$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nuZHNHeVjXeEyKu2nXh9LdjZvIc.roa File: nuZHNHeVjXeEyKu2nXh9LdjZvIc.roa (raw, json) Hash identifier: tiGlcUa29EOsXu20L1oWa5hDlo6TqyME8dBi6bYBbDQ= Subject key identifier: 9E:E6:47:34:77:95:8D:77:84:C8:AB:B6:9D:78:7D:2D:D8:D9:BC:87 Certificate issuer: /CN=552B16164C361040D88F32D36509448CF3BB9D25 Certificate serial: 0D96 Authority key identifier: 55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nuZHNHeVjXeEyKu2nXh9LdjZvIc.roa Signing time: Fri 22 Aug 2025 08:52:50 +0000 ROA not before: Fri 22 Aug 2025 08:52:50 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 10135 IP address blocks: 49.128.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3478 (0xd96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=552B16164C361040D88F32D36509448CF3BB9D25 Validity Not Before: Aug 22 08:52:50 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=9EE6473477958D7784C8ABB69D787D2DD8D9BC87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:92:f7:6e:64:ee:15:4a:86:df:be:21:48:49: 89:74:c2:d9:51:85:dc:2a:d1:c6:bc:23:a4:c6:8d: 23:71:6b:39:f1:e1:f0:a3:18:ea:38:18:5f:94:ca: e1:6c:1a:cf:c3:b0:ed:a9:a2:57:f7:20:98:53:8b: 9c:a9:9a:89:39:14:d7:ec:36:90:e0:36:c7:b8:67: 2c:4e:32:d0:87:e0:65:77:5a:a6:f1:96:53:b0:d7: 80:97:90:30:f9:80:ae:6a:c6:e9:ce:b9:ee:58:f6: c4:13:b9:c1:2f:e7:4c:dc:d6:7b:f3:5d:82:11:9d: 5d:67:e5:79:7b:9f:c5:05:9e:43:fc:f7:94:f7:d3: bf:d8:12:97:ee:4b:12:c1:02:cd:f4:9f:94:67:fd: 78:9d:51:c2:35:41:c5:1b:05:73:ab:c0:e9:da:99: 70:86:46:6e:34:3f:bf:f6:0e:b8:e9:e7:4a:0e:22: e4:0d:d0:61:4f:1c:1b:dc:82:20:cc:39:d0:77:68: 98:c9:95:b8:94:65:50:47:ea:f9:85:e1:05:6b:60: 60:85:39:e7:2a:14:19:56:47:2a:ae:22:ab:ec:7e: c2:b4:20:45:8e:dd:76:2e:13:65:24:05:ba:d1:31: 05:e3:37:26:ac:2c:fe:9b:2e:09:32:98:e0:f3:d7: 60:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:E6:47:34:77:95:8D:77:84:C8:AB:B6:9D:78:7D:2D:D8:D9:BC:87 X509v3 Authority Key Identifier: keyid:55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/nuZHNHeVjXeEyKu2nXh9LdjZvIc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.128.112.0/20 Signature Algorithm: sha256WithRSAEncryption 37:a4:63:56:e5:5e:08:97:0b:7e:b0:b2:98:3c:91:9d:69:cd: 99:71:ac:1d:56:84:18:4b:bb:00:9a:86:9c:3b:31:46:48:71: 30:f2:66:60:6e:a5:de:b0:e5:2f:17:4a:95:da:7c:2f:98:0d: 8c:3a:25:66:85:7b:29:35:a9:f4:80:b1:c0:23:30:63:43:cf: 30:45:ab:32:c7:34:a2:2c:21:15:4c:91:06:e6:6a:94:90:e5: f9:6f:8d:2e:4c:f6:28:21:36:f3:e8:08:24:6f:4a:1b:31:67: 9c:f7:3b:d7:cf:30:0e:3b:dc:6c:47:bc:e3:b3:1b:c0:ba:fd: 4e:ef:3f:0e:a8:58:37:d3:bb:e2:d1:b0:9f:cb:b6:34:a4:80: db:36:c0:20:f0:9a:ee:e4:79:18:c6:4c:68:ea:0d:c9:a3:2d: d6:c4:89:0a:eb:ff:50:55:2d:64:82:9a:10:46:71:ce:8a:c2: be:3c:64:7e:f5:90:22:3a:12:80:57:36:49:bb:05:74:20:97: fb:f7:72:6a:18:50:1f:ef:ec:5e:d5:7a:0d:ad:3e:29:63:21: 51:08:50:9f:ac:f2:18:db:0b:a0:37:62:4b:ad:0d:ea:63:59: 44:a0:12:b5:69:53:4a:8e:53:ca:dd:7a:bd:fd:53:38:a9:04: 25:7c:b8:ff -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICDZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTUy QjE2MTY0QzM2MTA0MEQ4OEYzMkQzNjUwOTQ0OENGM0JCOUQyNTAeFw0yNTA4MjIw ODUyNTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDlFRTY0NzM0Nzc5NThE Nzc4NEM4QUJCNjlENzg3RDJERDhEOUJDODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrkvduZO4VSobfviFISYl0wtlRhdwq0ca8I6TGjSNxaznx4fCj GOo4GF+UyuFsGs/DsO2polf3IJhTi5ypmok5FNfsNpDgNse4ZyxOMtCH4GV3Wqbx llOw14CXkDD5gK5qxunOue5Y9sQTucEv50zc1nvzXYIRnV1n5Xl7n8UFnkP895T3 07/YEpfuSxLBAs30n5Rn/XidUcI1QcUbBXOrwOnamXCGRm40P7/2Drjp50oOIuQN 0GFPHBvcgiDMOdB3aJjJlbiUZVBH6vmF4QVrYGCFOecqFBlWRyquIqvsfsK0IEWO 3XYuE2UkBbrRMQXjNyasLP6bLgkymODz12ALAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUnuZHNHeVjXeEyKu2nXh9LdjZvIcwHwYDVR0jBBgwFoAUVSsWFkw2EEDYjzLT ZQlEjPO7nSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUFTUE5F VC9WU3NXRmt3MkVFRFlqekxUWlFsRWpQTzduU1UuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL1ZTc1dGa3cyRUVEWWp6TFRaUWxFalBPN25TVS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0VBU1BORVQvbnVaSE5IZVZqWGVFeUt1 Mm5YaDlMZGpadkljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME BDGAcDANBgkqhkiG9w0BAQsFAAOCAQEAN6RjVuVeCJcLfrCymDyRnWnNmXGsHVaE GEu7AJqGnDsxRkhxMPJmYG6l3rDlLxdKldp8L5gNjDolZoV7KTWp9ICxwCMwY0PP MEWrMsc0oiwhFUyRBuZqlJDl+W+NLkz2KCE28+gIJG9KGzFnnPc7188wDjvcbEe8 47MbwLr9Tu8/DqhYN9O74tGwn8u2NKSA2zbAIPCa7uR5GMZMaOoNyaMt1sSJCuv/ UFUtZIKaEEZxzorCvjxkfvWQIjoSgFc2SbsFdCCX+/dyahhQH+/sXtV6Da0+KWMh UQhQn6zyGNsLoDdiS60N6mNZRKAStWlTSo5Tyt16vf1TOKkEJXy4/w== -----END CERTIFICATE-----Generated at Sun Aug 24 09:37:50 2025 by rpki-client