$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/cOFFO_cnIBp_NFtLwRftBMOOfE8.roa File: cOFFO_cnIBp_NFtLwRftBMOOfE8.roa (raw, json) Hash identifier: BKBRFELI7+PUrSuyLchc1lmJ/+rbH1V9wIeKIyS+f1s= Subject key identifier: 70:E1:45:3B:F7:27:20:1A:7F:34:5B:4B:C1:17:ED:04:C3:8E:7C:4F Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Certificate serial: 0DCC Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/cOFFO_cnIBp_NFtLwRftBMOOfE8.roa Signing time: Fri 22 Aug 2025 09:03:15 +0000 ROA not before: Fri 22 Aug 2025 09:03:15 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131662 IP address blocks: 103.135.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3532 (0xdcc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477 Validity Not Before: Aug 22 09:03:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=70E1453BF727201A7F345B4BC117ED04C38E7C4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:5a:6f:ac:bc:3c:83:10:44:1b:20:ca:87:ad: b0:26:c7:8d:64:b2:08:e9:8e:84:65:c0:23:4d:35: d1:fb:4f:12:7c:1f:7d:9b:45:33:85:41:dd:0e:5e: 39:d9:0b:98:a9:22:2c:f7:6c:d0:14:5b:90:03:50: f7:bd:41:38:69:2e:9a:ee:c4:67:e4:77:1b:c9:0a: 00:98:f1:ee:7e:ad:19:71:e8:c9:b3:6b:a3:50:9a: 06:47:0e:4f:ef:f6:27:e9:70:63:a4:5f:95:c1:07: 8b:0a:bb:4d:67:a5:13:53:ea:9c:3f:af:e7:66:52: 03:37:b3:1b:2d:45:23:98:3c:76:74:63:d4:57:00: 65:12:43:5b:7b:94:ff:0d:6a:2e:38:9b:10:18:c5: a5:67:9f:3d:ee:14:fe:8d:30:81:8d:a8:99:c3:41: e6:83:87:ae:3a:7f:bb:cf:10:29:98:aa:47:a7:c4: 37:5c:a5:b6:f3:90:57:06:d8:1d:91:e9:ec:74:2a: 95:eb:0f:37:d7:a7:99:91:61:9e:de:9f:0e:ea:52: ec:2b:41:ed:2b:50:e2:b8:c5:3e:4c:92:02:d4:9c: e6:53:85:dc:ca:76:17:59:d6:5e:88:d6:02:86:5c: 90:b8:65:47:8a:a6:bc:ac:00:af:17:a8:bd:9e:d8: a6:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E1:45:3B:F7:27:20:1A:7F:34:5B:4B:C1:17:ED:04:C3:8E:7C:4F X509v3 Authority Key Identifier: keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/cOFFO_cnIBp_NFtLwRftBMOOfE8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.135.17.0/24 Signature Algorithm: sha256WithRSAEncryption 53:03:79:39:61:d7:75:26:ad:07:5f:74:1f:35:39:50:ef:5a: 55:0e:d5:a8:aa:f8:24:08:b3:5f:f0:50:19:b7:3d:ec:79:63: 4b:fd:7b:03:5e:55:f3:fd:83:94:63:8c:a8:90:d6:17:21:fd: f0:68:e6:b3:0a:f1:6b:c5:8a:8a:fc:5f:53:84:cf:e2:19:bc: 63:75:f6:7f:16:a6:e3:87:da:32:ac:f2:c9:0e:c2:cd:15:db: 30:f0:01:e3:af:84:be:7a:d5:ef:e1:31:84:65:12:cd:46:4a: 5a:d5:59:c2:c2:17:57:0f:af:35:2e:22:8d:62:fb:68:47:d0: 3d:45:b2:63:d1:9c:a4:5f:d0:99:96:d8:48:02:67:39:9f:1f: 6f:f0:12:6a:5b:bc:9a:14:2d:0e:f7:69:d6:c1:f1:3b:ce:47: 4e:03:99:fb:dc:c2:85:1a:02:18:0d:7f:4c:18:42:16:2c:5a: a1:77:04:41:2e:3f:1f:1f:b6:b7:75:86:97:74:72:58:c6:04: 61:58:4e:50:e4:d8:c6:9c:10:a2:e2:2b:94:3b:ee:73:db:e5: ef:3d:8f:d0:fc:83:af:94:81:a0:38:9e:82:47:20:d4:4f:73: fa:99:7d:d3:d4:b4:30:be:27:85:09:bc:ab:b0:ef:cc:fd:2e: 4f:cd:c3:59 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yNTA4MjIw OTAzMTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDcwRTE0NTNCRjcyNzIw MUE3RjM0NUI0QkMxMTdFRDA0QzM4RTdDNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEWm+svDyDEEQbIMqHrbAmx41ksgjpjoRlwCNNNdH7TxJ8H32b RTOFQd0OXjnZC5ipIiz3bNAUW5ADUPe9QThpLpruxGfkdxvJCgCY8e5+rRlx6Mmz a6NQmgZHDk/v9ifpcGOkX5XBB4sKu01npRNT6pw/r+dmUgM3sxstRSOYPHZ0Y9RX AGUSQ1t7lP8Nai44mxAYxaVnnz3uFP6NMIGNqJnDQeaDh646f7vPECmYqkenxDdc pbbzkFcG2B2R6ex0KpXrDzfXp5mRYZ7enw7qUuwrQe0rUOK4xT5MkgLUnOZThdzK dhdZ1l6I1gKGXJC4ZUeKprysAK8XqL2e2KZ7AgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUcOFFO/cnIBp/NFtLwRftBMOOfE8wHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vY09GRk9fY25JQnBfTkZ0 THdSZnRCTU9PZkU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AGeHETANBgkqhkiG9w0BAQsFAAOCAQEAUwN5OWHXdSatB190HzU5UO9aVQ7VqKr4 JAizX/BQGbc97HljS/17A15V8/2DlGOMqJDWFyH98Gjmswrxa8WKivxfU4TP4hm8 Y3X2fxam44faMqzyyQ7CzRXbMPAB46+EvnrV7+ExhGUSzUZKWtVZwsIXVw+vNS4i jWL7aEfQPUWyY9GcpF/QmZbYSAJnOZ8fb/ASalu8mhQtDvdp1sHxO85HTgOZ+9zC hRoCGA1/TBhCFixaoXcEQS4/Hx+2t3WGl3RyWMYEYVhOUOTYxpwQouIrlDvuc9vl 7z2P0PyDr5SBoDiegkcg1E9z+pl909S0ML4nhQm8q7DvzP0uT83DWQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:57:39 2025 by rpki-client