$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/znCb8W5F6-UOjdbjuaZlYGpqh0o.roa File: znCb8W5F6-UOjdbjuaZlYGpqh0o.roa (raw, json) Hash identifier: jZA87JJjZMJ+HMHXR6zDlIT8nkw0wSuaWFIFiSN6zDE= Subject key identifier: CE:70:9B:F1:6E:45:EB:E5:0E:8D:D6:E3:B9:A6:65:60:6A:6A:87:4A Certificate issuer: /CN=A082F5D992E6BC25E08997538616180702E857C3 Certificate serial: 0506 Authority key identifier: A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/znCb8W5F6-UOjdbjuaZlYGpqh0o.roa Signing time: Fri 22 Aug 2025 09:04:03 +0000 ROA not before: Fri 22 Aug 2025 09:04:03 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38839 IP address blocks: 2406:d7c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1286 (0x506) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A082F5D992E6BC25E08997538616180702E857C3 Validity Not Before: Aug 22 09:04:03 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CE709BF16E45EBE50E8DD6E3B9A665606A6A874A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:62:36:73:3a:0b:af:d3:c5:a4:c8:62:54:01: 8f:52:b9:be:4d:50:ac:6d:75:8b:81:e3:90:4a:ce: a6:b1:28:82:1b:e7:5e:0d:18:78:4e:e7:b4:1f:a5: 59:cb:89:22:a9:7c:77:bc:f7:99:18:4a:e8:a1:51: 81:a3:54:a7:b5:f6:92:1f:82:6a:77:60:b5:9b:4d: 12:db:41:08:2b:36:42:78:93:91:7d:0f:be:02:70: 1c:9e:d2:15:94:29:c6:26:14:91:59:c8:07:76:80: e9:85:99:c5:25:39:ba:50:2e:92:57:c6:af:11:c8: 2c:98:be:b6:9a:55:ed:cd:06:64:79:68:c9:c3:ba: cd:67:4c:9f:d8:10:3b:21:b4:ec:04:57:38:f2:11: 50:89:85:0d:7b:b9:99:ac:14:78:99:09:e5:37:37: f0:34:c4:5e:4c:23:0b:37:9f:c7:dc:05:e1:7b:66: a1:fc:e9:2a:98:be:0a:65:d5:6f:99:32:c7:83:fa: 50:2a:ab:70:2b:94:b9:c0:80:2f:e8:7e:d2:93:4f: 88:43:21:02:0a:fa:79:de:19:65:86:15:bd:5c:a3: dc:6f:41:87:cc:4f:fb:70:d6:6e:b3:0f:f8:5b:0d: 28:9b:e2:94:f9:27:b9:b6:c0:13:c4:2b:c3:d0:97: 2c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:70:9B:F1:6E:45:EB:E5:0E:8D:D6:E3:B9:A6:65:60:6A:6A:87:4A X509v3 Authority Key Identifier: keyid:A0:82:F5:D9:92:E6:BC:25:E0:89:97:53:86:16:18:07:02:E8:57:C3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/oIL12ZLmvCXgiZdThhYYBwLoV8M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/oIL12ZLmvCXgiZdThhYYBwLoV8M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CSPTEK/znCb8W5F6-UOjdbjuaZlYGpqh0o.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:d7c0::/32 Signature Algorithm: sha256WithRSAEncryption 5a:7d:bc:49:c9:15:60:c4:13:76:50:87:ea:c6:52:52:44:5b: 22:fa:de:1e:0c:ed:c6:86:90:79:03:60:d8:45:a4:59:76:72: 52:d7:2f:29:f9:11:e7:39:e0:b0:74:ab:b6:c0:7c:62:22:ee: 67:0b:48:07:1c:b0:d7:ee:3d:79:8d:2b:76:51:87:7d:78:0c: c9:9e:29:e9:f2:21:26:a0:5c:1e:ac:b3:fe:05:55:a2:df:ba: 2c:30:4b:b4:58:27:e6:80:cb:27:f2:b1:7c:66:c7:37:9a:91: ae:af:65:5a:5c:3e:c2:9b:96:f5:ce:80:04:fc:db:e1:7a:57: 8e:1b:13:c8:fe:77:88:ff:f0:ee:bf:54:be:98:11:56:26:67: 01:8c:6f:35:ee:73:21:32:af:49:9b:1e:cc:dd:2f:de:16:f7: 5b:6c:36:28:4a:bb:e2:34:d0:75:01:c8:c4:08:2f:6a:34:5d: 6a:b9:8d:92:bb:da:b0:e8:f3:dc:4c:9c:87:09:2b:b5:cc:3f: 4f:fd:2b:00:0b:ef:31:84:bb:6c:44:79:ab:51:cb:49:68:4d: fb:4b:0a:0b:81:40:4d:48:f4:9d:19:a6:a9:52:ce:e4:20:68: 26:d2:6f:d4:6c:24:4a:fb:eb:14:c2:ea:da:ff:aa:0b:70:0d: 7d:2f:35:c6 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICBQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTA4 MkY1RDk5MkU2QkMyNUUwODk5NzUzODYxNjE4MDcwMkU4NTdDMzAeFw0yNTA4MjIw OTA0MDNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENFNzA5QkYxNkU0NUVC RTUwRThERDZFM0I5QTY2NTYwNkE2QTg3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDuYjZzOguv08WkyGJUAY9Sub5NUKxtdYuB45BKzqaxKIIb514N GHhO57QfpVnLiSKpfHe895kYSuihUYGjVKe19pIfgmp3YLWbTRLbQQgrNkJ4k5F9 D74CcBye0hWUKcYmFJFZyAd2gOmFmcUlObpQLpJXxq8RyCyYvraaVe3NBmR5aMnD us1nTJ/YEDshtOwEVzjyEVCJhQ17uZmsFHiZCeU3N/A0xF5MIws3n8fcBeF7ZqH8 6SqYvgpl1W+ZMseD+lAqq3ArlLnAgC/oftKTT4hDIQIK+nneGWWGFb1co9xvQYfM T/tw1m6zD/hbDSib4pT5J7m2wBPEK8PQlyynAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUznCb8W5F6+UOjdbjuaZlYGpqh0owHwYDVR0jBBgwFoAUoIL12ZLmvCXgiZdT hhYYBwLoV8MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVL L29JTDEyWkxtdkNYZ2laZFRoaFlZQndMb1Y4TS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0Evb0lMMTJaTG12Q1hnaVpkVGhoWVlCd0xvVjhNLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1NQVEVLL3puQ2I4VzVGNi1VT2pkYmp1 YVpsWUdwcWgwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk BtfAMA0GCSqGSIb3DQEBCwUAA4IBAQBafbxJyRVgxBN2UIfqxlJSRFsi+t4eDO3G hpB5A2DYRaRZdnJS1y8p+RHnOeCwdKu2wHxiIu5nC0gHHLDX7j15jSt2UYd9eAzJ ninp8iEmoFwerLP+BVWi37osMEu0WCfmgMsn8rF8Zsc3mpGur2VaXD7Cm5b1zoAE /NvheleOGxPI/neI//Duv1S+mBFWJmcBjG817nMhMq9Jmx7M3S/eFvdbbDYoSrvi NNB1AcjECC9qNF1quY2Su9qw6PPcTJyHCSu1zD9P/SsAC+8xhLtsRHmrUctJaE37 SwoLgUBNSPSdGaapUs7kIGgm0m/UbCRK++sUwura/6oLcA19LzXG -----END CERTIFICATE-----Generated at Sun Aug 24 09:41:56 2025 by rpki-client