$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/0cxKCZB0ek4NgHe_iFBOH819kLY.roa File: 0cxKCZB0ek4NgHe_iFBOH819kLY.roa (raw, json) Hash identifier: 7MpTEZPC3mEc/U+uLZmLOVpfu2QgmwbiPzL45AFie+g= Subject key identifier: D1:CC:4A:09:90:74:7A:4E:0D:80:77:BF:88:50:4E:1F:CD:7D:90:B6 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 1254 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/0cxKCZB0ek4NgHe_iFBOH819kLY.roa Signing time: Fri 22 Aug 2025 08:49:14 +0000 ROA not before: Fri 22 Aug 2025 08:49:14 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17809 IP address blocks: 121.254.80.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4692 (0x1254) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 22 08:49:14 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D1CC4A0990747A4E0D8077BF88504E1FCD7D90B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:32:7d:63:50:df:39:61:c6:63:49:31:2a:a0: 5b:65:fe:a4:b8:43:50:d6:9a:47:98:7d:b4:52:b1: 8c:75:da:4f:95:be:31:b3:43:23:e8:d9:3a:1b:29: 40:e0:de:97:94:88:7a:10:c0:43:8e:df:3b:02:f6: 02:0d:6b:08:f2:f5:d9:a9:33:a1:34:76:74:fe:ba: 8d:a4:ac:21:39:bf:bb:38:f4:91:5c:3a:fe:2f:76: bb:cd:4d:b7:05:23:15:71:b9:35:9d:7a:86:28:3e: ee:44:fa:8e:b4:20:5a:6d:e1:6a:dd:8d:d9:b0:8b: 4c:a2:48:79:b1:ce:58:44:0e:6f:c0:f5:1b:cb:9c: ee:25:5b:47:94:9b:ca:9c:c3:2f:29:5d:9a:a5:62: fa:23:e9:b2:63:be:52:13:52:75:9b:a0:99:92:66: dc:cd:e4:16:e8:bd:9a:5d:89:5b:da:0d:ff:a4:98: d4:85:db:3e:d0:e1:da:68:00:c5:19:c6:18:87:6a: a2:f8:65:95:f5:af:cc:70:88:83:f6:e3:2d:ad:a4: 79:07:97:38:74:2c:86:f1:9a:7a:b6:48:03:a4:00: 74:2b:18:76:4e:c7:7f:1b:f6:c2:c1:93:cb:6a:fe: 63:cd:1c:c4:8f:8c:b0:a9:f6:8b:0e:90:47:c8:fc: 89:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:CC:4A:09:90:74:7A:4E:0D:80:77:BF:88:50:4E:1F:CD:7D:90:B6 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/0cxKCZB0ek4NgHe_iFBOH819kLY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 121.254.80.0/21 Signature Algorithm: sha256WithRSAEncryption 73:ed:b7:39:b3:1e:62:86:02:e2:ab:0b:be:83:9c:e2:a4:65: 43:41:b6:00:0d:10:65:35:cf:4f:ea:f8:26:ef:a1:13:70:a1: 34:26:d0:50:0c:88:8c:ad:03:40:47:6d:4e:a0:1b:20:b5:e2: b3:c9:62:c1:a1:28:d1:e4:ae:a3:46:db:71:04:36:81:d4:43: 60:89:88:d4:7c:c4:47:90:78:f1:4f:ad:55:e9:d4:a7:a2:a2: df:8d:48:b8:63:32:e1:a6:c4:4e:2b:75:53:24:67:4a:b3:7a: aa:ab:ea:0c:af:62:45:24:23:fc:8b:0f:e2:c9:04:ee:12:fe: ab:68:ef:f1:c2:04:cc:71:bd:50:6a:4f:3c:40:1e:18:16:05: b3:f0:05:8b:25:ea:03:d7:46:a8:da:73:d5:a5:0c:d6:56:01: a0:69:8f:a2:d0:24:5f:25:8f:87:a1:e7:56:af:a5:e6:b8:70: 56:f6:5e:52:d0:35:06:ff:d6:8c:1c:95:78:1b:aa:ce:a6:ae: 06:64:f3:b9:a7:47:cd:1c:7e:99:7c:21:d3:45:c6:4f:95:6b: 71:30:ea:56:f1:d1:d9:67:96:de:ad:42:34:3d:97:8f:bc:b0: ac:58:85:83:4e:30:ce:aa:89:13:f4:5f:9e:60:eb:d7:c0:1e: d9:01:ec:93 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICElQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw ODQ5MTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQxQ0M0QTA5OTA3NDdB NEUwRDgwNzdCRjg4NTA0RTFGQ0Q3RDkwQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrMn1jUN85YcZjSTEqoFtl/qS4Q1DWmkeYfbRSsYx12k+VvjGz QyPo2TobKUDg3peUiHoQwEOO3zsC9gINawjy9dmpM6E0dnT+uo2krCE5v7s49JFc Ov4vdrvNTbcFIxVxuTWdeoYoPu5E+o60IFpt4Wrdjdmwi0yiSHmxzlhEDm/A9RvL nO4lW0eUm8qcwy8pXZqlYvoj6bJjvlITUnWboJmSZtzN5BbovZpdiVvaDf+kmNSF 2z7Q4dpoAMUZxhiHaqL4ZZX1r8xwiIP24y2tpHkHlzh0LIbxmnq2SAOkAHQrGHZO x38b9sLBk8tq/mPNHMSPjLCp9osOkEfI/ImrAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU0cxKCZB0ek4NgHe/iFBOH819kLYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvMGN4S0NaQjBlazROZ0hlX2lGQk9I ODE5a0xZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+UDAN BgkqhkiG9w0BAQsFAAOCAQEAc+23ObMeYoYC4qsLvoOc4qRlQ0G2AA0QZTXPT+r4 Ju+hE3ChNCbQUAyIjK0DQEdtTqAbILXis8liwaEo0eSuo0bbcQQ2gdRDYImI1HzE R5B48U+tVenUp6Ki341IuGMy4abETit1UyRnSrN6qqvqDK9iRSQj/IsP4skE7hL+ q2jv8cIEzHG9UGpPPEAeGBYFs/AFiyXqA9dGqNpz1aUM1lYBoGmPotAkXyWPh6Hn Vq+l5rhwVvZeUtA1Bv/WjByVeBuqzqauBmTzuadHzRx+mXwh00XGT5VrcTDqVvHR 2WeW3q1CND2Xj7ywrFiFg04wzqqJE/RfnmDr18Ae2QHskw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:15:13 2025 by rpki-client