$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/Ybm49pMKyKpG8z47ALbdnS-I39Q.roa File: Ybm49pMKyKpG8z47ALbdnS-I39Q.roa (raw, json) Hash identifier: 0UAmxP2EO94jC5IkOAAFcTOgnudeO4X3lYtyTw+N2L8= Subject key identifier: 61:B9:B8:F6:93:0A:C8:AA:46:F3:3E:3B:00:B6:DD:9D:2F:88:DF:D4 Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 02AF Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/Ybm49pMKyKpG8z47ALbdnS-I39Q.roa Signing time: Fri 22 Aug 2025 08:57:11 +0000 ROA not before: Fri 22 Aug 2025 08:57:11 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38842 IP address blocks: 2406:f340::/32 maxlen: 64 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 687 (0x2af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Aug 22 08:57:11 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=61B9B8F6930AC8AA46F33E3B00B6DD9D2F88DFD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:8f:2c:9e:10:cb:13:1b:1a:ac:14:78:a7:05: 21:e8:ca:a1:a0:24:86:8d:26:cf:09:53:64:44:33: 86:1f:0d:4d:7b:dc:6c:58:3f:f0:35:50:8c:c7:5f: dd:34:ca:ee:67:44:84:61:2d:a3:f8:92:0a:e3:9a: 66:bc:65:14:fa:9e:2d:88:80:dc:41:c1:8e:1e:d3: b3:37:75:d0:d1:92:63:64:87:98:1e:5b:8b:76:11: f2:2d:92:22:cd:54:0c:4d:d1:42:41:46:13:7e:09: 7e:93:03:d2:21:a8:ac:90:92:e0:a9:6a:9b:24:12: 3f:de:a2:1b:b9:de:db:d5:15:93:e9:32:7a:61:ca: a7:ba:61:f3:cd:c2:5e:70:8f:8c:9d:ef:87:69:f8: 8d:41:c8:a5:0e:ee:d5:59:4c:7d:b2:5a:15:fa:c2: 46:a9:8b:49:d7:3c:67:ec:f7:c0:0e:d1:07:94:e7: 70:a5:ec:e3:a8:f4:d9:ed:4a:27:18:f2:cf:bf:01: d9:d1:3d:59:81:b6:1a:2e:4c:90:8e:68:45:59:f0: 47:19:4e:03:07:a8:e1:0c:4f:02:48:67:4f:af:08: 6f:93:d0:cd:00:f4:cd:91:96:a5:af:b1:ad:e5:69: ef:fa:42:2b:d6:3f:fa:2f:fc:1b:eb:b0:61:8c:c3: c2:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B9:B8:F6:93:0A:C8:AA:46:F3:3E:3B:00:B6:DD:9D:2F:88:DF:D4 X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/Ybm49pMKyKpG8z47ALbdnS-I39Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:f340::/32 Signature Algorithm: sha256WithRSAEncryption 0d:e5:1a:ca:15:b8:35:28:2c:d6:73:06:84:58:35:c4:fe:14: cb:3f:8b:d4:21:4f:7d:35:f5:3e:7c:e1:aa:41:55:03:6e:a5: 11:8d:2e:ca:75:2f:49:45:75:c2:9d:10:6a:f2:dc:58:21:78: 16:96:80:be:35:30:a7:22:8d:88:2f:8f:4b:94:55:a4:24:aa: e1:94:92:b3:ac:a3:64:94:b9:5b:1e:74:c6:67:d2:dd:b3:fe: 8e:b9:42:c8:ce:8b:bc:af:3d:16:ec:66:e1:5e:cc:a9:89:d6: 2e:4b:5f:fe:1b:99:52:e1:23:0d:39:9f:96:46:60:64:f6:9a: 41:22:d2:7c:0f:21:06:2c:1d:b7:20:1e:3f:d8:61:b2:fe:6c: d6:cb:59:ad:ec:4a:97:85:12:8d:e2:1a:41:36:41:4c:ea:c3: 9b:0f:20:09:d9:b4:37:e3:35:26:25:bf:8a:c1:e2:4f:e1:76: f0:95:36:83:01:1d:b4:d0:be:d1:49:24:70:4c:d5:8e:ef:ba: a1:7e:14:1d:00:d5:3a:80:b6:3a:0a:86:b3:a9:b1:25:bb:37: 28:ad:93:3f:51:e7:ad:35:63:ee:38:c4:b6:81:0e:19:61:02: 08:7a:53:55:56:4d:9c:8f:ed:34:28:f4:e4:8c:7e:24:6b:9d: 3a:87:8a:94 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICAq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNTA4MjIw ODU3MTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDYxQjlCOEY2OTMwQUM4 QUE0NkYzM0UzQjAwQjZERDlEMkY4OERGRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDzjyyeEMsTGxqsFHinBSHoyqGgJIaNJs8JU2REM4YfDU173GxY P/A1UIzHX900yu5nRIRhLaP4kgrjmma8ZRT6ni2IgNxBwY4e07M3ddDRkmNkh5ge W4t2EfItkiLNVAxN0UJBRhN+CX6TA9IhqKyQkuCpapskEj/eohu53tvVFZPpMnph yqe6YfPNwl5wj4yd74dp+I1ByKUO7tVZTH2yWhX6wkapi0nXPGfs98AO0QeU53Cl 7OOo9NntSicY8s+/AdnRPVmBthouTJCOaEVZ8EcZTgMHqOEMTwJIZ0+vCG+T0M0A 9M2RlqWvsa3lae/6QivWP/ov/BvrsGGMw8LxAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUYbm49pMKyKpG8z47ALbdnS+I39QwHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVUL1libTQ5cE1LeUtwRzh6NDdB TGJkblMtSTM5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk BvNAMA0GCSqGSIb3DQEBCwUAA4IBAQAN5RrKFbg1KCzWcwaEWDXE/hTLP4vUIU99 NfU+fOGqQVUDbqURjS7KdS9JRXXCnRBq8txYIXgWloC+NTCnIo2IL49LlFWkJKrh lJKzrKNklLlbHnTGZ9Lds/6OuULIzou8rz0W7GbhXsypidYuS1/+G5lS4SMNOZ+W RmBk9ppBItJ8DyEGLB23IB4/2GGy/mzWy1mt7EqXhRKN4hpBNkFM6sObDyAJ2bQ3 4zUmJb+KweJP4XbwlTaDAR200L7RSSRwTNWO77qhfhQdANU6gLY6CoazqbEluzco rZM/UeetNWPuOMS2gQ4ZYQIIelNVVk2cj+00KPTkjH4ka506h4qU -----END CERTIFICATE-----Generated at Sun Aug 24 05:43:24 2025 by rpki-client