$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/0J4QgNYkoU7V1k7qNM-t3v04ZLs.roa File: 0J4QgNYkoU7V1k7qNM-t3v04ZLs.roa (raw, json) Hash identifier: BW4oROUm6fEtjDfPz49L80iovHKj795S6n+xrzlEl88= Subject key identifier: D0:9E:10:80:D6:24:A1:4E:D5:D6:4E:EA:34:CF:AD:DE:FD:38:64:BB Certificate issuer: /CN=F72B8D549DE8BBC6DE02456C670D1B1A05AFE80E Certificate serial: 03D9 Authority key identifier: F7:2B:8D:54:9D:E8:BB:C6:DE:02:45:6C:67:0D:1B:1A:05:AF:E8:0E Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/9yuNVJ3ou8beAkVsZw0bGgWv6A4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/0J4QgNYkoU7V1k7qNM-t3v04ZLs.roa Signing time: Fri 22 Aug 2025 09:01:46 +0000 ROA not before: Fri 22 Aug 2025 09:01:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 63893 IP address blocks: 103.180.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/9yuNVJ3ou8beAkVsZw0bGgWv6A4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/9yuNVJ3ou8beAkVsZw0bGgWv6A4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/9yuNVJ3ou8beAkVsZw0bGgWv6A4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 985 (0x3d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F72B8D549DE8BBC6DE02456C670D1B1A05AFE80E Validity Not Before: Aug 22 09:01:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D09E1080D624A14ED5D64EEA34CFADDEFD3864BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ef:8e:64:9a:62:fa:4a:3f:33:ef:38:9f:fd: 3d:f0:81:c2:e7:e8:8c:c5:4f:63:61:ad:3c:ed:a3: 53:8b:6b:f8:fa:88:59:65:1c:f5:16:9d:5d:08:c3: ec:e2:cc:4e:48:8a:61:1c:83:50:b4:3e:0e:9c:1c: d2:80:71:80:fd:fd:f7:dc:be:18:1a:c9:c6:fa:f2: f7:c0:49:db:05:79:5a:62:c7:ec:9c:27:55:2c:ae: 06:32:ef:80:aa:22:29:50:bd:00:ec:98:bf:9e:93: a5:c7:95:bd:8d:00:c0:d8:87:f8:9f:1c:a8:83:a9: 42:35:37:8a:5b:21:42:68:d0:ee:f0:e0:b8:8f:09: 8e:39:e5:d0:10:a8:0d:a8:73:ad:7b:30:02:26:28: 2e:98:30:7c:3e:92:00:4a:fe:cd:4a:83:ba:7d:7a: d5:63:f6:49:b3:ee:ef:66:b2:76:03:a9:f2:92:b3: ce:8e:74:7a:76:83:5e:2a:6f:be:76:cb:c6:65:76: 13:d5:64:86:fe:6c:6f:7d:03:47:95:17:e1:01:98: 27:a8:9f:d9:c1:1f:81:2a:d7:38:cc:3b:42:a4:21: ff:3f:8c:96:be:06:4b:db:11:17:61:b3:42:e2:b7: 11:97:f8:3d:1b:84:b0:df:1a:ff:41:8e:40:bc:68: be:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:9E:10:80:D6:24:A1:4E:D5:D6:4E:EA:34:CF:AD:DE:FD:38:64:BB X509v3 Authority Key Identifier: keyid:F7:2B:8D:54:9D:E8:BB:C6:DE:02:45:6C:67:0D:1B:1A:05:AF:E8:0E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/9yuNVJ3ou8beAkVsZw0bGgWv6A4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/9yuNVJ3ou8beAkVsZw0bGgWv6A4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCC1223342/0J4QgNYkoU7V1k7qNM-t3v04ZLs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.180.18.0/23 