$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Z-KU2BaqSGrqNrQSpxPVuDAf5Q4.roa File: Z-KU2BaqSGrqNrQSpxPVuDAf5Q4.roa (raw, json) Hash identifier: o4M/7MPAs9WJkdeUIzIVImeCknUl7qciwhcNfFVuAZg= Subject key identifier: 67:E2:94:D8:16:AA:48:6A:EA:36:B4:12:A7:13:D5:B8:30:1F:E5:0E Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Certificate serial: 0E8D Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Z-KU2BaqSGrqNrQSpxPVuDAf5Q4.roa Signing time: Fri 22 Aug 2025 09:03:22 +0000 ROA not before: Fri 22 Aug 2025 09:03:22 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9244 IP address blocks: 113.21.176.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 02:44:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3725 (0xe8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97 Validity Not Before: Aug 22 09:03:22 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=67E294D816AA486AEA36B412A713D5B8301FE50E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d3:e6:07:52:db:c0:32:38:3b:ab:82:20:90: b6:d8:65:a0:65:7b:25:1c:b7:e5:ef:ee:fd:69:66: 73:10:bd:26:78:3f:07:f0:5c:27:28:bb:16:c8:c9: 36:ae:fc:fe:06:70:51:b0:23:75:37:02:8c:0b:51: 11:07:50:28:aa:f0:bc:4d:4f:c4:9c:ed:97:b8:b7: 5d:ca:63:b1:00:a6:4c:f8:c7:2d:a7:e1:65:ca:a0: 1b:53:8a:c3:7f:d8:73:a8:bb:da:27:30:2d:c9:88: 37:90:cb:b6:f2:d2:61:42:7b:f6:be:ea:72:51:10: 12:d0:ab:c9:26:9c:a3:ab:7e:7c:28:d2:e2:8a:2d: 9b:6c:16:c5:23:14:3b:81:01:65:59:5e:b9:67:b3: 8b:58:ec:f3:5f:3e:e1:6d:9f:dc:8e:44:7f:c9:4c: 49:74:68:5f:eb:62:6c:bd:70:2b:e4:73:b0:1d:2e: 5c:8b:d8:f3:c0:43:b2:e3:12:56:2c:b4:fe:17:20: 79:ff:9b:a7:0e:4e:85:73:13:2f:70:ea:ae:0f:b9: 2a:2e:5a:f4:9b:8e:71:e9:32:51:50:a4:b5:b9:31: 1a:23:fd:1a:1f:ca:64:27:64:d4:97:fd:af:f8:d7: e4:2c:da:b2:c5:ad:8d:2e:b0:6e:be:32:03:a8:31: 42:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:E2:94:D8:16:AA:48:6A:EA:36:B4:12:A7:13:D5:B8:30:1F:E5:0E X509v3 Authority Key Identifier: keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/Z-KU2BaqSGrqNrQSpxPVuDAf5Q4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.21.176.0/21 Signature Algorithm: sha256WithRSAEncryption 80:5c:28:da:66:39:88:ba:be:44:84:1f:b3:be:10:d9:eb:d7: 4b:15:f6:dc:2b:55:06:99:61:f7:c5:80:27:d9:0f:26:47:e7: 2e:c7:51:77:5e:f1:cf:a2:0b:0e:4c:ec:79:ed:c4:60:c0:79: cd:3a:46:a6:68:e3:30:2f:02:04:98:b8:58:12:e0:21:84:3d: 87:2c:fd:97:20:0d:0f:47:0b:4f:ed:82:aa:e1:2e:ca:96:22: 6b:73:9b:bf:94:97:1e:6b:3f:59:55:54:61:43:39:d3:3b:35: eb:d2:43:e5:9f:81:e5:ac:ce:7b:16:76:6f:b8:3a:89:36:07: 5d:3c:39:d6:6e:4d:d6:56:a6:36:d8:3b:e4:ec:a8:81:22:98: d4:65:7d:04:ad:a8:a9:b0:b1:23:27:6d:66:c2:f6:37:7f:31: d0:6e:7f:a3:da:4a:1e:b2:f2:37:d7:b4:3b:95:0d:9b:08:fe: 90:9b:0e:b9:21:f4:31:a1:79:f0:6e:b7:9f:e4:8d:0c:11:ad: 85:b2:86:cd:7c:0a:02:88:3d:b2:b9:61:ac:5d:c9:c7:7b:a4: a9:e8:f7:e3:f4:11:e1:b9:f4:1a:c6:5d:58:0b:c1:4b:ca:8f: 09:79:7e:b8:9e:09:c1:53:00:7d:39:68:ec:6f:33:66:0c:59: 78:29:5e:35 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTA4MjIw OTAzMjJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY3RTI5NEQ4MTZBQTQ4 NkFFQTM2QjQxMkE3MTNENUI4MzAxRkU1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC30+YHUtvAMjg7q4IgkLbYZaBleyUct+Xv7v1pZnMQvSZ4Pwfw XCcouxbIyTau/P4GcFGwI3U3AowLUREHUCiq8LxNT8Sc7Ze4t13KY7EApkz4xy2n 4WXKoBtTisN/2HOou9onMC3JiDeQy7by0mFCe/a+6nJREBLQq8kmnKOrfnwo0uKK LZtsFsUjFDuBAWVZXrlns4tY7PNfPuFtn9yORH/JTEl0aF/rYmy9cCvkc7AdLlyL 2PPAQ7LjElYstP4XIHn/m6cOToVzEy9w6q4PuSouWvSbjnHpMlFQpLW5MRoj/Rof ymQnZNSX/a/41+Qs2rLFrY0usG6+MgOoMULRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUZ+KU2BaqSGrqNrQSpxPVuDAf5Q4wHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1otS1UyQmFxU0dycU5yUVNw eFBWdURBZjVRNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANx FbAwDQYJKoZIhvcNAQELBQADggEBAIBcKNpmOYi6vkSEH7O+ENnr10sV9twrVQaZ YffFgCfZDyZH5y7HUXde8c+iCw5M7HntxGDAec06RqZo4zAvAgSYuFgS4CGEPYcs /ZcgDQ9HC0/tgqrhLsqWImtzm7+Ulx5rP1lVVGFDOdM7NevSQ+WfgeWsznsWdm+4 Ook2B108OdZuTdZWpjbYO+TsqIEimNRlfQStqKmwsSMnbWbC9jd/MdBuf6PaSh6y 8jfXtDuVDZsI/pCbDrkh9DGhefBut5/kjQwRrYWyhs18CgKIPbK5Yaxdycd7pKno 9+P0EeG59BrGXVgLwUvKjwl5frieCcFTAH05aOxvM2YMWXgpXjU= -----END CERTIFICATE-----Generated at Mon Aug 25 01:23:31 2025 by rpki-client