$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/fR5NBPPnsDfJ3Z8PJWMCit2bpus.roa File: fR5NBPPnsDfJ3Z8PJWMCit2bpus.roa (raw, json) Hash identifier: ZQKIG3DEyi25at8K+4pswQDmQetrvuRV6Ag1ndsbTws= Subject key identifier: 7D:1E:4D:04:F3:E7:B0:37:C9:DD:9F:0F:25:63:02:8A:DD:9B:A6:EB Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Certificate serial: 1087 Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/fR5NBPPnsDfJ3Z8PJWMCit2bpus.roa Signing time: Fri 22 Aug 2025 08:57:51 +0000 ROA not before: Fri 22 Aug 2025 08:57:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24168 IP address blocks: 2404:8cc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4231 (0x1087) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059 Validity Not Before: Aug 22 08:57:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=7D1E4D04F3E7B037C9DD9F0F2563028ADD9BA6EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:4d:f3:2f:c0:12:a8:6b:c8:72:de:33:0e:38: db:77:57:bd:f1:3e:4b:43:ea:2f:d9:74:55:fa:b7: 94:fc:1e:ee:47:81:97:eb:aa:c7:bf:d3:1c:79:41: 61:1e:5e:a2:16:f0:1d:d5:f9:4a:26:f7:e2:68:28: da:19:d0:7b:b9:24:b3:e5:c2:03:97:7e:31:fe:d8: b4:30:bf:27:54:5a:4f:ec:55:33:c0:e8:07:93:d3: ad:a3:c5:86:4a:3f:12:78:27:f6:0d:2b:77:93:4b: 75:24:74:e1:6a:1b:97:1e:49:33:09:46:5e:2b:d9: d0:9d:30:7b:c3:b8:f7:1e:56:88:56:8b:70:25:e3: c8:0c:0e:af:ab:49:87:e5:cb:7c:39:e4:e7:ad:c4: 06:3c:69:c9:3e:15:db:b6:3c:63:15:95:7d:88:95: 52:1d:04:7e:fe:38:c2:71:a9:e6:17:2c:69:9c:31: e9:d1:2c:76:3d:50:e5:f3:ec:25:4e:8f:ba:bf:a0: 34:7c:cf:92:13:0c:40:4f:f2:27:05:65:23:6b:b4: 2f:ec:83:8f:9f:95:11:73:e8:6a:74:d1:f4:47:8e: a9:59:52:bd:0b:83:43:41:47:5c:59:da:08:0a:ed: ec:c9:98:19:49:7b:32:7a:91:61:ef:be:94:7c:41: 65:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:1E:4D:04:F3:E7:B0:37:C9:DD:9F:0F:25:63:02:8A:DD:9B:A6:EB X509v3 Authority Key Identifier: keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/fR5NBPPnsDfJ3Z8PJWMCit2bpus.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:8cc0::/32 Signature Algorithm: sha256WithRSAEncryption 92:94:1a:ad:3b:6c:72:8a:88:3d:9c:3d:3f:9a:52:93:70:83: 8c:d5:58:61:fa:34:a4:32:59:4c:61:73:fc:dc:b2:ec:2c:ed: 2a:83:85:b1:3e:ae:6e:f1:b0:43:15:ba:db:3b:81:5e:90:a5: 93:bd:73:00:44:b5:f5:a1:f1:a5:99:98:37:53:08:db:2e:8e: 60:7a:16:3a:d9:ec:61:c8:82:25:b8:5c:90:ab:64:f2:27:3a: 25:ec:27:9d:06:c3:d2:4f:c5:7a:8a:8b:25:67:0b:bf:34:86: 0c:60:d0:9f:3d:c3:35:a5:aa:da:86:c2:ea:2d:93:ca:bb:a6: 88:a2:d5:b3:15:d1:ba:d2:b7:fc:6c:f1:ad:9b:dc:83:78:13: 0d:d0:14:98:33:db:f0:22:f7:52:0c:0f:17:0f:46:37:37:fb: a3:03:94:a5:fb:c4:fb:93:e1:e4:f3:cc:00:c0:f3:bc:16:24: 26:bc:2d:ea:60:d0:db:60:0f:4f:f7:63:85:c5:57:34:d8:5a: 94:4d:43:bc:5e:14:5e:b7:42:24:32:af:ed:05:31:7e:f0:c7: 63:b5:35:f8:d4:97:1c:0c:ae:5a:55:77:67:80:27:16:c7:c7: 68:68:c4:c0:0f:3f:6e:2f:4e:7a:de:cf:34:7e:ce:82:da:07: 86:fb:02:40 -----BEGIN CERTIFICATE----- MIIEzTCCA7WgAwIBAgICEIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTA4MjIw ODU3NTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDdEMUU0RDA0RjNFN0Iw MzdDOUREOUYwRjI1NjMwMjhBREQ5QkE2RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCWTfMvwBKoa8hy3jMOONt3V73xPktD6i/ZdFX6t5T8Hu5HgZfr qse/0xx5QWEeXqIW8B3V+Uom9+JoKNoZ0Hu5JLPlwgOXfjH+2LQwvydUWk/sVTPA 6AeT062jxYZKPxJ4J/YNK3eTS3UkdOFqG5ceSTMJRl4r2dCdMHvDuPceVohWi3Al 48gMDq+rSYfly3w55OetxAY8ack+Fdu2PGMVlX2IlVIdBH7+OMJxqeYXLGmcMenR LHY9UOXz7CVOj7q/oDR8z5ITDEBP8icFZSNrtC/sg4+flRFz6Gp00fRHjqlZUr0L g0NBR1xZ2ggK7ezJmBlJezJ6kWHvvpR8QWUHAgMBAAGjggHpMIIB5TAdBgNVHQ4E FgQUfR5NBPPnsDfJ3Z8PJWMCit2bpuswHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75 mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL2ZSNU5CUFBuc0RmSjNaOFBKV01DaXQy YnB1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G CSqGSIb3DQEBCwUAA4IBAQCSlBqtO2xyiog9nD0/mlKTcIOM1Vhh+jSkMllMYXP8 3LLsLO0qg4WxPq5u8bBDFbrbO4FekKWTvXMARLX1ofGlmZg3UwjbLo5gehY62exh yIIluFyQq2TyJzol7CedBsPST8V6ioslZwu/NIYMYNCfPcM1parahsLqLZPKu6aI otWzFdG60rf8bPGtm9yDeBMN0BSYM9vwIvdSDA8XD0Y3N/ujA5Sl+8T7k+Hk88wA wPO8FiQmvC3qYNDbYA9P92OFxVc02FqUTUO8XhRet0IkMq/tBTF+8MdjtTX41Jcc DK5aVXdngCcWx8doaMTADz9uL0563s80fs6C2geG+wJA -----END CERTIFICATE-----Generated at Sun Aug 24 09:40:12 2025 by rpki-client