$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/_xvEwnLVdHp7MhGQ4Zdx7lKyeqc.roa File: _xvEwnLVdHp7MhGQ4Zdx7lKyeqc.roa (raw, json) Hash identifier: pSErrwEjV+xssAeSKBwXCchpjAvKMwLdIR+XEDTY/24= Subject key identifier: FF:1B:C4:C2:72:D5:74:7A:7B:32:11:90:E1:97:71:EE:52:B2:7A:A7 Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D Certificate serial: 0D87 Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/_xvEwnLVdHp7MhGQ4Zdx7lKyeqc.roa Signing time: Fri 22 Aug 2025 08:58:10 +0000 ROA not before: Fri 22 Aug 2025 08:58:10 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9924 IP address blocks: 103.123.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3463 (0xd87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D Validity Not Before: Aug 22 08:58:10 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=FF1BC4C272D5747A7B321190E19771EE52B27AA7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:15:6c:54:a6:5a:ab:f0:02:c4:8d:29:ca:ea: ae:1f:1d:ec:a8:03:ac:80:7f:af:0b:c9:99:e5:5d: 99:45:11:44:1b:ee:40:c9:4d:79:50:cd:e3:66:70: 59:43:b5:af:70:44:65:c9:f7:32:81:cd:7e:60:25: 87:ca:27:87:30:eb:f9:a1:eb:a6:d3:57:a7:eb:fa: 09:5e:b1:59:0e:bf:41:b8:50:54:ba:c4:fa:4c:0e: 90:13:3e:2c:ae:e1:ae:25:9d:1f:73:76:9f:bf:3c: f4:c6:70:b3:8a:18:02:e1:15:a8:f6:61:cf:af:d8: 43:4a:1d:ab:d7:94:36:b3:f2:9d:83:6e:ce:e6:08: 95:06:d9:e6:67:03:d8:9a:22:7a:dd:1b:79:ca:3b: 46:8a:80:be:4b:87:46:2f:5f:5f:82:d7:8f:42:e3: 26:e5:88:63:7e:0f:fc:26:99:ea:83:8c:f8:dc:3e: 67:75:44:ac:07:f9:56:c5:a8:10:d3:e0:fc:ac:09: 64:ba:ee:9c:ab:e6:10:d5:f8:f6:da:4f:6f:27:ef: be:d3:68:48:a8:4b:10:3c:63:4b:22:11:93:e3:8e: 2c:de:91:4b:bc:d9:f4:20:a8:0d:49:00:a5:d1:16: 07:25:d7:b9:a9:3b:90:e0:6c:af:b0:92:ea:37:fc: 6d:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:1B:C4:C2:72:D5:74:7A:7B:32:11:90:E1:97:71:EE:52:B2:7A:A7 X509v3 Authority Key Identifier: keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/_xvEwnLVdHp7MhGQ4Zdx7lKyeqc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.189.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:e8:1f:2e:ae:3a:6b:45:68:5d:54:a1:9b:fe:97:c0:7c:3c: ce:d2:06:86:d5:25:cb:77:46:91:38:2d:7f:76:bf:c8:e5:85: 68:80:21:d4:db:bd:66:be:88:0d:e1:4c:cf:3e:cc:19:f2:e1: 34:05:65:d5:4d:fc:9f:63:64:34:0e:52:3e:68:1a:07:af:0f: d5:28:bd:d4:d1:76:c1:75:3d:d9:67:87:94:13:8f:69:7e:f7: 82:cb:52:2e:7e:d3:8f:65:63:39:4a:c4:f8:59:44:5b:99:5f: 54:e8:ec:fc:df:d2:3a:a0:a7:e6:0a:09:cc:19:ad:bf:62:81: 93:62:42:36:21:f0:41:bd:31:ff:b1:c9:28:b8:50:75:ca:8a: f7:06:3c:8f:10:e9:ae:41:45:d7:67:45:45:f3:82:07:af:c8: e4:7e:14:b1:62:0d:4d:c8:78:47:6d:8a:d9:1f:49:45:09:36: cb:ee:45:d4:a6:db:b4:a2:97:15:01:d4:3a:0d:8f:58:61:73: c8:ad:09:1d:22:f2:40:eb:6e:78:db:7e:71:6b:cf:e1:4e:e9: b6:85:d3:f2:7b:51:7e:fc:da:44:9a:09:bb:97:db:c4:c2:87: 1d:92:81:97:e7:16:9b:3c:a3:00:5e:84:d9:17:57:21:fa:3e: 85:3f:cd:a9 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICDYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2 QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yNTA4MjIw ODU4MTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEZGMUJDNEMyNzJENTc0 N0E3QjMyMTE5MEUxOTc3MUVFNTJCMjdBQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFFWxUplqr8ALEjSnK6q4fHeyoA6yAf68LyZnlXZlFEUQb7kDJ TXlQzeNmcFlDta9wRGXJ9zKBzX5gJYfKJ4cw6/mh66bTV6fr+glesVkOv0G4UFS6 xPpMDpATPiyu4a4lnR9zdp+/PPTGcLOKGALhFaj2Yc+v2ENKHavXlDaz8p2Dbs7m CJUG2eZnA9iaInrdG3nKO0aKgL5Lh0YvX1+C149C4ybliGN+D/wmmeqDjPjcPmd1 RKwH+VbFqBDT4PysCWS67pyr5hDV+PbaT28n777TaEioSxA8Y0siEZPjjizekUu8 2fQgqA1JAKXRFgcl17mpO5DgbK+wkuo3/G2xAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQU/xvEwnLVdHp7MhGQ4Zdx7lKyeqcwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4 TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL194dkV3bkxWZEhw N01oR1E0WmR4N2xLeWVxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50 d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABne70wDQYJKoZIhvcNAQELBQADggEBAHroHy6uOmtFaF1UoZv+l8B8PM7S BobVJct3RpE4LX92v8jlhWiAIdTbvWa+iA3hTM8+zBny4TQFZdVN/J9jZDQOUj5o GgevD9UovdTRdsF1Pdlnh5QTj2l+94LLUi5+049lYzlKxPhZRFuZX1To7Pzf0jqg p+YKCcwZrb9igZNiQjYh8EG9Mf+xySi4UHXKivcGPI8Q6a5BRddnRUXzggevyOR+ FLFiDU3IeEdtitkfSUUJNsvuRdSm27SilxUB1DoNj1hhc8itCR0i8kDrbnjbfnFr z+FO6baF0/J7UX782kSaCbuX28TChx2SgZfnFps8owBehNkXVyH6PoU/zak= -----END CERTIFICATE-----Generated at Sun Aug 24 05:45:11 2025 by rpki-client