Signature Algorithm: sha256WithRSAEncryption ab:93:82:44:cf:92:0f:04:81:3f:97:4e:fa:29:13:b0:3e:fc: b8:92:2e:0d:ea:ec:b8:18:2a:09:d8:4a:4b:00:07:e0:45:98: 61:59:67:9b:28:b0:e0:ba:b5:dd:60:1b:9d:78:c4:39:49:ec: b3:a1:1c:03:1f:43:ab:fd:03:3a:96:36:66:30:d8:18:7b:d3: 04:53:a2:a2:f5:da:59:ee:29:77:9b:a8:c5:1f:94:f1:db:c5: 15:ba:de:8a:5f:bb:be:ba:bd:90:62:9e:5e:70:d5:23:7b:bb: a8:65:ab:66:99:38:d3:39:e4:b1:e7:82:e3:8e:88:85:31:c9: f8:ec:d8:53:ac:56:1c:95:14:f5:14:7a:f4:f6:10:a1:5a:96: ec:b0:b6:a0:a4:f0:a1:92:74:a7:22:ca:62:78:d6:9e:e7:50: d2:ba:61:44:4b:72:2c:38:24:e6:59:58:01:28:7e:23:3e:57: 4b:6a:6a:47:32:23:a3:5d:a7:e2:05:7f:13:fa:08:9c:43:a2: 21:8e:a1:ab:ae:6a:40:db:40:0f:40:6e:d0:4e:fb:f0:9c:26: 9d:c4:f8:e4:61:49:ef:8f:6a:3d:5b:01:f0:f8:14:77:1d:7f: e6:b0:7c:7a:b5:8f:04:d6:5d:90:51:8e:6d:55:5a:34:90:3d: 5a:2a:0e:0d -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICA9kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjcy QjhENTQ5REU4QkJDNkRFMDI0NTZDNjcwRDFCMUEwNUFGRTgwRTAeFw0yNTA4MjIw OTAxNDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQwOUUxMDgwRDYyNEEx NEVENUQ2NEVFQTM0Q0ZBRERFRkQzODY0QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ745kmmL6Sj8z7zif/T3wgcLn6IzFT2NhrTzto1OLa/j6iFll HPUWnV0Iw+zizE5IimEcg1C0Pg6cHNKAcYD9/ffcvhgaycb68vfASdsFeVpix+yc J1UsrgYy74CqIilQvQDsmL+ek6XHlb2NAMDYh/ifHKiDqUI1N4pbIUJo0O7w4LiP CY455dAQqA2oc617MAImKC6YMHw+kgBK/s1Kg7p9etVj9kmz7u9msnYDqfKSs86O dHp2g14qb752y8ZldhPVZIb+bG99A0eVF+EBmCeon9nBH4Eq1zjMO0KkIf8/jJa+ BkvbERdhs0LitxGX+D0bhLDfGv9BjkC8aL4RAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU0J4QgNYkoU7V1k7qNM+t3v04ZLswHwYDVR0jBBgwFoAU9yuNVJ3ou8beAkVs Zw0bGgWv6A4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENDMTIy MzM0Mi85eXVOVkozb3U4YmVBa1ZzWncwYkdnV3Y2QTQuY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBLzl5dU5WSjNvdThiZUFrVnNadzBiR2dXdjZBNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RDQzEyMjMzNDIvMEo0UWdOWWtv VTdWMWs3cU5NLXQzdjA0WkxzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAWe0EjANBgkqhkiG9w0BAQsFAAOCAQEAq5OCRM+SDwSBP5dO+ikTsD78 uJIuDersuBgqCdhKSwAH4EWYYVlnmyiw4Lq13WAbnXjEOUnss6EcAx9Dq/0DOpY2 ZjDYGHvTBFOiovXaWe4pd5uoxR+U8dvFFbreil+7vrq9kGKeXnDVI3u7qGWrZpk4 0znkseeC446IhTHJ+OzYU6xWHJUU9RR69PYQoVqW7LC2oKTwoZJ0pyLKYnjWnudQ 0rphREtyLDgk5llYASh+Iz5XS2pqRzIjo12n4gV/E/oInEOiIY6hq65qQNtAD0Bu 0E778JwmncT45GFJ749qPVsB8PgUdx1/5rB8erWPBNZdkFGObVVaNJA9WioODQ== -----END CERTIFICATE-----Generated at Sun Aug 24 07:42:29 2025 by rpki-client