$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DAFU/qmlk2d0xQ0X1kqwuG4QTD3u-OHA.roa File: qmlk2d0xQ0X1kqwuG4QTD3u-OHA.roa (raw, json) Hash identifier: 5Quxz30Ou3mZt4snPNir5fbylaf9sNQgLYGgGV0XghE= Subject key identifier: AA:69:64:D9:DD:31:43:45:F5:92:AC:2E:1B:84:13:0F:7B:BE:38:70 Certificate issuer: /CN=F913CB7A44A57D0893D34D8FE9DB1E77EFE6AB1C Certificate serial: 0D Authority key identifier: F9:13:CB:7A:44:A5:7D:08:93:D3:4D:8F:E9:DB:1E:77:EF:E6:AB:1C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-RPLekSlfQiT002P6dsed-_mqxw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DAFU/qmlk2d0xQ0X1kqwuG4QTD3u-OHA.roa Signing time: Fri 03 Oct 2025 07:10:16 +0000 ROA not before: Fri 03 Oct 2025 07:10:16 +0000 ROA not after: Fri 25 Sep 2026 15:30:20 +0000 asID: 134823 IP address blocks: 210.1.235.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DAFU/-RPLekSlfQiT002P6dsed-_mqxw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DAFU/-RPLekSlfQiT002P6dsed-_mqxw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/-RPLekSlfQiT002P6dsed-_mqxw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Oct 2025 17:56:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F913CB7A44A57D0893D34D8FE9DB1E77EFE6AB1C Validity Not Before: Oct 3 07:10:16 2025 GMT Not After : Sep 25 15:30:20 2026 GMT Subject: CN=AA6964D9DD314345F592AC2E1B84130F7BBE3870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4a:a6:7c:38:fc:a1:ad:6f:35:16:5b:ee:71: 8e:19:14:3c:3b:dd:12:ce:d0:c8:40:c7:aa:a6:38: fc:97:3e:68:37:0f:a9:86:35:1f:4e:58:d7:88:f8: 3d:5f:1e:83:de:e8:52:be:24:fa:93:64:a7:bc:23: 93:8a:8c:88:07:e1:06:aa:74:f3:91:58:9b:5b:e5: ba:83:10:c3:b6:65:62:a9:58:0b:be:9b:60:f4:60: 6a:17:72:ea:ea:25:a4:1f:46:1d:e4:d0:b4:2f:2d: fd:97:ad:5f:90:9c:05:ab:4f:4b:98:18:5b:77:0c: b6:15:dd:81:d5:2d:da:7c:7a:78:09:ca:eb:67:1e: 37:4e:75:b9:b3:e4:dd:63:c0:6a:b0:30:d2:39:38: b5:f0:1b:c8:a2:1e:0d:39:d0:62:e6:f8:a5:c4:6b: ba:e6:db:a2:bf:76:a6:b7:3a:45:6f:10:3b:84:7c: 9c:56:f6:af:b7:6c:02:06:bc:0f:7c:40:1e:68:4a: 30:82:5e:f7:d6:63:99:a6:1c:ed:86:e2:7f:8c:c0: dc:13:fb:bd:12:85:ae:49:a7:ac:77:d1:27:a8:d3: 85:a4:96:40:5a:b3:d8:84:b2:24:8d:ad:a2:ac:68: a6:93:ab:5a:51:77:72:d3:6a:37:10:fe:ee:0f:4e: e7:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:69:64:D9:DD:31:43:45:F5:92:AC:2E:1B:84:13:0F:7B:BE:38:70 X509v3 Authority Key Identifier: keyid:F9:13:CB:7A:44:A5:7D:08:93:D3:4D:8F:E9:DB:1E:77:EF:E6:AB:1C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DAFU/-RPLekSlfQiT002P6dsed-_mqxw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-RPLekSlfQiT002P6dsed-_mqxw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DAFU/qmlk2d0xQ0X1kqwuG4QTD3u-OHA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.1.235.0/24 