$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZYZiGtVjr7i1I2wDocBGO0cVybM.roa File: ZYZiGtVjr7i1I2wDocBGO0cVybM.roa (raw, json) Hash identifier: EkNq+qyHWmTamG5Oo5oEM75aAj5MeVNweQRHRQpbPag= Subject key identifier: 65:86:62:1A:D5:63:AF:B8:B5:23:6C:03:A1:C0:46:3B:47:15:C9:B3 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 1426 Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZYZiGtVjr7i1I2wDocBGO0cVybM.roa Signing time: Fri 22 Aug 2025 08:57:36 +0000 ROA not before: Fri 22 Aug 2025 08:57:36 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18419 IP address blocks: 150.117.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5158 (0x1426) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:36 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=6586621AD563AFB8B5236C03A1C0463B4715C9B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:7c:b1:ce:14:f6:2b:56:31:a0:3d:f8:53:8e: 57:44:ee:66:91:3d:69:b4:2b:23:65:18:59:68:a6: 22:e5:92:05:db:9a:21:6a:4f:18:b9:34:27:7c:ca: b9:db:f6:f0:ee:5c:87:c4:8c:a2:9c:80:62:21:23: 33:c1:42:b7:77:7e:84:ac:57:7c:fd:49:b8:49:c0: 96:cb:58:d1:47:74:88:eb:57:7b:18:72:51:f1:7c: 36:f4:10:92:04:e6:65:6b:c1:bc:6c:2b:1c:99:4a: 77:be:4b:34:7d:45:6e:cc:a2:d0:68:af:2b:41:c4: a9:6a:0e:73:3d:13:59:c1:cb:b6:37:67:8b:38:fc: d5:56:0d:fb:52:cd:2e:53:78:04:7e:76:c1:ef:60: 86:78:0c:23:ba:ad:d6:53:47:47:5a:54:75:34:7e: c1:04:1b:1a:8a:e6:71:60:9c:b5:60:3a:28:57:29: b1:bd:1e:55:3e:65:f6:cc:81:3b:9d:29:45:57:97: 82:f2:80:6f:a7:87:4a:b5:cf:97:03:3b:1d:c8:69: 51:35:25:54:f6:3c:69:c0:f4:9d:90:e3:77:61:d2: 4d:40:a7:2c:ec:35:dc:a9:7d:74:fc:3d:59:8d:01: 89:b4:29:01:10:0d:96:20:b8:1d:0c:0c:9c:83:f0: cb:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:86:62:1A:D5:63:AF:B8:B5:23:6C:03:A1:C0:46:3B:47:15:C9:B3 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZYZiGtVjr7i1I2wDocBGO0cVybM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.117.16.0/20 Signature Algorithm: sha256WithRSAEncryption 2f:ca:79:8a:15:f9:3a:e9:a0:96:ce:b0:2d:8c:60:d3:79:68: 1a:51:0c:74:07:a1:49:07:89:a9:67:a8:8e:ac:74:d1:d7:a4: 89:fb:7c:9a:22:9a:a9:a3:68:d3:15:31:f5:9b:c6:60:c3:11: 08:45:56:f5:a4:3b:92:d1:82:a0:c3:b3:9e:f9:04:21:66:1a: e8:4c:a7:a2:80:50:12:10:1d:a7:50:5c:84:cf:19:bb:91:1c: f4:b1:8d:b2:bb:1f:43:b1:1e:47:be:ab:73:ea:c5:76:91:9d: fc:87:98:14:cc:f9:c0:f5:f0:b1:f9:5f:42:01:f4:84:f9:a2: 00:14:98:a8:79:97:d1:4b:ef:69:ff:0b:76:f6:54:78:3b:22: 2d:ed:a7:02:4c:eb:9b:ac:72:59:30:59:e3:50:b0:6a:ed:21: 93:d8:e2:70:fe:fd:7b:db:a7:ea:4b:40:6a:0c:b6:78:42:81: e4:fd:62:99:c1:be:0b:de:c0:83:a8:c4:28:18:d1:af:bd:64: 0e:0e:0b:d6:df:2e:30:07:a3:e2:49:fe:cc:c0:fe:3d:a8:21: 15:d9:6b:75:f9:91:91:2a:cd:c6:9a:a4:c6:ff:1d:0b:2e:7d: 41:fb:21:e7:6d:9d:fe:3d:89:2c:2e:7c:07:b1:80:79:18:6d: f4:98:00:db -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICFCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MzZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY1ODY2MjFBRDU2M0FG QjhCNTIzNkMwM0ExQzA0NjNCNDcxNUM5QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqfLHOFPYrVjGgPfhTjldE7maRPWm0KyNlGFlopiLlkgXbmiFq Txi5NCd8yrnb9vDuXIfEjKKcgGIhIzPBQrd3foSsV3z9SbhJwJbLWNFHdIjrV3sY clHxfDb0EJIE5mVrwbxsKxyZSne+SzR9RW7MotBorytBxKlqDnM9E1nBy7Y3Z4s4 /NVWDftSzS5TeAR+dsHvYIZ4DCO6rdZTR0daVHU0fsEEGxqK5nFgnLVgOihXKbG9 HlU+ZfbMgTudKUVXl4LygG+nh0q1z5cDOx3IaVE1JVT2PGnA9J2Q43dh0k1Apyzs NdypfXT8PVmNAYm0KQEQDZYguB0MDJyD8MvVAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZYZiGtVjr7i1I2wDocBGO0cVybMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aWVppR3RWanI3aTFJ MndEb2NCR08wY1Z5Yk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQElnUQMA0GCSqGSIb3DQEBCwUAA4IBAQAvynmKFfk66aCWzrAtjGDTeWgaUQx0 B6FJB4mpZ6iOrHTR16SJ+3yaIpqpo2jTFTH1m8ZgwxEIRVb1pDuS0YKgw7Oe+QQh ZhroTKeigFASEB2nUFyEzxm7kRz0sY2yux9DsR5Hvqtz6sV2kZ38h5gUzPnA9fCx +V9CAfSE+aIAFJioeZfRS+9p/wt29lR4OyIt7acCTOubrHJZMFnjULBq7SGT2OJw /v1726fqS0BqDLZ4QoHk/WKZwb4L3sCDqMQoGNGvvWQODgvW3y4wB6PiSf7MwP49 qCEV2Wt1+ZGRKs3GmqTG/x0LLn1B+yHnbZ3+PYksLnwHsYB5GG30mADb -----END CERTIFICATE-----Generated at Sun Aug 24 06:46:57 2025 by rpki-client