$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/atr7I7SEQBac2r8sShmfQqo714o.roa File: atr7I7SEQBac2r8sShmfQqo714o.roa (raw, json) Hash identifier: wr73+JptI6VyOsOxPQ43jaQpAFP6f/SZO4Y9ddMRe9k= Subject key identifier: 6A:DA:FB:23:B4:84:40:16:9C:DA:BF:2C:4A:19:9F:42:AA:3B:D7:8A Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Certificate serial: 0D3C Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/atr7I7SEQBac2r8sShmfQqo714o.roa Signing time: Fri 22 Aug 2025 08:58:38 +0000 ROA not before: Fri 22 Aug 2025 08:58:38 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131143 IP address blocks: 2405:3300::/32 maxlen: 96 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3388 (0xd3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5 Validity Not Before: Aug 22 08:58:38 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=6ADAFB23B48440169CDABF2C4A199F42AA3BD78A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a3:4f:5f:fc:13:d6:db:62:84:07:f6:a4:e5: 04:8f:7d:d5:60:72:52:68:35:a5:bb:12:c0:c3:df: be:10:87:39:a1:fb:ec:f8:6c:b8:19:27:db:fa:2d: af:50:8e:56:33:ce:3a:b4:67:06:cb:4e:11:14:5d: 64:7b:a9:d9:e2:86:ca:ad:d0:a1:92:99:3a:07:66: 32:ca:74:cb:e9:5b:8b:5a:a8:8d:4d:b7:f2:18:f4: 11:ea:58:82:6c:6a:46:f4:a9:90:d1:83:37:38:25: b7:bf:6a:8a:f7:f4:d6:96:2f:e0:47:57:8e:d9:37: 72:55:c8:de:ad:12:db:f5:ec:39:05:34:20:aa:0c: b3:74:2b:84:7d:ff:5e:c8:5a:b0:05:19:7d:7b:a5: 83:cf:f9:60:d8:12:35:1e:a9:95:14:9b:ec:10:a1: 11:fb:e9:09:ea:3a:4a:ab:d6:b4:59:42:6b:11:79: 43:4a:49:11:76:39:b4:5e:8a:e8:e6:47:c8:a0:d8: 05:25:a2:e4:b7:ed:89:13:c0:47:3d:14:a3:90:15: 1e:7b:93:47:b6:31:1f:be:05:0d:a1:e7:e3:dd:48: e4:ac:41:dc:c6:ac:f5:26:6c:b2:60:07:63:13:07: d1:f8:4d:d4:47:18:2f:72:42:7a:e9:9e:7b:21:ff: 32:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:DA:FB:23:B4:84:40:16:9C:DA:BF:2C:4A:19:9F:42:AA:3B:D7:8A X509v3 Authority Key Identifier: keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/atr7I7SEQBac2r8sShmfQqo714o.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2405:3300::/32 Signature Algorithm: sha256WithRSAEncryption 26:95:96:bb:52:be:eb:a9:23:b9:7a:73:7c:91:91:14:42:35: 1b:fc:0e:ca:42:2b:40:96:43:75:d2:1d:53:f7:5b:d5:03:22: f2:3a:12:a1:96:84:54:99:16:67:60:21:e9:ef:7a:b0:7c:7b: 84:8f:b1:34:4b:a1:ec:6e:9c:d5:32:70:20:ba:60:b9:01:69: 48:45:5b:3e:ec:5a:3f:73:ef:b4:1f:b6:36:ba:b8:6c:60:df: e3:f5:a7:1a:d3:2c:ce:53:6f:7b:20:be:de:a4:ee:6d:2f:17: a4:6f:5c:6e:81:6c:f7:8a:0c:6b:07:eb:71:1d:ce:6c:58:ad: 84:24:50:c8:b9:15:2a:98:9b:0d:ec:b1:9f:f5:1e:87:2d:09: 3a:98:a8:9c:ea:35:7b:be:04:42:97:21:74:17:31:2c:46:3f: 92:93:43:9a:1e:58:e6:f7:b8:4e:19:41:ff:b4:d2:e2:6e:dc: d2:92:d2:ff:c3:1c:74:c6:ff:a0:15:87:07:89:43:38:e0:30: e2:34:61:74:14:79:4a:48:ba:4d:c4:66:8c:2b:1f:b7:ec:da: d1:c5:52:57:52:fd:b4:4a:7c:25:47:b5:10:ed:a2:d4:c7:2c: d9:e0:ea:2c:59:44:5f:23:81:0a:4e:50:26:66:64:6d:a1:b2: 23:04:bf:f3 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICDTwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yNTA4MjIw ODU4MzhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDZBREFGQjIzQjQ4NDQw MTY5Q0RBQkYyQzRBMTk5RjQyQUEzQkQ3OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwo09f/BPW22KEB/ak5QSPfdVgclJoNaW7EsDD374Qhzmh++z4 bLgZJ9v6La9QjlYzzjq0ZwbLThEUXWR7qdnihsqt0KGSmToHZjLKdMvpW4taqI1N t/IY9BHqWIJsakb0qZDRgzc4Jbe/aor39NaWL+BHV47ZN3JVyN6tEtv17DkFNCCq DLN0K4R9/17IWrAFGX17pYPP+WDYEjUeqZUUm+wQoRH76QnqOkqr1rRZQmsReUNK SRF2ObReiujmR8ig2AUlouS37YkTwEc9FKOQFR57k0e2MR++BQ2h5+PdSOSsQdzG rPUmbLJgB2MTB9H4TdRHGC9yQnrpnnsh/zLZAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUatr7I7SEQBac2r8sShmfQqo714owHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE 1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1QvYXRyN0k3U0VR QmFjMnI4c1NobWZRcW83MTRvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC AAIwBwMFACQFMwAwDQYJKoZIhvcNAQELBQADggEBACaVlrtSvuupI7l6c3yRkRRC NRv8DspCK0CWQ3XSHVP3W9UDIvI6EqGWhFSZFmdgIenverB8e4SPsTRLoexunNUy cCC6YLkBaUhFWz7sWj9z77Qftja6uGxg3+P1pxrTLM5Tb3sgvt6k7m0vF6RvXG6B bPeKDGsH63EdzmxYrYQkUMi5FSqYmw3ssZ/1HoctCTqYqJzqNXu+BEKXIXQXMSxG P5KTQ5oeWOb3uE4ZQf+00uJu3NKS0v/DHHTG/6AVhweJQzjgMOI0YXQUeUpIuk3E ZowrH7fs2tHFUldS/bRKfCVHtRDtotTHLNng6ixZRF8jgQpOUCZmZG2hsiMEv/M= -----END CERTIFICATE-----Generated at Sun Aug 24 11:38:46 2025 by rpki-client