$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/jR5XOBJt72et5TLWZjaUB6MjtT0.roa File: jR5XOBJt72et5TLWZjaUB6MjtT0.roa (raw, json) Hash identifier: aRtR8WtXn6/I8iEaFHymVWC8/RRKC0MRiYkaIfbtlFw= Subject key identifier: 8D:1E:57:38:12:6D:EF:67:AD:E5:32:D6:66:36:94:07:A3:23:B5:3D Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 02B1 Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/jR5XOBJt72et5TLWZjaUB6MjtT0.roa Signing time: Fri 22 Aug 2025 08:57:11 +0000 ROA not before: Fri 22 Aug 2025 08:57:11 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38842 IP address blocks: 103.160.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 689 (0x2b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Aug 22 08:57:11 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8D1E5738126DEF67ADE532D666369407A323B53D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c7:c2:1c:fd:1c:6d:23:4e:08:f1:f5:df:e4: 4c:df:cf:dd:01:17:11:8d:8c:11:84:8d:6c:e5:2c: a0:6a:0e:37:80:de:eb:c8:fd:3f:c7:2f:c4:b6:a2: a1:33:b3:59:f7:e2:be:2b:18:ff:2c:4b:0c:2c:7f: 42:92:d5:2c:8a:a6:21:fd:75:2f:93:9a:5f:b6:25: 4b:ee:3b:a0:33:c8:f3:65:28:3c:3c:5d:b6:58:73: cd:57:13:75:01:d5:fe:04:c7:9a:59:26:12:06:06: a2:80:a4:1c:d8:fd:bc:66:72:3b:d9:00:0e:8e:b4: 29:2d:db:43:47:7c:e0:f3:10:86:51:73:5e:bf:7b: c4:f1:68:80:fb:52:0f:3e:43:fc:33:c5:7b:0b:36: 05:b7:62:42:56:33:c0:0d:76:b8:b4:85:95:7a:d7: aa:a8:ff:9f:aa:1d:00:7d:0e:4a:6c:60:38:89:77: 02:98:a5:20:29:91:ce:3f:7d:da:0d:a7:4d:5b:c9: 1f:02:44:29:99:9f:9a:0b:7a:5b:88:e0:58:e1:4a: 05:19:3c:20:4d:eb:7b:4e:5d:dd:fc:db:2f:70:48: 9e:b0:5e:ab:fc:83:43:fb:59:4b:07:e5:8a:c1:38: c0:31:22:67:2a:04:1d:90:ed:6f:aa:d3:f0:27:e1: e5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:1E:57:38:12:6D:EF:67:AD:E5:32:D6:66:36:94:07:A3:23:B5:3D X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/jR5XOBJt72et5TLWZjaUB6MjtT0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:75:27:2d:c4:7f:26:07:6d:85:7c:7b:a7:35:83:c1:da:c6: 76:53:69:f9:0f:fe:a6:fe:15:b4:3e:e2:51:a9:b9:8d:d3:3a: 49:5a:b2:e5:33:83:3d:ce:0a:14:dd:b9:24:db:10:ec:3e:85: 9f:f1:a4:d8:72:10:ec:5e:c7:75:4d:89:79:ae:2b:e8:d8:9a: 27:9e:98:6e:1b:c7:68:d3:07:bf:6a:35:ea:88:cf:99:3b:7e: 1a:32:45:1e:6f:74:30:98:ef:71:8b:42:04:e1:8d:c9:f9:6f: 7a:d6:1c:0c:07:05:e6:36:15:75:5d:c9:79:60:26:b1:37:d7: fb:31:a2:56:20:a0:44:66:9d:51:86:15:4b:bd:6d:0b:bb:84: 97:0a:f1:d1:3a:5c:34:ef:7b:2e:cf:d3:15:85:34:d0:0e:61: 31:30:03:10:df:5f:2d:3c:a1:20:50:f7:b8:53:05:4f:2c:88: 1e:36:89:a9:46:bf:4b:e9:ef:f2:17:1f:dd:89:91:03:2f:5e: 57:0c:85:1f:ea:de:b7:5d:82:83:1f:3d:2d:e7:9d:7f:e3:95: 6b:0c:28:77:70:1e:aa:02:66:da:fe:cd:f0:e9:cf:6d:95:88: 48:6a:ab:2e:5e:e5:dc:e6:79:c2:f4:d0:d9:f2:57:01:5f:f0: ea:86:d1:8f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICArEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNTA4MjIw ODU3MTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhEMUU1NzM4MTI2REVG NjdBREU1MzJENjY2MzY5NDA3QTMyM0I1M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGx8Ic/RxtI04I8fXf5Ezfz90BFxGNjBGEjWzlLKBqDjeA3uvI /T/HL8S2oqEzs1n34r4rGP8sSwwsf0KS1SyKpiH9dS+Tml+2JUvuO6AzyPNlKDw8 XbZYc81XE3UB1f4Ex5pZJhIGBqKApBzY/bxmcjvZAA6OtCkt20NHfODzEIZRc16/ e8TxaID7Ug8+Q/wzxXsLNgW3YkJWM8ANdri0hZV616qo/5+qHQB9DkpsYDiJdwKY pSApkc4/fdoNp01byR8CRCmZn5oLeluI4FjhSgUZPCBN63tOXd382y9wSJ6wXqv8 g0P7WUsH5YrBOMAxImcqBB2Q7W+q0/An4eWRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUjR5XOBJt72et5TLWZjaUB6MjtT0wHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVUL2pSNVhPQkp0NzJldDVUTFda amFVQjZNanRUMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn oOIwDQYJKoZIhvcNAQELBQADggEBAE91Jy3EfyYHbYV8e6c1g8HaxnZTafkP/qb+ FbQ+4lGpuY3TOklasuUzgz3OChTduSTbEOw+hZ/xpNhyEOxex3VNiXmuK+jYmiee mG4bx2jTB79qNeqIz5k7fhoyRR5vdDCY73GLQgThjcn5b3rWHAwHBeY2FXVdyXlg JrE31/sxolYgoERmnVGGFUu9bQu7hJcK8dE6XDTvey7P0xWFNNAOYTEwAxDfXy08 oSBQ97hTBU8siB42ialGv0vp7/IXH92JkQMvXlcMhR/q3rddgoMfPS3nnX/jlWsM KHdwHqoCZtr+zfDpz22ViEhqqy5e5dzmecL00NnyVwFf8OqG0Y8= -----END CERTIFICATE-----Generated at Sun Aug 24 05:43:56 2025 by rpki-client