$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/BddfWqg0JZRciGQb4hxS1jn2J54.roa File: BddfWqg0JZRciGQb4hxS1jn2J54.roa (raw, json) Hash identifier: Ef2KgrJNXNKMUe8yWYLt8718Qkf5NA+cObRWEW9ssy8= Subject key identifier: 05:D7:5F:5A:A8:34:25:94:5C:88:64:1B:E2:1C:52:D6:39:F6:27:9E Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Certificate serial: 0DCA Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/BddfWqg0JZRciGQb4hxS1jn2J54.roa Signing time: Fri 22 Aug 2025 09:03:15 +0000 ROA not before: Fri 22 Aug 2025 09:03:15 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 20473 IP address blocks: 103.123.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3530 (0xdca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Validity Not Before: Aug 22 09:03:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=05D75F5AA83425945C88641BE21C52D639F6279E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ea:d8:77:08:f9:fd:32:92:3e:11:b7:38:e3: c2:10:c4:5d:1b:4e:b8:50:f2:01:a6:46:a4:b6:49: 13:27:96:26:b4:6e:df:37:ac:cd:0f:4d:d1:1e:0f: b3:38:ff:4f:8d:5c:5f:7a:0b:32:3f:07:d6:20:2f: 8e:4d:af:5d:1d:8c:2e:e4:0c:b4:d5:fe:2a:28:06: 07:65:21:fe:7f:8f:83:e2:f5:02:a2:e8:19:3d:e3: 54:b1:9a:f3:fe:04:52:f7:f1:32:68:5e:76:ea:e6: 3c:40:59:95:d0:22:ad:65:03:e7:49:01:4c:06:df: df:96:9f:fc:bf:2f:1d:13:a3:46:97:87:34:7a:41: 2c:18:08:e9:7c:9d:46:71:6d:d9:07:09:81:82:a6: b0:c0:23:f8:88:59:bb:9b:6d:7d:2d:c4:c4:a7:4a: e0:e6:4f:5c:d9:ff:c6:f2:6c:14:ee:76:97:b9:94: cc:df:57:ad:0b:83:2d:f5:ed:c5:df:7f:c2:04:54: 10:f1:78:6a:d3:f1:9c:9a:76:4c:fe:25:a1:ae:74: 94:a6:a9:a6:75:e7:f8:40:6d:1f:ca:c9:8e:90:7e: 62:7d:ce:fb:97:d7:20:ba:54:51:df:2f:2e:f0:39: f3:6c:85:60:e2:df:1d:82:4f:da:e8:8e:9f:f6:ed: 21:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:D7:5F:5A:A8:34:25:94:5C:88:64:1B:E2:1C:52:D6:39:F6:27:9E X509v3 Authority Key Identifier: keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/BddfWqg0JZRciGQb4hxS1jn2J54.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.123.128.0/22 Signature Algorithm: sha256WithRSAEncryption a7:91:64:bc:a5:b5:44:1c:60:86:3b:17:63:9b:5e:a1:28:5b: 9a:ab:b0:0b:c1:42:51:49:bf:84:67:ef:77:1a:e2:72:85:81: 5d:c6:e0:34:7e:6d:a4:e3:0a:a6:7e:d9:d5:bf:f7:64:d6:ab: 39:39:68:de:41:f1:01:6d:28:df:e2:4b:d0:6c:23:05:3a:4a: 95:b2:4c:0d:d7:9f:bc:8f:3c:b1:ab:3f:9a:e3:e8:97:9c:43: f0:b6:76:b0:ed:28:b9:63:02:3d:79:8e:25:e4:84:58:fb:68: 84:26:46:41:a4:48:fe:99:92:bd:4c:dc:0b:75:79:80:7d:40: 46:69:e9:29:94:58:48:92:60:42:fa:52:eb:fa:c9:2f:4e:21: 0e:e9:ab:2f:5b:77:24:53:44:19:84:7e:b9:e5:38:3f:5a:d0: 1d:df:04:06:bc:c2:bc:0e:ed:26:e8:33:f1:eb:0c:ea:4f:be: 13:09:e2:46:1a:17:aa:51:56:2c:ca:44:ce:79:a1:3a:cd:a4: 40:46:0b:69:f4:fe:2a:e3:8e:fe:07:8e:27:dc:3d:7e:70:63: a1:90:ea:65:5b:d6:6c:0a:7f:97:5e:31:a7:33:2f:8a:6d:21: 9a:f9:7f:45:5d:3f:21:53:64:5a:9a:77:d5:2f:e0:32:5e:da: 56:55:38:eb -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yNTA4MjIw OTAzMTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA1RDc1RjVBQTgzNDI1 OTQ1Qzg4NjQxQkUyMUM1MkQ2MzlGNjI3OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC86th3CPn9MpI+Ebc448IQxF0bTrhQ8gGmRqS2SRMnlia0bt83 rM0PTdEeD7M4/0+NXF96CzI/B9YgL45Nr10djC7kDLTV/iooBgdlIf5/j4Pi9QKi 6Bk941SxmvP+BFL38TJoXnbq5jxAWZXQIq1lA+dJAUwG39+Wn/y/Lx0To0aXhzR6 QSwYCOl8nUZxbdkHCYGCprDAI/iIWbubbX0txMSnSuDmT1zZ/8bybBTudpe5lMzf V60Lgy317cXff8IEVBDxeGrT8Zyadkz+JaGudJSmqaZ15/hAbR/KyY6QfmJ9zvuX 1yC6VFHfLy7wOfNshWDi3x2CT9rojp/27SExAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUBddfWqg0JZRciGQb4hxS1jn2J54wHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vQmRkZldxZzBKWlJjaUdR YjRoeFMxam4ySjU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME Amd7gDANBgkqhkiG9w0BAQsFAAOCAQEAp5FkvKW1RBxghjsXY5teoShbmquwC8FC UUm/hGfvdxricoWBXcbgNH5tpOMKpn7Z1b/3ZNarOTlo3kHxAW0o3+JL0GwjBTpK lbJMDdefvI88sas/muPol5xD8LZ2sO0ouWMCPXmOJeSEWPtohCZGQaRI/pmSvUzc C3V5gH1ARmnpKZRYSJJgQvpS6/rJL04hDumrL1t3JFNEGYR+ueU4P1rQHd8EBrzC vA7tJugz8esM6k++EwniRhoXqlFWLMpEznmhOs2kQEYLafT+KuOO/geOJ9w9fnBj oZDqZVvWbAp/l14xpzMvim0hmvl/RV0/IVNkWpp31S/gMl7aVlU46w== -----END CERTIFICATE-----Generated at Sun Aug 24 09:57:36 2025 by rpki-client