$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/9sXuZ2KbAGLPU3baRmi8DVq9aIo.roa File: 9sXuZ2KbAGLPU3baRmi8DVq9aIo.roa (raw, json) Hash identifier: Qr3fvqPvt7SS/O589HCX7D+AJwiWEsPJL9ak+oVQk00= Subject key identifier: F6:C5:EE:67:62:9B:00:62:CF:53:76:DA:46:68:BC:0D:5A:BD:68:8A Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0E90 Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/9sXuZ2KbAGLPU3baRmi8DVq9aIo.roa Signing time: Fri 22 Aug 2025 09:03:23 +0000 ROA not before: Fri 22 Aug 2025 09:03:23 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9244 IP address blocks: 113.21.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 02:44:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3728 (0xe90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Aug 22 09:03:23 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=F6C5EE67629B0062CF5376DA4668BC0D5ABD688A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:1d:a6:c8:f3:ff:fa:d3:f5:6d:f4:69:2a:e1: db:8e:ea:63:fb:9b:2a:08:0d:f7:1d:ae:fb:f3:59: 26:26:1d:57:c0:13:9e:58:a5:b0:bd:0c:e0:b2:7d: 5a:09:7d:c7:26:f7:55:13:a5:04:b8:96:c5:98:f3: c5:8b:bc:31:70:02:5a:d3:41:0d:43:a4:12:f1:24: 35:c0:98:6c:b8:91:76:4b:d1:82:23:68:53:6a:66: dc:83:15:cc:f6:98:44:89:11:ef:b6:d9:e2:7d:b6: 59:ff:95:87:c7:4b:8b:8d:33:df:b2:f8:1f:a8:61: 40:f9:c2:ee:37:a4:ad:25:c0:1a:ce:e1:1a:17:e3: d3:6b:27:34:9a:bb:5c:ce:d5:ef:46:04:fc:79:d4: 7a:07:c6:99:be:7b:15:86:2d:ba:0d:69:28:3e:1e: ff:07:1c:19:b6:84:6e:a3:46:c1:f8:67:0f:85:97: 7a:d5:72:3a:2c:4f:1b:de:9d:e7:35:e9:20:d4:6a: 17:53:8d:79:1d:34:8c:6d:b9:a6:45:93:a7:1c:f9: e2:75:c3:94:20:4c:7b:5c:28:96:88:38:05:cd:4b: cc:0e:03:80:ad:64:a8:25:19:11:02:c4:ae:d6:0c: e8:f1:90:1e:1c:0b:af:e0:88:26:71:8b:a5:52:da: a0:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C5:EE:67:62:9B:00:62:CF:53:76:DA:46:68:BC:0D:5A:BD:68:8A X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/9sXuZ2KbAGLPU3baRmi8DVq9aIo.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.21.160.0/20 Signature Algorithm: sha256WithRSAEncryption 80:d5:fb:11:69:09:75:02:04:d9:7b:d6:5f:bb:7f:0e:24:bd: 2f:66:f6:d1:7c:9d:e8:97:8b:10:87:e3:22:92:48:6a:b9:8d: 95:ef:5a:62:32:10:a5:ff:87:fc:1c:6c:8a:a6:32:40:3e:2f: 0c:f6:5f:21:4f:7e:be:0a:43:30:45:45:8c:58:6b:e5:2c:80: f6:00:44:e4:84:9d:c8:28:f3:ed:45:d4:64:c9:04:bb:50:cf: d7:ee:5d:de:93:c8:a9:82:1d:67:e5:4f:36:fd:6a:5f:4d:46: 23:85:4b:4c:fc:d9:93:2b:7c:a2:5f:63:c1:cd:f7:8f:6f:98: 7d:b4:62:a4:d8:76:76:65:39:96:7e:d7:a4:4d:a9:eb:7f:cf: b1:d6:1f:91:6c:ba:48:9b:d2:9c:42:74:d1:5b:4e:a7:29:20: 41:3d:48:07:7b:23:33:91:0d:ab:72:ae:05:e3:ba:9e:ec:d6: a3:72:56:ab:64:72:53:90:b0:61:66:d5:ca:d3:90:e5:04:69: b5:9c:a3:dd:30:b5:fa:b0:0f:98:2c:cb:20:61:cf:cb:5d:23: e7:20:2f:56:fa:d2:97:dc:fe:ee:e6:42:17:4d:9c:e4:22:c4: 98:cb:ed:e5:bc:1b:84:b1:30:e4:5b:a4:7b:54:1c:a9:3c:c0: 30:9d:74:c2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTA4MjIw OTAzMjNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEY2QzVFRTY3NjI5QjAw NjJDRjUzNzZEQTQ2NjhCQzBENUFCRDY4OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWHabI8//60/Vt9Gkq4duO6mP7myoIDfcdrvvzWSYmHVfAE55Y pbC9DOCyfVoJfccm91UTpQS4lsWY88WLvDFwAlrTQQ1DpBLxJDXAmGy4kXZL0YIj aFNqZtyDFcz2mESJEe+22eJ9tln/lYfHS4uNM9+y+B+oYUD5wu43pK0lwBrO4RoX 49NrJzSau1zO1e9GBPx51HoHxpm+exWGLboNaSg+Hv8HHBm2hG6jRsH4Zw+Fl3rV cjosTxvenec16SDUahdTjXkdNIxtuaZFk6cc+eJ1w5QgTHtcKJaIOAXNS8wOA4Ct ZKglGRECxK7WDOjxkB4cC6/giCZxi6VS2qB/AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU9sXuZ2KbAGLPU3baRmi8DVq9aIowHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVULzlzWHVaMktiQUdMUFUzYmFS bWk4RFZxOWFJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARx FaAwDQYJKoZIhvcNAQELBQADggEBAIDV+xFpCXUCBNl71l+7fw4kvS9m9tF8neiX ixCH4yKSSGq5jZXvWmIyEKX/h/wcbIqmMkA+Lwz2XyFPfr4KQzBFRYxYa+UsgPYA ROSEncgo8+1F1GTJBLtQz9fuXd6TyKmCHWflTzb9al9NRiOFS0z82ZMrfKJfY8HN 949vmH20YqTYdnZlOZZ+16RNqet/z7HWH5Fsukib0pxCdNFbTqcpIEE9SAd7IzOR DatyrgXjup7s1qNyVqtkclOQsGFm1crTkOUEabWco90wtfqwD5gsyyBhz8tdI+cg L1b60pfc/u7mQhdNnOQixJjL7eW8G4SxMORbpHtUHKk8wDCddMI= -----END CERTIFICATE-----Generated at Mon Aug 25 01:23:30 2025 by rpki-client