$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CJME/iSwRk6JX6sq0zUYdAiJaQJwTSNU.roa File: iSwRk6JX6sq0zUYdAiJaQJwTSNU.roa (raw, json) Hash identifier: ZfvLyZSU7HOwGerGgBmUBGoPowZcffgpfXRcA2OibPk= Subject key identifier: 89:2C:11:93:A2:57:EA:CA:B4:CD:46:1D:02:22:5A:40:9C:13:48:D5 Certificate issuer: /CN=E214623FD129CB972740D391DAF39196F2ADF2BD Certificate serial: 0160 Authority key identifier: E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/iSwRk6JX6sq0zUYdAiJaQJwTSNU.roa Signing time: Fri 22 Aug 2025 09:01:40 +0000 ROA not before: Fri 22 Aug 2025 09:01:40 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 63897 IP address blocks: 157.20.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 352 (0x160) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E214623FD129CB972740D391DAF39196F2ADF2BD Validity Not Before: Aug 22 09:01:40 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=892C1193A257EACAB4CD461D02225A409C1348D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:18:8e:f1:26:14:91:fb:4c:07:7e:53:0c:7d: 45:29:f9:84:80:58:83:c7:de:1e:7d:8e:41:1f:62: 0d:90:64:09:44:ed:f2:d2:c8:04:88:aa:8a:3d:b2: 6a:fc:21:fb:64:dd:d6:18:50:7d:f4:eb:e4:ce:d2: 9d:e6:20:9d:3e:f3:16:79:8f:69:42:d1:f6:67:14: 98:29:16:64:83:e3:f8:d8:64:9d:f0:73:f6:a6:c8: d1:6f:05:04:70:00:e9:a0:8a:0c:73:74:43:10:03: 3b:21:41:89:ed:d3:f6:b6:0b:bb:01:bc:ca:cc:0f: 77:8d:ce:7f:27:c7:b5:ca:4e:72:fd:00:27:bb:c6: 4b:53:e3:eb:98:44:37:93:73:b6:3f:c7:de:19:4e: a4:f5:8e:39:9c:34:e4:8d:97:9c:df:55:23:7a:b1: 9c:bc:0b:8d:50:2e:3f:0b:0d:e8:74:1f:66:24:a0: b6:bb:09:b6:3c:e1:ad:f4:85:88:b7:42:b8:97:e1: 3c:dd:f9:3e:a2:41:08:87:56:30:a7:3b:f6:55:7e: aa:f4:2a:14:5c:8e:b6:6e:41:a6:cb:56:f8:ab:e0: d8:ff:0e:cc:a1:04:a4:b1:3f:3c:7b:20:7f:93:24: eb:0e:26:8e:34:ac:be:b4:56:a4:24:5c:59:4a:5e: 9d:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:2C:11:93:A2:57:EA:CA:B4:CD:46:1D:02:22:5A:40:9C:13:48:D5 X509v3 Authority Key Identifier: keyid:E2:14:62:3F:D1:29:CB:97:27:40:D3:91:DA:F3:91:96:F2:AD:F2:BD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/4hRiP9Epy5cnQNOR2vORlvKt8r0.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4hRiP9Epy5cnQNOR2vORlvKt8r0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CJME/iSwRk6JX6sq0zUYdAiJaQJwTSNU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.199.0/24 Signature Algorithm: sha256WithRSAEncryption 34:f8:76:7a:cb:eb:f5:bc:9d:95:57:20:09:33:a4:c0:d1:2a: 6c:a6:02:e1:16:88:3e:cd:60:7a:4f:f2:a2:4f:5f:4a:44:58: 72:5c:8f:a9:ff:8b:fa:16:69:10:fb:7b:95:ad:3d:3f:e7:25: 61:f1:a7:98:b9:99:85:9f:07:61:a9:8b:68:68:8b:e6:f3:26: 8a:2b:40:d8:49:56:8b:38:4e:7e:0f:ef:9d:e5:bf:ec:8d:cf: 84:bd:ff:4f:02:dd:a6:93:81:85:08:01:17:01:1e:6a:75:a2: 57:fd:f2:1d:f8:c4:35:50:46:b6:89:36:cf:e8:97:17:0f:39: 0c:96:4c:c0:11:e4:c6:3c:a4:f3:3b:bf:82:de:49:96:68:05: 63:7c:b8:86:fe:c0:d0:48:de:44:b1:fa:9d:0e:c8:f4:13:f6: 62:40:d5:6a:b8:45:2d:c4:06:46:a5:68:55:61:43:dc:ed:f9: 1d:f5:df:d0:f3:2e:3c:8c:7d:f3:17:f8:e1:1c:01:99:ca:1f: 41:59:30:45:7b:93:0e:fb:4d:44:39:ef:a5:b5:26:d8:4e:d1: a9:f1:13:c4:90:27:4c:76:a2:8f:30:75:71:f1:8b:f6:4e:ae: e3:f0:e1:a6:1b:c7:4a:b2:ee:30:6d:42:da:b7:0c:11:57:a4: aa:49:5c:9d -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTIx NDYyM0ZEMTI5Q0I5NzI3NDBEMzkxREFGMzkxOTZGMkFERjJCRDAeFw0yNTA4MjIw OTAxNDBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg5MkMxMTkzQTI1N0VB Q0FCNENENDYxRDAyMjI1QTQwOUMxMzQ4RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNGI7xJhSR+0wHflMMfUUp+YSAWIPH3h59jkEfYg2QZAlE7fLS yASIqoo9smr8Iftk3dYYUH306+TO0p3mIJ0+8xZ5j2lC0fZnFJgpFmSD4/jYZJ3w c/amyNFvBQRwAOmgigxzdEMQAzshQYnt0/a2C7sBvMrMD3eNzn8nx7XKTnL9ACe7 xktT4+uYRDeTc7Y/x94ZTqT1jjmcNOSNl5zfVSN6sZy8C41QLj8LDeh0H2YkoLa7 CbY84a30hYi3QriX4Tzd+T6iQQiHVjCnO/ZVfqr0KhRcjrZuQabLVvir4Nj/Dsyh BKSxPzx7IH+TJOsOJo40rL60VqQkXFlKXp3pAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUiSwRk6JX6sq0zUYdAiJaQJwTSNUwHwYDVR0jBBgwFoAU4hRiP9Epy5cnQNOR 2vORlvKt8r0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0pNRS80 aFJpUDlFcHk1Y25RTk9SMnZPUmx2S3Q4cjAuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB LzRoUmlQOUVweTVjblFOT1Iydk9SbHZLdDhyMC5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0NKTUUvaVN3Ums2Slg2c3EwelVZZEFpSmFR SndUU05VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UxzAN BgkqhkiG9w0BAQsFAAOCAQEANPh2esvr9bydlVcgCTOkwNEqbKYC4RaIPs1gek/y ok9fSkRYclyPqf+L+hZpEPt7la09P+clYfGnmLmZhZ8HYamLaGiL5vMmiitA2ElW izhOfg/vneW/7I3PhL3/TwLdppOBhQgBFwEeanWiV/3yHfjENVBGtok2z+iXFw85 DJZMwBHkxjyk8zu/gt5JlmgFY3y4hv7A0EjeRLH6nQ7I9BP2YkDVarhFLcQGRqVo VWFD3O35HfXf0PMuPIx98xf44RwBmcofQVkwRXuTDvtNRDnvpbUm2E7RqfETxJAn THaijzB1cfGL9k6u4/DhphvHSrLuMG1C2rcMEVekqklcnQ== -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:36 2025 by rpki-client