$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/u3oIyCGmoKBGvoOwhoLdbP09Q-c.roa File: u3oIyCGmoKBGvoOwhoLdbP09Q-c.roa (raw, json) Hash identifier: IY7mmLDF7YwTnEaxwDGTbWdYD/io8+rHB/iOI9s5fVU= Subject key identifier: BB:7A:08:C8:21:A6:A0:A0:46:BE:83:B0:86:82:DD:6C:FD:3D:43:E7 Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Certificate serial: 0F7E Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/u3oIyCGmoKBGvoOwhoLdbP09Q-c.roa Signing time: Fri 22 Aug 2025 08:51:26 +0000 ROA not before: Fri 22 Aug 2025 08:51:26 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18429 IP address blocks: 27.147.40.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3966 (0xf7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261 Validity Not Before: Aug 22 08:51:26 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=BB7A08C821A6A0A046BE83B08682DD6CFD3D43E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:87:f7:c6:c0:76:ad:3b:81:8b:fc:89:dd: 6e:92:ee:44:fe:0f:6f:eb:62:ca:ee:03:d5:d5:25: c2:a3:c0:93:4a:b1:ce:be:fb:f4:c7:ac:cc:b9:be: 88:b1:f2:48:d3:52:ab:b7:ee:ab:ef:f5:f3:8e:a9: 89:87:1a:52:cb:a7:b7:e4:8f:c8:f6:fd:23:54:04: 99:83:47:57:3a:4a:0a:73:e3:ca:60:6d:d0:7e:8d: c3:bf:95:cc:0a:54:27:e1:31:75:e4:ee:bd:6d:26: 83:7b:b8:16:8b:f2:fe:b2:1c:f5:87:ab:c0:70:cc: c1:38:2c:cd:7b:a4:3b:be:b4:31:32:9a:3f:fd:1f: fd:6b:69:db:8e:62:60:5f:53:e9:48:c3:0c:09:2d: a6:cb:25:74:ae:ac:2c:0e:99:8d:eb:c2:dd:73:4a: 38:52:25:ab:37:2b:83:2b:08:39:db:e1:aa:89:fd: b6:08:58:a2:f4:2f:be:95:c8:c4:52:e6:18:e9:43: 61:8b:31:aa:34:7d:30:84:8a:1e:0c:dd:ee:13:8d: b7:39:76:aa:1e:3c:c0:12:eb:7c:cd:0c:19:81:bd: 31:49:21:72:f6:90:76:e0:82:f1:8b:c1:7c:40:3e: 24:fe:24:9d:3b:7a:39:f3:ef:17:ad:0d:f4:92:df: bf:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:7A:08:C8:21:A6:A0:A0:46:BE:83:B0:86:82:DD:6C:FD:3D:43:E7 X509v3 Authority Key Identifier: keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/u3oIyCGmoKBGvoOwhoLdbP09Q-c.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.147.40.0/21 Signature Algorithm: sha256WithRSAEncryption 51:ed:47:b8:8e:e2:e0:c7:d8:1e:63:df:8b:d1:e3:09:9c:91: 61:20:db:b3:79:2e:bb:c8:a3:be:33:66:45:d8:ed:f0:64:6d: 6c:86:ce:93:99:9f:b3:72:14:5a:d6:6c:ac:f1:fb:55:68:04: dc:2f:f9:a4:9c:23:34:f2:8e:b8:91:1d:f3:08:da:58:fa:74: 97:b0:b3:ef:9c:89:3c:08:bd:08:39:0d:00:5c:dc:5e:70:54: 29:26:8e:2e:d0:c5:c9:9e:d8:07:45:cf:8e:dc:04:b3:1e:81: c8:43:a9:0b:13:6a:19:35:2e:54:e8:e0:a6:f6:02:a7:c9:cb: 1f:3c:df:b0:07:03:25:09:f2:f0:33:04:53:66:1d:76:ee:b4: d7:db:de:4c:29:2f:34:a1:49:70:95:dd:24:ff:7f:be:28:d6: e1:49:88:0e:46:4f:f9:5b:78:0b:57:b9:44:a5:55:2b:08:47: 94:65:80:a4:71:35:e5:d6:11:b3:3f:bd:ff:bc:6e:47:30:be: b8:40:fe:f0:72:27:8c:4c:65:2b:e8:14:56:3b:2e:54:a5:fc: ad:46:91:fb:8a:bb:c5:c4:36:f1:59:d1:0b:a6:99:43:2f:0c: ce:df:39:06:13:e6:9d:35:87:ca:cf:f9:37:f8:a7:82:3c:f4: 4a:06:db:63 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICD34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTA4MjIw ODUxMjZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEJCN0EwOEM4MjFBNkEw QTA0NkJFODNCMDg2ODJERDZDRkQzRDQzRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2Hof3xsB2rTuBi/yJ3W6S7kT+D2/rYsruA9XVJcKjwJNKsc6+ +/THrMy5voix8kjTUqu37qvv9fOOqYmHGlLLp7fkj8j2/SNUBJmDR1c6Sgpz48pg bdB+jcO/lcwKVCfhMXXk7r1tJoN7uBaL8v6yHPWHq8BwzME4LM17pDu+tDEymj/9 H/1raduOYmBfU+lIwwwJLabLJXSurCwOmY3rwt1zSjhSJas3K4MrCDnb4aqJ/bYI WKL0L76VyMRS5hjpQ2GLMao0fTCEih4M3e4Tjbc5dqoePMAS63zNDBmBvTFJIXL2 kHbggvGLwXxAPiT+JJ07ejnz7xetDfSS37+3AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUu3oIyCGmoKBGvoOwhoLdbP09Q+cwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0 X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC91M29JeUNHbW9LQkd2b093aG9M ZGJQMDlRLWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo MA0GCSqGSIb3DQEBCwUAA4IBAQBR7Ue4juLgx9geY9+L0eMJnJFhINuzeS67yKO+ M2ZF2O3wZG1shs6TmZ+zchRa1mys8ftVaATcL/mknCM08o64kR3zCNpY+nSXsLPv nIk8CL0IOQ0AXNxecFQpJo4u0MXJntgHRc+O3ASzHoHIQ6kLE2oZNS5U6OCm9gKn ycsfPN+wBwMlCfLwMwRTZh127rTX295MKS80oUlwld0k/3++KNbhSYgORk/5W3gL V7lEpVUrCEeUZYCkcTXl1hGzP73/vG5HML64QP7wcieMTGUr6BRWOy5UpfytRpH7 irvFxDbxWdELpplDLwzO3zkGE+adNYfKz/k3+KeCPPRKBttj -----END CERTIFICATE-----Generated at Sun Aug 24 16:03:13 2025 by rpki-client