$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2BXwDD45l7bfhOEW9aeW2Z9LheM.roa File: 2BXwDD45l7bfhOEW9aeW2Z9LheM.roa (raw, json) Hash identifier: PsybeDoQafAralnY9kYqmJ16DWqFJq5jTPX7YcHLdz8= Subject key identifier: D8:15:F0:0C:3E:39:97:B6:DF:84:E1:16:F5:A7:96:D9:9F:4B:85:E3 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 142A Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2BXwDD45l7bfhOEW9aeW2Z9LheM.roa Signing time: Fri 22 Aug 2025 08:57:37 +0000 ROA not before: Fri 22 Aug 2025 08:57:37 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 132157 IP address blocks: 150.116.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5162 (0x142a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:37 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D815F00C3E3997B6DF84E116F5A796D99F4B85E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:42:cb:eb:f9:f3:5e:16:d4:b4:da:08:fd:4e: 83:6d:ea:b1:33:33:2a:05:a3:c1:23:74:23:e4:bd: c7:ae:67:3c:48:98:de:a0:77:48:77:dd:63:2e:33: b5:99:d0:d5:28:f9:5d:0c:85:15:ae:63:41:24:46: 80:c0:34:fa:a9:e6:aa:c1:03:5c:17:9b:63:fb:f6: 85:eb:0e:02:c0:80:6f:76:d5:cd:08:f4:50:55:2c: 40:81:85:a0:ac:81:c6:1e:49:ce:ec:ef:67:33:c3: 64:7f:17:7f:cc:c0:bc:62:07:aa:3a:ae:07:14:d4: 88:93:af:ba:73:a9:be:46:18:5a:1e:e9:ec:e9:b9: ca:d8:b1:1f:9b:db:a9:86:d3:e1:02:28:6f:ec:13: c9:ed:33:0a:4c:d5:6e:8d:ef:51:94:a7:67:4e:93: 61:f3:13:83:8c:3a:42:50:00:1e:2f:ff:c3:93:1a: 3b:a3:14:1d:5c:16:c1:89:79:a3:c0:52:c2:6d:00: c4:a2:a5:5c:e8:64:bf:a7:73:d5:20:10:fe:96:98: 78:54:75:d8:98:22:a1:af:90:43:81:e0:5d:16:e3: 95:4d:f4:ad:ff:fa:31:92:aa:5c:eb:9e:92:db:5f: d8:c1:c4:c4:33:39:c6:fa:6e:b1:6f:6a:57:87:d9: 97:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:15:F0:0C:3E:39:97:B6:DF:84:E1:16:F5:A7:96:D9:9F:4B:85:E3 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2BXwDD45l7bfhOEW9aeW2Z9LheM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.118.0/24 Signature Algorithm: sha256WithRSAEncryption 80:71:70:6c:26:f1:60:8c:20:ed:88:61:13:fc:d8:94:84:9b: 8d:73:55:d5:47:7e:48:39:04:5c:33:a1:63:8e:f6:ac:be:17: 89:19:0f:af:da:59:08:c8:02:d3:04:dd:dd:51:ef:e4:ac:07: fb:2e:3a:74:86:3f:d2:27:72:d1:a0:1f:2f:ef:03:ca:5e:34: 4a:ba:2b:bd:32:80:aa:2c:2b:f1:4b:e5:9f:c8:0a:cf:64:d9: 50:40:35:4b:c8:39:2b:ec:0f:83:70:cf:bc:32:ac:b2:21:d9: c8:52:ed:f7:b4:b5:b8:f2:d1:30:f9:f3:f2:9d:01:70:90:6f: 58:c6:16:fe:c4:0f:07:40:b1:6f:cd:4a:71:3f:79:2b:e8:53: e1:7b:f3:15:51:91:dc:e4:67:90:33:87:e9:bc:5a:6b:9b:4a: 5f:e6:34:aa:c0:a6:ed:c3:b4:50:3f:63:48:b3:cd:ee:ec:fa: af:72:54:cd:2f:89:e0:91:b4:08:2a:61:18:a3:3e:14:f5:44: 48:59:70:d3:9d:7d:29:28:da:5e:54:a0:87:8c:de:37:ad:e1: 74:a6:e3:ba:f6:dc:6c:d9:c9:f1:c5:33:1e:6e:3f:70:d6:b9: 14:7c:e7:17:e0:01:50:3e:fa:19:25:9c:ad:37:e5:cc:de:e7: d9:26:44:21 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ4MTVGMDBDM0UzOTk3 QjZERjg0RTExNkY1QTc5NkQ5OUY0Qjg1RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQChQsvr+fNeFtS02gj9ToNt6rEzMyoFo8EjdCPkvceuZzxImN6g d0h33WMuM7WZ0NUo+V0MhRWuY0EkRoDANPqp5qrBA1wXm2P79oXrDgLAgG921c0I 9FBVLECBhaCsgcYeSc7s72czw2R/F3/MwLxiB6o6rgcU1IiTr7pzqb5GGFoe6ezp ucrYsR+b26mG0+ECKG/sE8ntMwpM1W6N71GUp2dOk2HzE4OMOkJQAB4v/8OTGjuj FB1cFsGJeaPAUsJtAMSipVzoZL+nc9UgEP6WmHhUddiYIqGvkEOB4F0W45VN9K3/ +jGSqlzrnpLbX9jBxMQzOcb6brFvaleH2ZdBAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQU2BXwDD45l7bfhOEW9aeW2Z9LheMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8yQlh3REQ0NWw3YmZo T0VXOWFlVzJaOUxoZU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnR2MA0GCSqGSIb3DQEBCwUAA4IBAQCAcXBsJvFgjCDtiGET/NiUhJuNc1XV R35IOQRcM6FjjvasvheJGQ+v2lkIyALTBN3dUe/krAf7Ljp0hj/SJ3LRoB8v7wPK XjRKuiu9MoCqLCvxS+WfyArPZNlQQDVLyDkr7A+DcM+8MqyyIdnIUu33tLW48tEw +fPynQFwkG9Yxhb+xA8HQLFvzUpxP3kr6FPhe/MVUZHc5GeQM4fpvFprm0pf5jSq wKbtw7RQP2NIs83u7PqvclTNL4ngkbQIKmEYoz4U9URIWXDTnX0pKNpeVKCHjN43 reF0puO69txs2cnxxTMebj9w1rkUfOcX4AFQPvoZJZytN+XM3ufZJkQh -----END CERTIFICATE-----Generated at Sun Aug 24 11:15:34 2025 by rpki-client