$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/ia6zH0_VJn5ndOQsYCkiLFyFaI4.roa File: ia6zH0_VJn5ndOQsYCkiLFyFaI4.roa (raw, json) Hash identifier: aIn+u6oU9Yj5NvsV5D2xkCj9XbBSH3/sZuhp3gnsLvY= Subject key identifier: 89:AE:B3:1F:4F:D5:26:7E:67:74:E4:2C:60:29:22:2C:5C:85:68:8E Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0F79 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ia6zH0_VJn5ndOQsYCkiLFyFaI4.roa Signing time: Fri 22 Aug 2025 08:51:25 +0000 ROA not before: Fri 22 Aug 2025 08:51:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18429 IP address blocks: 61.57.128.0/21 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3961 (0xf79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 22 08:51:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=89AEB31F4FD5267E6774E42C6029222C5C85688E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c4:45:a3:09:c4:2b:67:f1:c8:b9:49:68:e9: 6d:5d:4d:3f:e6:14:3c:3d:d2:1b:a4:bb:00:36:14: 6e:00:21:b9:e8:b1:be:9b:45:5d:09:0a:dd:e7:0a: b7:9e:a8:06:92:7d:9d:93:0b:7d:9c:29:cd:00:ed: 41:98:54:27:60:64:81:fa:0e:ce:c7:dc:2d:11:40: ce:5c:ca:d0:51:7f:de:00:52:d7:61:2f:bc:e9:3c: 3d:2e:56:13:22:f8:d6:22:a9:5b:28:61:f5:66:91: 6e:dd:0e:b5:20:a5:f1:d3:8a:ea:50:ee:1d:72:56: 04:54:db:97:0c:96:70:32:f6:42:87:31:1d:87:93: 25:82:8e:e5:60:94:b6:c8:46:a5:f6:d7:8c:bc:ab: f3:c8:a3:f6:79:d8:ad:c4:85:ad:db:6c:f0:be:87: ae:97:5b:83:2e:37:ca:d2:2d:dd:64:b1:2a:ac:98: d4:26:42:e6:26:ce:26:eb:7d:73:eb:69:22:57:97: 03:ae:ca:3f:a8:d4:60:e5:02:08:e3:f5:07:50:6f: 36:fd:e8:76:c7:1e:a8:8f:8d:00:09:64:6d:28:03: db:0a:90:d0:80:af:3f:27:5a:97:10:48:b2:73:e3: 45:65:fa:73:71:b3:87:4d:c2:07:db:11:26:f0:84: 2a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:AE:B3:1F:4F:D5:26:7E:67:74:E4:2C:60:29:22:2C:5C:85:68:8E X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ia6zH0_VJn5ndOQsYCkiLFyFaI4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.57.128.0/21 Signature Algorithm: sha256WithRSAEncryption 17:b7:3e:72:8e:2a:26:6b:63:ed:3e:ec:62:fa:5d:8e:e3:86: f6:88:d7:00:03:be:47:ad:11:b8:75:d4:c8:65:59:56:c3:ad: 8a:0b:28:0f:8f:09:5f:57:9a:8f:bc:a9:e3:33:4e:06:3d:d3: 79:7e:d7:70:bc:a3:61:a7:b3:aa:5c:20:91:a6:b9:16:14:3b: 6f:96:ed:da:62:a5:cc:c9:e7:94:60:85:08:fc:d7:6f:b0:c0: 70:e4:88:35:98:eb:2a:7f:9c:4a:14:69:c9:00:55:3b:70:71: 75:aa:82:68:97:3e:43:d0:df:bf:cf:47:46:45:82:f3:31:b4: e7:20:04:cd:a1:6f:24:60:64:de:3e:9f:0b:a7:52:e5:15:39: 45:64:2d:16:d8:66:22:03:c6:b9:27:75:c6:fd:bb:3b:53:7c: 34:5b:76:5c:a6:72:d5:2a:f9:d1:00:b3:c3:7e:01:f3:08:29: 3e:7e:12:9f:ad:ac:bd:e5:e8:da:5c:a0:3b:ef:d8:e3:c6:73: 7a:81:ac:5d:5d:7e:bc:b2:fb:3d:43:fc:a4:61:de:20:d2:77: 9a:dc:c4:cb:0f:4d:63:dd:86:8f:8a:53:30:f5:e4:2c:62:4c: 02:33:19:39:a6:68:37:f7:06:bb:b1:e4:f1:4c:1d:06:ec:2f: fb:ce:1e:07 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTA4MjIw ODUxMjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg5QUVCMzFGNEZENTI2 N0U2Nzc0RTQyQzYwMjkyMjJDNUM4NTY4OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJxEWjCcQrZ/HIuUlo6W1dTT/mFDw90hukuwA2FG4AIbnosb6b RV0JCt3nCreeqAaSfZ2TC32cKc0A7UGYVCdgZIH6Ds7H3C0RQM5cytBRf94AUtdh L7zpPD0uVhMi+NYiqVsoYfVmkW7dDrUgpfHTiupQ7h1yVgRU25cMlnAy9kKHMR2H kyWCjuVglLbIRqX214y8q/PIo/Z52K3Eha3bbPC+h66XW4MuN8rSLd1ksSqsmNQm QuYmzibrfXPraSJXlwOuyj+o1GDlAgjj9QdQbzb96HbHHqiPjQAJZG0oA9sKkNCA rz8nWpcQSLJz40Vl+nNxs4dNwgfbESbwhCpbAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUia6zH0/VJn5ndOQsYCkiLFyFaI4wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9pYTZ6SDBfVkpuNW5kT1FzWUNr aUxGeUZhSTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmA MA0GCSqGSIb3DQEBCwUAA4IBAQAXtz5yjioma2PtPuxi+l2O44b2iNcAA75HrRG4 ddTIZVlWw62KCygPjwlfV5qPvKnjM04GPdN5ftdwvKNhp7OqXCCRprkWFDtvlu3a YqXMyeeUYIUI/NdvsMBw5Ig1mOsqf5xKFGnJAFU7cHF1qoJolz5D0N+/z0dGRYLz MbTnIATNoW8kYGTePp8Lp1LlFTlFZC0W2GYiA8a5J3XG/bs7U3w0W3ZcpnLVKvnR ALPDfgHzCCk+fhKfray95ejaXKA779jjxnN6gaxdXX68svs9Q/ykYd4g0nea3MTL D01j3YaPilMw9eQsYkwCMxk5pmg39wa7seTxTB0G7C/7zh4H -----END CERTIFICATE-----Generated at Sun Aug 24 16:05:10 2025 by rpki-client