$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/0ZjgYKaI2AjcCjcfvxNGEMDJ_MM.roa File: 0ZjgYKaI2AjcCjcfvxNGEMDJ_MM.roa (raw, json) Hash identifier: qiaasGd+1DFg0kFKrDjHkmf65YIb4IrksSHRkuo/iWI= Subject key identifier: D1:98:E0:60:A6:88:D8:08:DC:0A:37:1F:BF:13:46:10:C0:C9:FC:C3 Certificate issuer: /CN=2855973672B1EED71760C0942C27FD5F7569019C Certificate serial: 0DEA Authority key identifier: 28:55:97:36:72:B1:EE:D7:17:60:C0:94:2C:27:FD:5F:75:69:01:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/0ZjgYKaI2AjcCjcfvxNGEMDJ_MM.roa Signing time: Fri 22 Aug 2025 08:57:07 +0000 ROA not before: Fri 22 Aug 2025 08:57:07 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18046 IP address blocks: 103.234.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3562 (0xdea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2855973672B1EED71760C0942C27FD5F7569019C Validity Not Before: Aug 22 08:57:07 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D198E060A688D808DC0A371FBF134610C0C9FCC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a8:2b:4b:f3:43:07:b6:e2:ae:36:18:89:05: 9c:12:61:09:ae:61:4c:4b:b8:13:06:62:52:71:f9: 84:4d:1c:0f:96:52:9c:1c:3c:6c:29:6a:05:52:96: b7:3e:6d:6b:f6:84:16:18:cc:45:0f:7f:21:5c:9d: eb:e5:4e:8d:a3:f0:b5:8e:dc:38:1a:f6:b6:98:e5: 3a:d1:02:85:0d:a4:5b:6e:99:3f:5a:bb:be:2c:77: ad:7e:66:d0:38:2e:cd:7e:db:e0:17:96:0d:a4:d1: f0:b0:9b:03:4f:d2:a5:57:70:55:d8:ae:ba:1b:f8: 40:1c:0b:d4:df:9a:01:4d:3d:99:82:19:b4:ae:e8: f4:63:af:b4:23:42:1f:48:98:4a:10:31:8b:cb:a2: f2:71:1c:73:96:82:52:8c:dd:0d:9b:3e:94:59:55: 04:95:16:a3:04:30:f2:75:80:a1:fd:6e:dc:92:b8: aa:52:bc:4a:15:ed:f9:7d:9c:c8:22:60:64:82:00: 5d:6b:e9:e4:27:32:9c:b3:f6:64:7f:44:7c:7a:86: 16:20:07:c5:eb:5e:d7:af:0c:85:c4:a4:80:8d:42: 4d:f6:f1:14:d7:69:09:29:89:d5:22:36:cc:c9:c6: fd:a5:82:41:73:d1:ac:56:a2:f5:0c:02:7d:1d:88: 4d:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:98:E0:60:A6:88:D8:08:DC:0A:37:1F:BF:13:46:10:C0:C9:FC:C3 X509v3 Authority Key Identifier: keyid:28:55:97:36:72:B1:EE:D7:17:60:C0:94:2C:27:FD:5F:75:69:01:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/0ZjgYKaI2AjcCjcfvxNGEMDJ_MM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.234.224.0/22 Signature Algorithm: sha256WithRSAEncryption c2:3b:64:11:57:e8:14:37:0f:ac:e2:fc:51:8d:cb:a3:9c:55: 0f:00:4f:df:de:59:4e:84:4d:34:d8:40:8d:c3:22:1c:3a:3c: 01:d4:cf:48:73:aa:28:4c:44:a7:de:ad:46:b4:ac:82:f2:1f: e9:c6:79:60:c1:5e:84:98:2b:e1:cd:3e:21:eb:5a:0e:5e:e6: db:b6:ed:4b:d6:09:70:50:23:69:7f:53:e3:3e:ec:0f:a4:d0: 1f:1d:58:2f:d8:63:e3:b4:1c:05:bc:96:b4:24:1a:c9:18:c8: 5d:30:42:12:f1:59:1d:97:f9:c7:47:10:0e:6c:50:70:e1:3f: 57:41:7d:a9:99:3c:6d:87:45:4a:04:65:8b:5b:28:34:75:ef: 54:77:dc:68:0a:14:e3:79:c5:f8:16:51:1b:2a:da:e3:92:53: 44:62:59:fb:a0:4a:bb:48:cf:98:ca:a2:a3:9e:f7:bc:5d:de: cf:c2:0e:ba:40:ec:fa:10:51:c0:9b:ff:b0:69:dd:81:7c:86: 97:1a:8a:81:1f:81:a7:a5:c6:2b:ef:9f:84:5d:54:a4:07:6e: ec:4a:a6:28:04:e1:08:ed:69:c4:b7:2e:0f:7d:a4:50:a4:d4: d7:c0:18:48:b3:b0:20:10:e3:ce:b6:0c:10:f0:06:83:bc:e1: 23:f0:48:89 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjg1 NTk3MzY3MkIxRUVENzE3NjBDMDk0MkMyN0ZENUY3NTY5MDE5QzAeFw0yNTA4MjIw ODU3MDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQxOThFMDYwQTY4OEQ4 MDhEQzBBMzcxRkJGMTM0NjEwQzBDOUZDQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgqCtL80MHtuKuNhiJBZwSYQmuYUxLuBMGYlJx+YRNHA+WUpwc PGwpagVSlrc+bWv2hBYYzEUPfyFcnevlTo2j8LWO3Dga9raY5TrRAoUNpFtumT9a u74sd61+ZtA4Ls1+2+AXlg2k0fCwmwNP0qVXcFXYrrob+EAcC9TfmgFNPZmCGbSu 6PRjr7QjQh9ImEoQMYvLovJxHHOWglKM3Q2bPpRZVQSVFqMEMPJ1gKH9btySuKpS vEoV7fl9nMgiYGSCAF1r6eQnMpyz9mR/RHx6hhYgB8XrXtevDIXEpICNQk328RTX aQkpidUiNszJxv2lgkFz0axWovUMAn0diE0pAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU0ZjgYKaI2AjcCjcfvxNGEMDJ/MMwHwYDVR0jBBgwFoAUKFWXNnKx7tcXYMCU LCf9X3VpAZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hVQU4t Q0hBTi9LRldYTm5LeDd0Y1hZTUNVTENmOVgzVnBBWncuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL0tGV1hObkt4N3RjWFlNQ1VMQ2Y5WDNWcEFady5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NIVUFOLUNIQU4vMFpqZ1lLYUky QWpjQ2pjZnZ4TkdFTURKX01NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAmfq4DANBgkqhkiG9w0BAQsFAAOCAQEAwjtkEVfoFDcPrOL8UY3Lo5xV DwBP395ZToRNNNhAjcMiHDo8AdTPSHOqKExEp96tRrSsgvIf6cZ5YMFehJgr4c0+ IetaDl7m27btS9YJcFAjaX9T4z7sD6TQHx1YL9hj47QcBbyWtCQayRjIXTBCEvFZ HZf5x0cQDmxQcOE/V0F9qZk8bYdFSgRli1soNHXvVHfcaAoU43nF+BZRGyra45JT RGJZ+6BKu0jPmMqio573vF3ez8IOukDs+hBRwJv/sGndgXyGlxqKgR+Bp6XGK++f hF1UpAdu7EqmKAThCO1pxLcuD32kUKTU18AYSLOwIBDjzrYMEPAGg7zhI/BIiQ== -----END CERTIFICATE-----Generated at Sun Aug 24 05:08:12 2025 by rpki-client