$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/nJR91VDy3cbxpLIQED9he337FcM.roa File: nJR91VDy3cbxpLIQED9he337FcM.roa (raw, json) Hash identifier: lINGpZQlfFcM/lls87xroBQyzidieD2NEFoWo+ohGM4= Subject key identifier: 9C:94:7D:D5:50:F2:DD:C6:F1:A4:B2:10:10:3F:61:7B:7D:FB:15:C3 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0F65 Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/nJR91VDy3cbxpLIQED9he337FcM.roa Signing time: Fri 22 Aug 2025 08:51:19 +0000 ROA not before: Fri 22 Aug 2025 08:51:19 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18429 IP address blocks: 124.155.176.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3941 (0xf65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 22 08:51:19 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=9C947DD550F2DDC6F1A4B210103F617B7DFB15C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f7:22:50:fe:79:30:ba:b1:79:46:a2:7b:a1: a7:92:37:0f:f8:c2:87:89:ca:6c:a8:34:fd:e0:f6: ba:98:ef:fa:14:a3:30:75:a9:62:e9:d1:53:aa:f7: e1:6b:0a:dc:b1:d6:fb:e9:b7:14:0f:0f:7e:04:5a: 53:e3:0f:8f:31:d9:15:2e:73:67:40:82:ed:45:07: e5:de:b9:37:17:5d:96:d2:f5:ce:34:76:8f:af:e2: a8:28:a8:08:d3:25:ae:70:80:39:88:ad:94:f1:4c: 28:97:7d:03:d9:e5:14:3e:c2:fd:0f:b8:a6:b5:43: da:32:16:71:75:40:5d:24:50:6e:40:80:63:57:64: 95:ab:72:2b:d7:fd:62:be:1c:4f:9a:cb:91:65:7e: 2e:fd:92:70:95:89:48:36:c3:ed:ea:cc:c3:52:a1: dc:3f:2e:3f:e2:3b:60:36:a1:09:9a:29:13:73:d3: fa:89:56:cf:f3:85:4b:a4:7e:9d:84:93:a9:e3:7d: 92:e4:c3:da:58:e9:a8:c5:02:0f:69:3f:92:4c:99: b2:2d:6e:34:bf:9a:6f:da:ac:38:10:0e:e7:ee:02: 84:4f:01:e5:8e:c5:32:d5:fd:33:bb:54:78:95:dd: 4d:a7:98:2a:0b:9c:70:fb:1c:6f:d3:dc:df:31:90: 4e:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:94:7D:D5:50:F2:DD:C6:F1:A4:B2:10:10:3F:61:7B:7D:FB:15:C3 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/nJR91VDy3cbxpLIQED9he337FcM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.155.176.0/21 Signature Algorithm: sha256WithRSAEncryption 4c:42:3d:99:7e:1e:dc:d8:ae:9c:8d:97:a8:de:1f:2d:3e:2b: d4:d8:94:ef:14:d4:1f:8b:e2:4b:f1:85:57:01:38:98:43:4f: 4a:61:14:07:c0:43:5a:57:5c:e9:a6:ad:5d:74:44:7d:6d:3e: fa:9e:49:ac:3f:8e:9a:41:83:09:e9:dd:bc:65:cc:41:f4:4d: fe:5b:5a:2f:66:13:d6:58:6d:61:df:92:b9:ba:27:a5:37:1f: 67:24:67:3a:3f:94:d8:f1:1d:4e:81:3d:bd:0a:8e:03:a7:40: 9e:9f:50:8c:f5:6e:52:c6:bf:80:fa:34:31:30:e7:00:5a:37: 2f:0b:ee:28:c3:1f:cb:89:9c:0f:68:74:bf:0a:ab:1f:66:28: d3:72:f8:ec:b4:62:e0:4c:37:55:e2:ad:de:f8:1e:ed:2d:6d: c7:15:44:c8:f2:98:f5:63:f0:d6:f3:63:fa:0a:95:dd:75:fd: 43:29:c4:37:60:29:3d:e0:07:a8:51:ca:b3:9d:cc:34:52:ed: 8d:7f:f1:85:04:91:f9:70:7d:da:65:46:19:b1:8f:12:18:1d: 05:fa:47:ee:50:c1:b8:58:22:19:e0:8c:39:6f:03:9b:24:5e: db:17:45:31:60:a4:4c:6b:5b:1d:70:cd:9f:e2:57:ce:97:98: 51:7f:a1:4e -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTA4MjIw ODUxMTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDlDOTQ3REQ1NTBGMkRE QzZGMUE0QjIxMDEwM0Y2MTdCN0RGQjE1QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDd9yJQ/nkwurF5RqJ7oaeSNw/4woeJymyoNP3g9rqY7/oUozB1 qWLp0VOq9+FrCtyx1vvptxQPD34EWlPjD48x2RUuc2dAgu1FB+XeuTcXXZbS9c40 do+v4qgoqAjTJa5wgDmIrZTxTCiXfQPZ5RQ+wv0PuKa1Q9oyFnF1QF0kUG5AgGNX ZJWrcivX/WK+HE+ay5Flfi79knCViUg2w+3qzMNSodw/Lj/iO2A2oQmaKRNz0/qJ Vs/zhUukfp2Ek6njfZLkw9pY6ajFAg9pP5JMmbItbjS/mm/arDgQDufuAoRPAeWO xTLV/TO7VHiV3U2nmCoLnHD7HG/T3N8xkE5FAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUnJR91VDy3cbxpLIQED9he337FcMwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9uSlI5MVZEeTNjYnhwTElRRUQ5 aGUzMzdGY00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJuw MA0GCSqGSIb3DQEBCwUAA4IBAQBMQj2Zfh7c2K6cjZeo3h8tPivU2JTvFNQfi+JL 8YVXATiYQ09KYRQHwENaV1zppq1ddER9bT76nkmsP46aQYMJ6d28ZcxB9E3+W1ov ZhPWWG1h35K5uielNx9nJGc6P5TY8R1OgT29Co4Dp0Cen1CM9W5Sxr+A+jQxMOcA WjcvC+4owx/LiZwPaHS/CqsfZijTcvjstGLgTDdV4q3e+B7tLW3HFUTI8pj1Y/DW 82P6CpXddf1DKcQ3YCk94AeoUcqzncw0Uu2Nf/GFBJH5cH3aZUYZsY8SGB0F+kfu UMG4WCIZ4Iw5bwObJF7bF0UxYKRMa1sdcM2f4lfOl5hRf6FO -----END CERTIFICATE-----Generated at Sun Aug 24 16:07:09 2025 by rpki-client