$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/tQsDTEBBZ1F_n_B9q-DgdEqL2bo.roa File: tQsDTEBBZ1F_n_B9q-DgdEqL2bo.roa (raw, json) Hash identifier: oDqEDsWQAduDrmllywzYRJrI5/FS5eroEVEVtEQo4Rg= Subject key identifier: B5:0B:03:4C:40:41:67:51:7F:9F:F0:7D:AB:E0:E0:74:4A:8B:D9:BA Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Certificate serial: 02B0 Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/tQsDTEBBZ1F_n_B9q-DgdEqL2bo.roa Signing time: Fri 22 Aug 2025 08:57:11 +0000 ROA not before: Fri 22 Aug 2025 08:57:11 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131659 IP address blocks: 103.160.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 688 (0x2b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2 Validity Not Before: Aug 22 08:57:11 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B50B034C404167517F9FF07DABE0E0744A8BD9BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:bb:34:71:4e:da:bb:7d:99:fc:37:95:15:e1: 1f:d2:6d:9f:80:df:c4:5d:2d:f1:fe:1d:af:ac:8b: ba:8f:08:6d:36:cb:11:1e:d4:c6:65:3d:6e:f8:21: 0c:ed:30:2a:91:a8:ca:f5:a8:00:10:d0:ad:e7:b6: 5e:01:89:c1:49:58:c3:e3:9e:a3:37:f8:ee:fc:d6: 72:54:96:d2:82:4e:85:a1:37:98:96:9e:74:0b:e7: 0f:19:f3:0d:09:bb:d0:19:54:2f:b7:29:00:51:37: 42:a2:7f:59:a8:e1:8c:95:67:7a:64:7f:14:8f:2c: 8b:fb:bc:22:86:29:d7:13:ee:fd:df:57:f9:c6:63: a8:82:6a:77:86:37:e7:3f:2d:bd:05:69:32:9d:c9: 01:33:7a:cf:94:2a:aa:65:30:42:1f:57:61:d4:b9: 2c:29:44:32:59:cf:01:db:1e:51:19:d6:8a:ac:86: 40:30:6e:79:01:06:fa:c0:bf:ac:74:d8:bc:ea:1f: 55:e9:04:3f:f7:e5:cf:59:9f:8b:f6:51:48:2b:ba: d2:d0:10:f8:96:bd:46:73:a9:9f:26:22:64:1b:f1: 75:c5:6b:86:47:3e:b8:9b:6d:7a:e9:f9:7e:e3:7a: 1b:bc:0f:02:f2:11:2c:ea:76:cb:a8:35:9a:8d:a0: aa:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:0B:03:4C:40:41:67:51:7F:9F:F0:7D:AB:E0:E0:74:4A:8B:D9:BA X509v3 Authority Key Identifier: keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/tQsDTEBBZ1F_n_B9q-DgdEqL2bo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.226.0/23 Signature Algorithm: sha256WithRSAEncryption 89:d4:a8:ab:6b:96:df:9b:23:81:b4:97:24:ff:e5:b8:d3:51: 00:fa:0b:ad:9c:ed:15:2f:8a:da:07:9f:eb:8b:c0:55:c3:b8: 4b:10:3d:ab:7f:35:56:39:16:59:e5:ee:f0:6a:d3:90:2f:69: e3:ae:32:9e:10:59:74:ea:83:b6:b4:3c:20:f2:74:2d:27:d0: 8c:00:22:ea:0d:b8:8b:2f:01:40:0d:00:17:26:50:57:fd:f5: 72:71:b1:c1:38:7b:07:35:c1:4f:f2:44:3d:ab:dc:30:84:72: 3b:94:31:29:da:32:25:ca:fc:08:37:14:6e:ab:74:50:21:b7: 0c:38:56:fc:63:36:a2:61:43:29:70:d5:c8:38:c0:f7:99:ad: 18:7a:ba:ac:26:b9:4c:3f:20:f9:51:28:a8:69:0a:2b:81:f4: 90:f2:6e:17:de:f0:eb:db:88:02:71:8a:c3:be:88:a5:a5:d7: 8a:49:83:5b:c6:71:11:a8:73:d1:f9:9f:56:be:01:8e:b0:47: 86:37:e2:44:20:86:ab:bc:fd:6f:62:6b:2f:77:01:2c:3b:75: 07:bd:49:1b:c0:83:62:5c:be:ac:b3:4a:c8:96:c0:5e:82:06: 43:cf:40:0a:0a:be:0d:e9:cc:85:c7:4d:79:a1:03:b4:05:d2: 20:5c:a0:e4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICArAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjc3 ODk1RTY0QkU0MUI3MTgyNjY0RTEzNDVDRDU3RTVEMzZBMUFGMjAeFw0yNTA4MjIw ODU3MTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEI1MEIwMzRDNDA0MTY3 NTE3RjlGRjA3REFCRTBFMDc0NEE4QkQ5QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5uzRxTtq7fZn8N5UV4R/SbZ+A38RdLfH+Ha+si7qPCG02yxEe 1MZlPW74IQztMCqRqMr1qAAQ0K3ntl4BicFJWMPjnqM3+O781nJUltKCToWhN5iW nnQL5w8Z8w0Ju9AZVC+3KQBRN0Kif1mo4YyVZ3pkfxSPLIv7vCKGKdcT7v3fV/nG Y6iCaneGN+c/Lb0FaTKdyQEzes+UKqplMEIfV2HUuSwpRDJZzwHbHlEZ1oqshkAw bnkBBvrAv6x02LzqH1XpBD/35c9Zn4v2UUgrutLQEPiWvUZzqZ8mImQb8XXFa4ZH PribbXrp+X7jehu8DwLyESzqdsuoNZqNoKrHAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUtQsDTEBBZ1F/n/B9q+DgdEqL2bowHwYDVR0jBBgwFoAUJ3iV5kvkG3GCZk4T Rc1X5dNqGvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVU L0ozaVY1a3ZrRzNHQ1prNFRSYzFYNWROcUd2SS5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvSjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE5TTkVUL3RRc0RURUJCWjFGX25fQjlx LURnZEVxTDJiby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn oOIwDQYJKoZIhvcNAQELBQADggEBAInUqKtrlt+bI4G0lyT/5bjTUQD6C62c7RUv itoHn+uLwFXDuEsQPat/NVY5Flnl7vBq05AvaeOuMp4QWXTqg7a0PCDydC0n0IwA IuoNuIsvAUANABcmUFf99XJxscE4ewc1wU/yRD2r3DCEcjuUMSnaMiXK/Ag3FG6r dFAhtww4VvxjNqJhQylw1cg4wPeZrRh6uqwmuUw/IPlRKKhpCiuB9JDybhfe8Ovb iAJxisO+iKWl14pJg1vGcRGoc9H5n1a+AY6wR4Y34kQghqu8/W9iay93ASw7dQe9 SRvAg2JcvqyzSsiWwF6CBkPPQAoKvg3pzIXHTXmhA7QF0iBcoOQ= -----END CERTIFICATE-----Generated at Sun Aug 24 07:41:31 2025 by rpki-client