$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/ytn5I1SVwVQsYVmFyKrWtatnk4Y.roa File: ytn5I1SVwVQsYVmFyKrWtatnk4Y.roa (raw, json) Hash identifier: EYUcqgV/yioau/JCcrMK1W3D6iDzCubwkzku5fj31m0= Subject key identifier: CA:D9:F9:23:54:95:C1:54:2C:61:59:85:C8:AA:D6:B5:AB:67:93:86 Certificate issuer: /CN=2855973672B1EED71760C0942C27FD5F7569019C Certificate serial: 0DE5 Authority key identifier: 28:55:97:36:72:B1:EE:D7:17:60:C0:94:2C:27:FD:5F:75:69:01:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/ytn5I1SVwVQsYVmFyKrWtatnk4Y.roa Signing time: Fri 22 Aug 2025 08:57:07 +0000 ROA not before: Fri 22 Aug 2025 08:57:07 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18046 IP address blocks: 121.50.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3557 (0xde5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2855973672B1EED71760C0942C27FD5F7569019C Validity Not Before: Aug 22 08:57:07 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CAD9F9235495C1542C615985C8AAD6B5AB679386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:4b:b8:86:3e:b2:24:81:a6:5e:b2:31:e4:a1: 69:a0:4d:3b:0e:b2:bc:48:30:a0:7d:08:a0:d8:59: c3:81:14:e9:eb:86:c6:c8:69:8e:57:39:b1:b0:7c: 79:d1:35:46:9d:e6:93:1b:3b:ee:97:a0:b3:f1:5b: db:98:d0:f0:52:27:63:e5:8b:03:18:ba:6c:12:50: 06:62:78:4c:53:ca:a1:34:64:55:1f:56:e2:c8:b7: 07:de:56:5a:81:46:6f:23:63:92:04:2f:6d:f6:6a: 4b:3a:90:37:34:4e:fd:86:83:2c:7e:d6:4d:84:2e: 83:bd:33:db:66:af:14:15:00:e5:9d:4d:64:79:27: 02:fe:cd:53:e0:ee:e3:0a:53:c8:9e:1e:33:cc:8d: 96:47:43:ff:32:ea:78:43:bd:6b:3f:9f:48:d9:aa: ec:77:71:9e:fe:ee:41:58:57:2f:40:17:74:5d:35: bb:38:0c:f1:b3:25:95:89:b6:b7:31:d1:7d:a8:2e: 73:20:ff:c1:0f:8d:8f:ff:6d:13:76:6f:20:a3:09: 60:49:8e:ab:8a:3f:a4:9a:7f:92:1d:ce:3f:ff:f6: 56:41:e5:f0:10:50:f4:24:a4:9e:8f:69:57:03:2a: a2:c5:e8:a4:fe:bf:35:03:92:78:6c:89:7a:e4:49: c4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:D9:F9:23:54:95:C1:54:2C:61:59:85:C8:AA:D6:B5:AB:67:93:86 X509v3 Authority Key Identifier: keyid:28:55:97:36:72:B1:EE:D7:17:60:C0:94:2C:27:FD:5F:75:69:01:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/KFWXNnKx7tcXYMCULCf9X3VpAZw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KFWXNnKx7tcXYMCULCf9X3VpAZw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHUAN-CHAN/ytn5I1SVwVQsYVmFyKrWtatnk4Y.