$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/a98XhnO6Mhx-MfmTTXYUfMB4M1U.roa File: a98XhnO6Mhx-MfmTTXYUfMB4M1U.roa (raw, json) Hash identifier: XReIDNhBfQnMnknsx4+1KW8GjeZW/h8DwXY47KwZQlQ= Subject key identifier: 6B:DF:17:86:73:BA:32:1C:7E:31:F9:93:4D:76:14:7C:C0:78:33:55 Certificate issuer: /CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Certificate serial: 03F2 Authority key identifier: AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/a98XhnO6Mhx-MfmTTXYUfMB4M1U.roa Signing time: Fri 22 Aug 2025 08:49:42 +0000 ROA not before: Fri 22 Aug 2025 08:49:42 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38047 IP address blocks: 2400:61a0:a054::/48 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1010 (0x3f2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ABC8439FE19D99B038270208C94B66CA231FFED5 Validity Not Before: Aug 22 08:49:42 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=6BDF178673BA321C7E31F9934D76147CC0783355 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f8:4e:f9:eb:40:d2:3e:56:0f:23:29:36:b1: 05:73:22:58:82:9b:0c:4b:02:c6:08:b3:a0:bb:ac: 9a:95:86:14:be:ca:27:71:18:65:ec:dc:38:ea:79: dc:3f:cb:59:c5:c8:79:03:0a:6d:72:d9:61:62:cc: 27:f9:22:fe:9d:7c:fe:e0:06:d2:72:d3:1d:d6:10: 68:de:3b:ca:7b:fb:5c:69:b4:d7:5f:1f:7d:17:06: 04:f5:f1:a0:e8:a0:db:53:90:f9:da:4e:3c:4f:0f: c4:01:bb:5a:35:f0:2e:09:58:42:07:fe:22:67:85: 6e:20:ed:27:16:bc:bf:88:b0:89:15:16:9f:9d:89: 3b:fe:b2:5e:71:f4:04:60:15:51:b5:60:ca:47:e3: 82:94:00:8b:b3:04:36:52:04:64:93:09:bb:cd:81: fb:ec:25:b1:a8:e1:34:c3:e1:3b:fc:d6:8c:a3:20: 4e:96:62:6e:24:46:f3:92:9c:75:8d:42:52:0b:90: d5:c2:ad:f8:a0:66:58:82:01:ec:85:9a:cf:d3:be: 87:b3:6d:8e:42:af:17:d4:aa:67:fd:c1:bd:d5:db: fc:00:93:60:ef:b5:54:93:7e:6c:30:10:53:64:05: a6:6e:74:24:22:4a:86:9b:7b:bb:bb:f6:66:b8:63: da:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:DF:17:86:73:BA:32:1C:7E:31:F9:93:4D:76:14:7C:C0:78:33:55 X509v3 Authority Key Identifier: keyid:AB:C8:43:9F:E1:9D:99:B0:38:27:02:08:C9:4B:66:CA:23:1F:FE:D5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/q8hDn-GdmbA4JwIIyUtmyiMf_tU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q8hDn-GdmbA4JwIIyUtmyiMf_tU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATEL/a98XhnO6Mhx-MfmTTXYUfMB4M1U.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:61a0:a054::/48 Signature Algorithm: sha256WithRSAEncryption 1f:ad:07:c0:5b:68:37:e1:e4:12:41:cf:71:ca:00:98:00:a8: c0:07:d1:cb:57:0b:53:e6:2c:1e:a1:c9:61:51:9a:85:26:52: 27:bf:6c:ec:79:09:a8:e1:8b:35:f9:60:78:fd:ef:38:33:69: 00:77:36:e8:b1:0e:6a:37:b4:1f:f6:30:a3:e3:17:b7:ab:1f: 93:db:6c:ce:53:24:0b:8a:06:a5:01:e6:e8:07:1e:d1:bd:30: b3:9d:3f:71:a6:36:04:52:5f:c5:96:2a:3c:47:68:ab:e6:39: 04:45:1d:c8:00:25:d4:55:2b:a5:aa:69:77:2a:2e:66:55:c6: ca:c3:f3:90:5f:a5:fe:28:f8:65:52:ae:66:e4:79:45:f7:ff: a3:19:f6:fc:1a:be:25:44:89:bd:7d:36:9c:58:c0:e5:77:3a: 3a:45:8b:a2:9e:93:97:c9:d6:4d:7c:eb:f0:a0:02:dc:6c:38: c2:e0:96:64:8a:27:89:c1:54:19:b1:6a:f4:b0:87:03:53:b1: 11:3c:e4:48:66:03:b8:36:32:f8:be:08:99:3c:30:a5:28:d7: 0b:71:e3:73:b8:97:af:46:0e:5e:9e:60:de:a6:43:e2:45:17: 43:79:b3:6c:2c:5a:60:b7:58:5e:c8:7c:2e:75:5e:c6:e6:65: 89:3a:63:06 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICA/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJD ODQzOUZFMTlEOTlCMDM4MjcwMjA4Qzk0QjY2Q0EyMzFGRkVENTAeFw0yNTA4MjIw ODQ5NDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDZCREYxNzg2NzNCQTMy MUM3RTMxRjk5MzRENzYxNDdDQzA3ODMzNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI+E7560DSPlYPIyk2sQVzIliCmwxLAsYIs6C7rJqVhhS+yidx GGXs3Djqedw/y1nFyHkDCm1y2WFizCf5Iv6dfP7gBtJy0x3WEGjeO8p7+1xptNdf H30XBgT18aDooNtTkPnaTjxPD8QBu1o18C4JWEIH/iJnhW4g7ScWvL+IsIkVFp+d iTv+sl5x9ARgFVG1YMpH44KUAIuzBDZSBGSTCbvNgfvsJbGo4TTD4Tv81oyjIE6W Ym4kRvOSnHWNQlILkNXCrfigZliCAeyFms/TvoezbY5CrxfUqmf9wb3V2/wAk2Dv tVSTfmwwEFNkBaZudCQiSoabe7u79ma4Y9pxAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUa98XhnO6Mhx+MfmTTXYUfMB4M1UwHwYDVR0jBBgwFoAUq8hDn+GdmbA4JwII yUtmyiMf/tUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU RUwvcThoRG4tR2RtYkE0SndJSXlVdG15aU1mX3RVLmNybDBgBggrBgEFBQcBAQRU MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO SUNDQS9xOGhEbi1HZG1iQTRKd0lJeVV0bXlpTWZfdFUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElOQVRFTC9hOThYaG5PNk1oeC1N Zm1UVFhZVWZNQjRNMVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu aWMudHcvcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAJABhoKBUMA0GCSqGSIb3DQEBCwUAA4IBAQAfrQfAW2g34eQSQc9xygCYAKjA B9HLVwtT5iweoclhUZqFJlInv2zseQmo4Ys1+WB4/e84M2kAdzbosQ5qN7Qf9jCj 4xe3qx+T22zOUyQLigalAeboBx7RvTCznT9xpjYEUl/Flio8R2ir5jkERR3IACXU VSulqml3Ki5mVcbKw/OQX6X+KPhlUq5m5HlF9/+jGfb8Gr4lRIm9fTacWMDldzo6 RYuinpOXydZNfOvwoALcbDjC4JZkiieJwVQZsWr0sIcDU7ERPORIZgO4NjL4vgiZ PDClKNcLceNzuJevRg5enmDepkPiRRdDebNsLFpgt1heyHwudV7G5mWJOmMG -----END CERTIFICATE-----Generated at Sun Aug 24 11:53:15 2025 by rpki-client