$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DQWL/K2ybTtXNfPpCm-GExjtkxxgpIRQ.roa File: K2ybTtXNfPpCm-GExjtkxxgpIRQ.roa (raw, json) Hash identifier: zLYAUZAJ+pB731Zz3vNVkMkFEY9yBOLooPJXt/8FuBg= Subject key identifier: 2B:6C:9B:4E:D5:CD:7C:FA:42:9B:E1:84:C6:3B:64:C7:18:29:21:14 Certificate issuer: /CN=7CBA374F4F7A0D1E6CB59F8A7B564066C67DD19D Certificate serial: 0974 Authority key identifier: 7C:BA:37:4F:4F:7A:0D:1E:6C:B5:9F:8A:7B:56:40:66:C6:7D:D1:9D Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/K2ybTtXNfPpCm-GExjtkxxgpIRQ.roa Signing time: Fri 22 Aug 2025 08:44:28 +0000 ROA not before: Fri 22 Aug 2025 08:44:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131678 IP address blocks: 103.149.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2420 (0x974) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7CBA374F4F7A0D1E6CB59F8A7B564066C67DD19D Validity Not Before: Aug 22 08:44:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=2B6C9B4ED5CD7CFA429BE184C63B64C718292114 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e9:fb:2d:a7:b4:92:17:6a:90:cc:07:ab:b2: 07:6f:90:5a:01:5a:3d:a9:09:24:ba:4c:0f:cd:c4: ea:a8:ed:df:9a:37:e8:56:84:7f:67:4e:e9:1d:60: c6:af:ac:70:28:89:30:b7:9f:23:62:ef:e2:48:48: f6:66:84:48:ef:bb:97:3e:f0:f6:15:2a:b5:f2:37: fc:cb:ce:4a:ab:36:e6:db:a9:67:8a:eb:2b:f5:af: e5:52:fb:9e:c4:1e:dc:d7:ca:e6:a4:d5:bf:cc:a2: 15:7c:f9:06:0d:35:ed:3f:9e:73:cd:c9:3a:bb:aa: 25:55:ad:ba:1b:50:da:72:91:8d:d9:09:1c:37:06: 7f:1a:8b:89:48:92:53:9b:08:2f:08:77:dc:46:74: 71:74:10:b6:9a:5b:67:d4:07:ba:79:1b:4f:55:3b: bb:1e:0c:73:61:3c:b3:28:53:42:b4:5a:ef:a1:7e: 46:2d:ea:3c:cf:4e:b7:13:f7:c3:dc:7f:53:d2:15: 6e:29:66:70:07:da:f3:68:52:9a:ff:f1:68:66:89: 76:4f:79:b6:4e:6d:1e:61:dd:cc:23:70:69:e6:43: e9:db:f4:a7:30:bd:b0:e9:20:51:45:a1:af:88:81: 70:33:be:e2:6a:63:1f:60:20:e6:56:ae:5b:47:b2: a1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:6C:9B:4E:D5:CD:7C:FA:42:9B:E1:84:C6:3B:64:C7:18:29:21:14 X509v3 Authority Key Identifier: keyid:7C:BA:37:4F:4F:7A:0D:1E:6C:B5:9F:8A:7B:56:40:66:C6:7D:D1:9D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/K2ybTtXNfPpCm-GExjtkxxgpIRQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.149.66.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:be:6c:b3:a5:23:0c:88:24:7e:7d:04:f2:8b:dd:f3:df:5f: c8:29:1d:73:b8:22:ed:00:37:f9:ce:6b:32:9a:18:af:fa:5c: 11:b3:7c:8a:22:70:e5:b6:01:4d:d0:f4:58:2b:33:5b:bd:28: b0:88:2a:3b:1f:6a:5a:9d:2b:80:53:b7:30:4d:3d:28:bb:7a: 1d:a4:e7:aa:80:6c:a1:b5:5a:94:e3:6d:19:c8:93:0c:44:57: 64:7a:81:25:98:e0:47:7e:a1:40:00:da:43:e9:ed:62:cc:2d: ca:0d:4e:b7:40:e8:d5:bb:95:14:a7:26:45:bc:14:c2:f6:63: f2:dd:c2:0d:c3:8b:c2:ec:6c:49:7b:c6:0e:62:54:60:2c:86: 62:ca:ed:7e:46:bf:65:2f:64:1c:55:55:3a:a1:63:39:6c:a7: 84:cc:d5:b0:48:f1:a4:67:ac:8b:b3:ef:92:59:8b:09:ef:7b: 24:d3:ec:d7:fb:f9:53:c4:f7:35:cc:7d:12:ed:7d:fe:3c:be: 52:75:e1:02:7f:07:9b:71:9e:fd:c2:9a:bb:4e:5b:32:6c:d9: cd:18:db:cc:5b:bd:16:e4:f7:cf:75:ed:d7:ac:49:4d:41:4c: 0c:48:e2:8c:20:40:3c:64:2d:05:fc:66:64:94:fb:3f:d2:e2: fe:3b:3b:b2 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NC QTM3NEY0RjdBMEQxRTZDQjU5RjhBN0I1NjQwNjZDNjdERDE5RDAeFw0yNTA4MjIw ODQ0MjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJCNkM5QjRFRDVDRDdD RkE0MjlCRTE4NEM2M0I2NEM3MTgyOTIxMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDK6fstp7SSF2qQzAersgdvkFoBWj2pCSS6TA/NxOqo7d+aN+hW hH9nTukdYMavrHAoiTC3nyNi7+JISPZmhEjvu5c+8PYVKrXyN/zLzkqrNubbqWeK 6yv1r+VS+57EHtzXyuak1b/MohV8+QYNNe0/nnPNyTq7qiVVrbobUNpykY3ZCRw3 Bn8ai4lIklObCC8Id9xGdHF0ELaaW2fUB7p5G09VO7seDHNhPLMoU0K0Wu+hfkYt 6jzPTrcT98Pcf1PSFW4pZnAH2vNoUpr/8WhmiXZPebZObR5h3cwjcGnmQ+nb9Kcw vbDpIFFFoa+IgXAzvuJqYx9gIOZWrltHsqGFAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUK2ybTtXNfPpCm+GExjtkxxgpIRQwHwYDVR0jBBgwFoAUfLo3T096DR5stZ+K e1ZAZsZ90Z0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFFXTC9m TG8zVDA5NkRSNXN0Wi1LZTFaQVpzWjkwWjAuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2ZMbzNUMDk2RFI1c3RaLUtlMVpBWnNaOTBaMC5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0RRV0wvSzJ5YlR0WE5mUHBDbS1HRXhqdGt4 eGdwSVJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeVQjAN BgkqhkiG9w0BAQsFAAOCAQEADr5ss6UjDIgkfn0E8ovd899fyCkdc7gi7QA3+c5r MpoYr/pcEbN8iiJw5bYBTdD0WCszW70osIgqOx9qWp0rgFO3ME09KLt6HaTnqoBs obValONtGciTDERXZHqBJZjgR36hQADaQ+ntYswtyg1Ot0Do1buVFKcmRbwUwvZj 8t3CDcOLwuxsSXvGDmJUYCyGYsrtfka/ZS9kHFVVOqFjOWynhMzVsEjxpGesi7Pv klmLCe97JNPs1/v5U8T3Ncx9Eu19/jy+UnXhAn8Hm3Ge/cKau05bMmzZzRjbzFu9 FuT3z3Xt16xJTUFMDEjijCBAPGQtBfxmZJT7P9Li/js7sg== -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:27 2025 by rpki-client