TPeRiP BkJ+nHZtTBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQlJJQ0tT SU5DL3BhYXNPTzVvdzJUUGVSaVBCa0otbkhadFRCby5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvcGFhc09PNW93MlRQZVJpUEJrSi1uSFp0VEJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQlJJQ0tTSU5DL1F0OWF0WjNHY0Mt eTNpQnNDdWFNSHNVb3B3SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkAMngMA0GCSqGSIb3DQEBCwUAA4IBAQAYxLY6Yg/kjDVn4TbfXy0VjW/w yxXe6Qo5FCyJAJIhwxfkGqu9KvYfdgme5z18Uzst0dtw0uXEmAk709neiWQmDmX1 pZhtZAD67ul/lnlQ0SEcgpGgb0dKo9bRzjV98ppdhTZfHg83hN2IKzaFtsCECaT4 i56nzrU92hb4s2HfmtEDPwm11NVQsNzbjEuHuBo2qpk1tyLN13Sc8Z6oqc5DA9su dGsvFQbEayrWv6dTcAPYY2Ii25P7J9ebw5WCw8REp6rVuGqDHDMFM16NHMxSrTHG F1fvuoXXLpr51qAXD9OSzLH85ejTZ0ZGKGUGpTdakD7Bt2KQ+z3FIIhz1suv -----END CERTIFICATE-----Generated at Sun Aug 24 09:19:56 2025 by rpki-client