$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ltHMOUALaN4ZdJnDhUO6yE6Hplk.roa File: ltHMOUALaN4ZdJnDhUO6yE6Hplk.roa (raw, json) Hash identifier: vSkRznH3sAt/sUChky58HJFIJb51rb/gsvB6xnfiHUc= Subject key identifier: 96:D1:CC:39:40:0B:68:DE:19:74:99:C3:85:43:BA:C8:4E:87:A6:59 Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Certificate serial: 13EB Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ltHMOUALaN4ZdJnDhUO6yE6Hplk.roa Signing time: Fri 22 Aug 2025 08:57:24 +0000 ROA not before: Fri 22 Aug 2025 08:57:24 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7532 IP address blocks: 150.116.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5099 (0x13eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76 Validity Not Before: Aug 22 08:57:24 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=96D1CC39400B68DE197499C38543BAC84E87A659 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fc:0e:d5:5a:f7:5f:20:60:df:10:dd:7a:6c: cd:66:f5:b1:9a:80:77:c9:aa:01:a2:48:ba:f9:fa: 42:2e:ea:2c:3a:c8:13:6c:2d:a5:e5:86:ea:50:a0: 0b:92:c0:ac:f1:98:db:fd:11:4f:98:2d:96:6a:c7: 40:2c:08:38:26:63:ba:3c:b2:de:fe:94:bf:d1:18: 85:e6:45:5e:dc:c7:cc:3d:f6:f7:ac:42:c3:b8:c0: f2:12:c3:fb:81:8a:78:7e:a9:f9:bd:bb:c7:f6:8b: 72:e2:6a:57:b2:2c:05:e8:b6:1c:38:81:36:0f:c8: ca:0a:c4:c3:b4:97:72:61:ec:56:5b:27:bd:90:6b: 46:27:6e:ea:64:74:28:a9:94:b3:16:60:e8:30:8e: 52:68:5d:78:f6:b6:61:e7:12:e7:ca:ab:9d:a6:bb: 8e:f8:e8:88:f0:82:56:9d:2a:6d:04:f4:04:85:82: 9d:e5:ed:3f:83:4f:df:55:4c:2f:d8:1d:a5:3d:30: c7:98:72:b1:f7:57:4c:fa:c8:97:33:30:d9:37:ea: 2e:47:a7:51:9a:7e:b8:65:98:11:df:08:bf:27:79: 33:3a:3c:7b:4a:29:c5:ff:d4:7b:0b:89:2f:29:bb: f5:06:dd:e7:5b:ba:88:5f:85:f0:c5:3e:8e:54:34: db:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:D1:CC:39:40:0B:68:DE:19:74:99:C3:85:43:BA:C8:4E:87:A6:59 X509v3 Authority Key Identifier: keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ltHMOUALaN4ZdJnDhUO6yE6Hplk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 150.116.55.0/24 Signature Algorithm: sha256WithRSAEncryption aa:c2:2a:0e:ad:2a:6e:d7:63:73:23:0f:06:e6:bd:56:01:a0: e9:21:fb:27:ed:f1:bb:92:37:6f:5a:e8:05:00:f9:c0:95:de: f4:6a:9b:4b:28:24:64:e1:ad:70:fb:10:70:19:28:58:e4:4f: b3:3a:7e:40:bc:61:32:ad:77:5f:21:ca:3a:5e:8b:e9:8c:b7: a0:4c:13:7f:74:d3:82:d9:ae:7f:73:c0:b2:11:e1:93:9e:61: 24:5f:fd:88:b6:a7:52:6f:e0:e3:3d:da:2e:b4:68:e9:0d:51: f5:13:ce:22:e9:f4:f5:ab:3a:15:05:a9:a5:8a:72:fc:86:10: 7c:16:be:c3:e7:f5:e3:43:43:5d:ba:62:2e:b2:f9:e3:1d:9e: 14:26:83:44:71:5b:f9:a7:28:ef:15:c4:00:36:bb:f8:da:4c: 57:4b:22:23:f5:4f:c4:b5:5a:7e:1d:9f:8f:fd:d9:f3:d5:97: 37:48:bb:44:db:54:2f:90:e5:14:66:1c:87:e1:49:6e:6d:48: 0c:d2:c5:a8:c8:64:a0:b6:30:68:fa:cf:93:86:9d:cf:9d:16: 9d:4b:a1:65:42:ca:85:27:8d:78:3b:10:ff:6f:23:cd:78:87: 50:b7:e7:b0:89:ff:04:de:f1:2d:0f:56:72:4f:37:f9:92:d4: 42:b0:10:b9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICE+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTA4MjIw ODU3MjRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk2RDFDQzM5NDAwQjY4 REUxOTc0OTlDMzg1NDNCQUM4NEU4N0E2NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9/A7VWvdfIGDfEN16bM1m9bGagHfJqgGiSLr5+kIu6iw6yBNs LaXlhupQoAuSwKzxmNv9EU+YLZZqx0AsCDgmY7o8st7+lL/RGIXmRV7cx8w99ves QsO4wPISw/uBinh+qfm9u8f2i3LialeyLAXothw4gTYPyMoKxMO0l3Jh7FZbJ72Q a0YnbupkdCiplLMWYOgwjlJoXXj2tmHnEufKq52mu4746IjwgladKm0E9ASFgp3l 7T+DT99VTC/YHaU9MMeYcrH3V0z6yJczMNk36i5Hp1GafrhlmBHfCL8neTM6PHtK KcX/1HsLiS8pu/UG3edbuohfhfDFPo5UNNvZAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUltHMOUALaN4ZdJnDhUO6yE6HplkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9sdEhNT1VBTGFONFpk Sm5EaFVPNnlFNkhwbGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAlnQ3MA0GCSqGSIb3DQEBCwUAA4IBAQCqwioOrSpu12NzIw8G5r1WAaDpIfsn 7fG7kjdvWugFAPnAld70aptLKCRk4a1w+xBwGShY5E+zOn5AvGEyrXdfIco6Xovp jLegTBN/dNOC2a5/c8CyEeGTnmEkX/2ItqdSb+DjPdoutGjpDVH1E84i6fT1qzoV BamlinL8hhB8Fr7D5/XjQ0NdumIusvnjHZ4UJoNEcVv5pyjvFcQANrv42kxXSyIj 9U/EtVp+HZ+P/dnz1Zc3SLtE21QvkOUUZhyH4UlubUgM0sWoyGSgtjBo+s+Thp3P nRadS6FlQsqFJ414OxD/byPNeIdQt+ewif8E3vEtD1ZyTzf5ktRCsBC5 -----END CERTIFICATE-----Generated at Sun Aug 24 06:48:59 2025 by rpki-client