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 121.50.176.0/20 Signature Algorithm: sha256WithRSAEncryption b9:de:c1:aa:39:a4:17:27:85:15:d6:08:dc:93:32:2a:d4:df: ce:ea:96:5b:6e:6a:96:a0:b3:90:87:c8:fd:68:c0:d0:7a:ba: 08:d7:a9:0e:90:9e:0a:d6:92:5d:0a:d5:75:22:93:36:2b:01: 90:63:1d:62:6d:e1:d9:83:cf:f8:9a:af:8b:2e:24:38:77:d0: b8:ba:3c:52:a7:e8:d9:27:ea:1a:37:03:74:f1:ec:79:c4:81: a9:2d:4d:d9:05:f6:2c:46:28:45:94:c0:3c:d4:28:64:67:1e: d4:53:b7:da:46:0d:84:e5:ca:46:36:c6:d8:98:1b:3d:02:66: 67:70:6e:33:84:b0:68:4a:b8:6c:74:41:cf:f8:da:25:3a:36: 6d:1a:93:74:95:23:40:70:da:32:a3:bd:f6:4d:85:52:8a:c7: 6a:74:d3:aa:7a:67:02:2e:d1:e9:14:a0:07:20:bc:a2:e7:19: 5d:5e:8a:cd:f2:0a:bd:ed:6e:37:69:72:9d:e8:f6:bb:9e:5d: 49:5e:4c:1d:98:88:db:c7:7b:43:a8:fe:99:7d:48:d7:b3:ef: 26:f7:8b:d9:0b:55:ae:81:12:e5:54:3d:7a:f8:54:d0:cc:d0: 0c:aa:d8:0b:a7:b4:49:67:48:67:6c:c0:11:31:19:0a:a0:21: dd:03:40:4b -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICDeUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjg1 NTk3MzY3MkIxRUVENzE3NjBDMDk0MkMyN0ZENUY3NTY5MDE5QzAeFw0yNTA4MjIw ODU3MDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENBRDlGOTIzNTQ5NUMx NTQyQzYxNTk4NUM4QUFENkI1QUI2NzkzODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIS7iGPrIkgaZesjHkoWmgTTsOsrxIMKB9CKDYWcOBFOnrhsbI aY5XObGwfHnRNUad5pMbO+6XoLPxW9uY0PBSJ2PliwMYumwSUAZieExTyqE0ZFUf VuLItwfeVlqBRm8jY5IEL232aks6kDc0Tv2Ggyx+1k2ELoO9M9tmrxQVAOWdTWR5 JwL+zVPg7uMKU8ieHjPMjZZHQ/8y6nhDvWs/n0jZqux3cZ7+7kFYVy9AF3RdNbs4 DPGzJZWJtrcx0X2oLnMg/8EPjY//bRN2byCjCWBJjquKP6Saf5Idzj//9lZB5fAQ UPQkpJ6PaVcDKqLF6KT+vzUDknhsiXrkScSTAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUytn5I1SVwVQsYVmFyKrWtatnk4YwHwYDVR0jBBgwFoAUKFWXNnKx7tcXYMCU LCf9X3VpAZwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hVQU4t Q0hBTi9LRldYTm5LeDd0Y1hZTUNVTENmOVgzVnBBWncuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL0tGV1hObkt4N3RjWFlNQ1VMQ2Y5WDNWcEFady5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NIVUFOLUNIQU4veXRuNUkxU1Z3 VlFzWVZtRnlLcld0YXRuazRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEBHkysDANBgkqhkiG9w0BAQsFAAOCAQEAud7BqjmkFyeFFdYI3JMyKtTf zuqWW25qlqCzkIfI/WjA0Hq6CNepDpCeCtaSXQrVdSKTNisBkGMdYm3h2YPP+Jqv iy4kOHfQuLo8Uqfo2SfqGjcDdPHsecSBqS1N2QX2LEYoRZTAPNQoZGce1FO32kYN hOXKRjbG2JgbPQJmZ3BuM4SwaEq4bHRBz/jaJTo2bRqTdJUjQHDaMqO99k2FUorH anTTqnpnAi7R6RSgByC8oucZXV6KzfIKve1uN2lynej2u55dSV5MHZiI28d7Q6j+ mX1I17PvJveL2QtVroES5VQ9evhU0MzQDKrYC6e0SWdIZ2zAETEZCqAh3QNASw== -----END CERTIFICATE-----Generated at Sun Aug 24 05:09:44 2025 by rpki-client