$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/0AkPXYww2D93Nkznc4ZeWwIUOD8.roa File: 0AkPXYww2D93Nkznc4ZeWwIUOD8.roa (raw, json) Hash identifier: 6K7q0V1fYQuXnpFtyDU+R0QiaeGmCnyIPoeF8/zgCaw= Subject key identifier: D0:09:0F:5D:8C:30:D8:3F:77:36:4C:E7:73:86:5E:5B:02:14:38:3F Certificate issuer: /CN=3CEBAC4057251C8AAAB954DC220B22496BEEF563 Certificate serial: 03D6 Authority key identifier: 3C:EB:AC:40:57:25:1C:8A:AA:B9:54:DC:22:0B:22:49:6B:EE:F5:63 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/0AkPXYww2D93Nkznc4ZeWwIUOD8.roa Signing time: Fri 22 Aug 2025 08:56:55 +0000 ROA not before: Fri 22 Aug 2025 08:56:55 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 63893 IP address blocks: 2400:50a0::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 982 (0x3d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3CEBAC4057251C8AAAB954DC220B22496BEEF563 Validity Not Before: Aug 22 08:56:55 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D0090F5D8C30D83F77364CE773865E5B0214383F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:56:5f:ad:da:67:f8:48:46:0e:93:1b:a5:07: 8e:d1:b3:20:21:53:bd:4e:a7:cc:31:d9:ff:78:88: 7a:03:a4:49:4b:69:34:c3:7f:17:e9:c5:60:b4:c3: 34:d5:ea:e0:66:33:05:3e:b4:2f:96:d9:84:dc:83: 79:fc:83:bb:7b:8c:81:98:37:df:ee:13:fd:11:98: f6:cd:3d:1c:b9:b8:be:f3:a8:88:e3:dc:49:91:6d: 36:c8:7e:64:1e:25:fd:fe:78:f0:ec:cf:47:8b:43: 44:c2:75:6c:ac:5f:03:75:3a:d0:e9:b7:4b:85:d0: e9:b2:d1:4f:dc:07:dc:06:e1:d1:62:69:b2:59:45: 4a:5d:41:c6:7a:3a:5d:f8:05:10:dd:04:98:df:e7: a1:a3:b9:6f:3d:bb:19:f9:92:eb:d2:88:01:c8:ac: d6:a9:75:10:65:24:ab:5d:b3:c2:3a:5f:80:46:37: 5d:7e:fe:1b:5b:6f:e2:73:3d:85:c2:43:f2:5a:43: a1:e1:a7:ff:13:82:25:e6:2d:6b:79:7e:21:a5:ee: 51:bc:df:18:88:a5:b6:d1:24:66:b8:46:3c:4d:e3: b8:58:9f:db:cd:48:c2:4d:be:d0:70:55:ff:63:9d: b1:6c:24:4a:e3:32:db:e4:e0:99:d1:b7:04:dc:14: f9:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:09:0F:5D:8C:30:D8:3F:77:36:4C:E7:73:86:5E:5B:02:14:38:3F X509v3 Authority Key Identifier: keyid:3C:EB:AC:40:57:25:1C:8A:AA:B9:54:DC:22:0B:22:49:6B:EE:F5:63 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/0AkPXYww2D93Nkznc4ZeWwIUOD8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:50a0::/32 Signature Algorithm: sha256WithRSAEncryption 11:50:e2:64:b2:24:fc:df:d1:be:31:1f:a7:bf:bd:2a:fd:76: ca:cf:cd:5f:13:ad:c9:68:be:49:a2:e2:b6:b5:2e:9f:b1:47: e5:dd:2b:0d:fb:23:c9:dc:8f:9b:fa:a1:34:c8:a1:62:d5:15: 3a:b7:0e:3d:d6:ce:02:af:f5:fa:7b:37:b8:e7:f2:d0:7c:16: c0:9b:f5:45:48:a1:b6:e5:f8:60:6c:ab:51:82:d9:90:76:6e: c6:d6:44:72:c8:e8:99:a4:28:51:1f:48:21:a6:68:c1:25:5e: c3:59:18:2a:3b:76:45:10:00:29:d0:fa:4a:c8:4e:30:10:ef: 4b:22:00:ad:6c:62:93:50:42:d2:46:16:46:88:3a:88:32:5b: 0f:99:1f:9c:dc:fc:62:4f:40:f5:25:a0:b9:da:2c:e3:c6:9c: 18:99:53:b3:2e:94:6b:17:67:62:8c:9f:d4:07:85:c2:1d:d2: 34:10:cd:c0:19:6d:23:07:86:84:d3:16:0f:14:1b:2e:fa:37: 59:c3:3d:93:14:cf:20:20:e3:63:b9:da:35:9b:28:d1:e1:a9: c4:45:cc:44:cd:f3:8d:bd:2e:d3:68:c0:ee:3c:02:34:8c:9f: 53:38:e2:55:91:02:e3:b8:16:0c:97:fe:00:27:75:86:af:8a: 88:13:c1:55 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICA9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0NF QkFDNDA1NzI1MUM4QUFBQjk1NERDMjIwQjIyNDk2QkVFRjU2MzAeFw0yNTA4MjIw ODU2NTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQwMDkwRjVEOEMzMEQ4 M0Y3NzM2NENFNzczODY1RTVCMDIxNDM4M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLVl+t2mf4SEYOkxulB47RsyAhU71Op8wx2f94iHoDpElLaTTD fxfpxWC0wzTV6uBmMwU+tC+W2YTcg3n8g7t7jIGYN9/uE/0RmPbNPRy5uL7zqIjj 3EmRbTbIfmQeJf3+ePDsz0eLQ0TCdWysXwN1OtDpt0uF0Omy0U/cB9wG4dFiabJZ RUpdQcZ6Ol34BRDdBJjf56GjuW89uxn5kuvSiAHIrNapdRBlJKtds8I6X4BGN11+ /htbb+JzPYXCQ/JaQ6Hhp/8TgiXmLWt5fiGl7lG83xiIpbbRJGa4RjxN47hYn9vN SMJNvtBwVf9jnbFsJErjMtvk4JnRtwTcFPlDAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQU0AkPXYww2D93Nkznc4ZeWwIUOD8wHwYDVR0jBBgwFoAUPOusQFclHIqquVTc IgsiSWvu9WMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0NQMTEz ODQ4MC9QT3VzUUZjbEhJcXF1VlRjSWdzaVNXdnU5V00uY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL1BPdXNRRmNsSElxcXVWVGNJZ3NpU1d2dTlXTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NDUDExMzg0ODAvMEFrUFhZd3cy RDkzTmt6bmM0WmVXd0lVT0Q4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQAUKAwDQYJKoZIhvcNAQELBQADggEBABFQ4mSyJPzf0b4xH6e/vSr9 dsrPzV8Trclovkmi4ra1Lp+xR+XdKw37I8ncj5v6oTTIoWLVFTq3Dj3WzgKv9fp7 N7jn8tB8FsCb9UVIobbl+GBsq1GC2ZB2bsbWRHLI6JmkKFEfSCGmaMElXsNZGCo7 dkUQACnQ+krITjAQ70siAK1sYpNQQtJGFkaIOogyWw+ZH5zc/GJPQPUloLnaLOPG nBiZU7MulGsXZ2KMn9QHhcId0jQQzcAZbSMHhoTTFg8UGy76N1nDPZMUzyAg42O5 2jWbKNHhqcRFzETN8429LtNowO48AjSMn1M44lWRAuO4FgyX/gAndYaviogTwVU= -----END CERTIFICATE-----Generated at Sun Aug 24 06:49:34 2025 by rpki-client