Signature Algorithm: sha256WithRSAEncryption 66:6e:eb:11:68:d1:8f:b7:18:45:e8:5a:f1:51:b8:09:0f:1d: 9a:7f:60:ca:c5:73:93:81:52:6d:ed:7e:f9:7a:f8:c2:8d:9a: 8a:b6:48:85:68:6d:a9:21:b9:4d:1e:91:d7:07:d3:57:fd:2e: 30:7c:67:73:aa:07:a6:f7:47:0d:3f:67:14:fd:d9:c1:4b:8b: 44:d9:d1:b2:dd:b9:fa:0c:78:d9:75:51:f3:f0:22:30:76:7a: 92:97:70:ac:1d:2a:9c:8c:01:3a:d3:47:8e:b6:59:0b:f8:b5: 9e:eb:a3:bf:35:7b:e6:3f:63:11:68:7f:be:32:7d:7f:40:ea: 6f:2e:07:55:62:81:eb:12:f5:b2:ca:99:74:70:0d:8e:85:28: d5:e1:18:0e:66:7f:aa:c9:ca:39:11:ab:e8:69:2d:3f:3c:0e: 29:5f:a2:e2:38:10:a6:8d:9d:d4:b7:98:51:c9:ec:fb:60:a9: ad:03:8a:08:2e:73:9b:f0:88:23:42:c9:23:39:d0:00:07:fa: 43:1d:44:8a:24:55:1c:a6:16:ca:4c:ba:4b:9a:40:02:4b:1e: 5c:a1:41:3c:68:a6:5e:c5:fc:bf:a4:8d:fa:85:2e:10:d6:e6: 36:90:0b:f9:62:55:7c:a5:9a:9b:ee:58:65:36:33:ab:f9:93: 14:f5:46:38 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGOTEz Q0I3QTQ0QTU3RDA4OTNEMzREOEZFOURCMUU3N0VGRTZBQjFDMB4XDTI1MTAwMzA3 MTAxNloXDTI2MDkyNTE1MzAyMFowMzExMC8GA1UEAxMoQUE2OTY0RDlERDMxNDM0 NUY1OTJBQzJFMUI4NDEzMEY3QkJFMzg3MDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMpKpnw4/KGtbzUWW+5xjhkUPDvdEs7QyEDHqqY4/Jc+aDcPqYY1 H05Y14j4PV8eg97oUr4k+pNkp7wjk4qMiAfhBqp085FYm1vluoMQw7ZlYqlYC76b YPRgahdy6uolpB9GHeTQtC8t/ZetX5CcBatPS5gYW3cMthXdgdUt2nx6eAnK62ce N051ubPk3WPAarAw0jk4tfAbyKIeDTnQYub4pcRruubbor92prc6RW8QO4R8nFb2 r7dsAga8D3xAHmhKMIJe99ZjmaYc7Ybif4zA3BP7vRKFrkmnrHfRJ6jThaSWQFqz 2ISyJI2toqxoppOrWlF3ctNqNxD+7g9O538CAwEAAaOCAeowggHmMB0GA1UdDgQW BBSqaWTZ3TFDRfWSrC4bhBMPe744cDAfBgNVHSMEGDAWgBT5E8t6RKV9CJPTTY/p 2x537+arHDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EQUZVLy1S UExla1NsZlFpVDAwMlA2ZHNlZC1fbXF4dy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev LVJQTGVrU2xmUWlUMDAyUDZkc2VkLV9tcXh3LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvREFGVS9xbWxrMmQweFEwWDFrcXd1RzRRVEQz dS1PSEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0gHrMA0G CSqGSIb3DQEBCwUAA4IBAQBmbusRaNGPtxhF6FrxUbgJDx2af2DKxXOTgVJt7X75 evjCjZqKtkiFaG2pIblNHpHXB9NX/S4wfGdzqgem90cNP2cU/dnBS4tE2dGy3bn6 DHjZdVHz8CIwdnqSl3CsHSqcjAE600eOtlkL+LWe66O/NXvmP2MRaH++Mn1/QOpv LgdVYoHrEvWyypl0cA2OhSjV4RgOZn+qyco5EavoaS0/PA4pX6LiOBCmjZ3Ut5hR yez7YKmtA4oILnOb8IgjQskjOdAAB/pDHUSKJFUcphbKTLpLmkACSx5coUE8aKZe xfy/pI36hS4Q1uY2kAv5YlV8pZqb7lhlNjOr+ZMU9UY4 -----END CERTIFICATE-----Generated at Mon Oct 20 15:27:45 2025 by rpki-client