$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/02Wxy1cQACTIEvEhl_sREhu84hE.roa File: 02Wxy1cQACTIEvEhl_sREhu84hE.roa (raw, json) Hash identifier: ZbPLJgAEmZnLFnXy75z/nNFeien/ggjBoHaZ8IAGjk8= Subject key identifier: D3:65:B1:CB:57:10:00:24:C8:12:F1:21:97:FB:11:12:1B:BC:E2:11 Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Certificate serial: 0D64 Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/02Wxy1cQACTIEvEhl_sREhu84hE.roa Signing time: Fri 22 Aug 2025 08:56:54 +0000 ROA not before: Fri 22 Aug 2025 08:56:54 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131629 IP address blocks: 103.119.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3428 (0xd64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807 Validity Not Before: Aug 22 08:56:54 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D365B1CB57100024C812F12197FB11121BBCE211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:4d:d0:f7:23:3d:76:81:c6:25:4a:db:17:07: 54:72:eb:aa:9f:63:60:88:b7:05:e5:d7:e5:b2:74: ca:7f:d6:07:36:21:51:4a:c2:e3:00:9f:c2:61:d7: 87:93:50:0d:aa:82:29:d0:a2:a3:24:74:44:57:72: 8f:9e:10:ef:5c:59:95:e1:8c:32:35:7e:be:56:2f: e7:0d:b3:9d:16:21:38:56:1f:b2:a6:aa:8d:11:4b: 80:65:95:df:f4:72:6b:e7:a0:b7:e3:86:86:44:f7: 56:c8:b9:0e:67:41:ac:2c:e5:65:b3:e8:ce:3e:4c: 49:b9:29:e3:df:34:6c:49:15:2a:b3:e6:ad:0e:58: 78:1f:60:ea:ab:11:b3:f2:c4:0d:3d:4b:a2:c1:10: bb:14:b9:62:46:8c:1b:41:5a:23:9a:a2:7c:45:dd: 6c:02:13:38:05:3e:b7:92:0f:dd:62:e4:ca:8a:7a: 0e:17:1b:85:d5:43:88:25:b0:c6:44:e8:6f:b9:14: 03:b7:a7:ce:3e:a7:bc:02:74:d1:aa:ee:f1:b8:b1: 59:ac:bb:8f:98:20:e3:30:9a:33:3f:08:f0:e0:cc: 24:0b:37:c4:79:ed:6b:3d:f9:52:98:11:e3:4d:72: 4e:5e:76:3f:e9:3e:7d:8f:03:0d:04:55:7d:e4:43: 59:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:65:B1:CB:57:10:00:24:C8:12:F1:21:97:FB:11:12:1B:BC:E2:11 X509v3 Authority Key Identifier: keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/02Wxy1cQACTIEvEhl_sREhu84hE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.119.212.0/22 Signature Algorithm: sha256WithRSAEncryption 02:72:e6:7c:f0:03:a6:66:db:c1:c4:97:e3:16:7e:2a:f3:d8: e8:b0:f1:ff:84:cb:a2:69:95:53:2c:b7:a7:cc:14:2e:cb:c4: 34:05:37:38:31:28:22:97:39:8d:01:fc:43:46:7d:ac:44:c7: 2c:f5:ef:53:77:5e:cf:9c:dc:a6:4e:02:8a:d5:a5:56:21:9d: be:bd:84:47:64:59:40:02:c4:5b:cb:89:c0:be:9a:30:bc:a6: 6d:aa:a1:1e:7c:3e:5c:7d:b3:4e:17:fa:fc:f4:ce:00:d7:da: 0b:55:23:eb:3d:fd:47:e9:85:bf:05:50:9d:97:8b:bb:2c:b8: 23:ee:f8:28:31:ef:e9:54:24:e6:be:eb:c4:87:ae:28:42:07: c9:28:e9:a7:cc:cc:77:a1:bc:de:5e:97:13:2a:8b:d8:f5:d7: d6:de:33:ac:8e:88:16:14:76:a4:b7:b2:39:a3:2c:f5:23:42: 25:f6:86:8b:8f:02:c7:38:1c:d2:89:00:53:a7:80:9f:e2:d1: 47:1c:46:fa:46:56:eb:a5:9b:3a:11:27:e3:d3:ea:89:8f:20: ac:ec:37:7b:4e:2d:7c:db:26:ce:97:57:5c:b3:cf:6f:16:35: 44:e9:fd:9d:35:b0:06:15:a0:40:79:e9:28:2e:50:ec:98:7c: ea:d9:62:ba -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDWQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTA4MjIw ODU2NTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQzNjVCMUNCNTcxMDAw MjRDODEyRjEyMTk3RkIxMTEyMUJCQ0UyMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcTdD3Iz12gcYlStsXB1Ry66qfY2CItwXl1+WydMp/1gc2IVFK wuMAn8Jh14eTUA2qginQoqMkdERXco+eEO9cWZXhjDI1fr5WL+cNs50WIThWH7Km qo0RS4Blld/0cmvnoLfjhoZE91bIuQ5nQaws5WWz6M4+TEm5KePfNGxJFSqz5q0O WHgfYOqrEbPyxA09S6LBELsUuWJGjBtBWiOaonxF3WwCEzgFPreSD91i5MqKeg4X G4XVQ4glsMZE6G+5FAO3p84+p7wCdNGq7vG4sVmsu4+YIOMwmjM/CPDgzCQLN8R5 7Ws9+VKYEeNNck5edj/pPn2PAw0EVX3kQ1lfAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU02Wxy1cQACTIEvEhl/sREhu84hEwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvMDJXeHkxY1FBQ1RJRXZF aGxfc1JFaHU4NGhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Amd31DANBgkqhkiG9w0BAQsFAAOCAQEAAnLmfPADpmbbwcSX4xZ+KvPY6LDx/4TL ommVUyy3p8wULsvENAU3ODEoIpc5jQH8Q0Z9rETHLPXvU3dez5zcpk4CitWlViGd vr2ER2RZQALEW8uJwL6aMLymbaqhHnw+XH2zThf6/PTOANfaC1Uj6z39R+mFvwVQ nZeLuyy4I+74KDHv6VQk5r7rxIeuKEIHySjpp8zMd6G83l6XEyqL2PXX1t4zrI6I FhR2pLeyOaMs9SNCJfaGi48Cxzgc0okAU6eAn+LRRxxG+kZW66WbOhEn49PqiY8g rOw3e04tfNsmzpdXXLPPbxY1ROn9nTWwBhWgQHnpKC5Q7Jh86tliug== -----END CERTIFICATE-----Generated at Sun Aug 24 11:07:18 2025 by rpki-client