$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/2DXtBndph7KBbLSZ7wNPpKHVr1k.roa File: 2DXtBndph7KBbLSZ7wNPpKHVr1k.roa (raw, json) Hash identifier: PfRM3PouBk3LC07N+F98u7UG+qiOufudkhMZYoN3nGs= Subject key identifier: D8:35:ED:06:77:69:87:B2:81:6C:B4:99:EF:03:4F:A4:A1:D5:AF:59 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 122E Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/2DXtBndph7KBbLSZ7wNPpKHVr1k.roa Signing time: Fri 22 Aug 2025 08:49:04 +0000 ROA not before: Fri 22 Aug 2025 08:49:04 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17809 IP address blocks: 121.254.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4654 (0x122e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 22 08:49:04 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D835ED06776987B2816CB499EF034FA4A1D5AF59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e6:99:23:93:87:73:1a:5a:1e:3f:6d:1f:1e: 05:34:5e:12:3a:9b:69:5f:32:9e:87:ea:46:72:ad: e0:6b:93:2a:d0:39:6b:89:21:a3:9a:41:96:25:46: 27:f3:73:8b:dd:c4:12:ab:81:24:f1:8a:95:c0:66: 21:0b:43:3a:75:3c:6a:3b:69:e8:cf:88:70:91:b2: c8:5d:58:97:b3:58:30:47:6c:3a:e6:2a:87:e0:95: cf:96:5e:80:35:72:f9:55:60:89:4b:a4:a8:c7:fc: 17:e1:08:ea:f3:a6:3c:b4:e3:8a:4a:9b:34:5d:f1: e3:d2:ef:f5:b0:b2:d7:22:44:63:d6:97:6b:52:2a: aa:73:9c:a1:5c:ed:31:11:fd:58:0a:24:25:c0:e8: 15:f2:db:dc:ab:28:ef:cb:cc:c4:81:59:aa:c5:ab: 38:89:e1:60:03:d8:58:68:04:da:63:40:c5:5d:a7: 45:c8:5e:34:b8:7a:95:9c:63:bb:6a:66:2f:d6:bb: 30:43:e0:0a:bb:fe:2c:74:ae:ec:6d:c6:4d:15:f4: 21:c9:79:dd:28:79:97:20:e4:e2:15:e7:ec:8e:db: e4:a6:e3:c1:6f:83:32:8a:cd:f7:06:02:ba:27:a5: 39:4d:5b:99:f4:b7:ba:38:e1:c1:6c:2c:6a:15:0b: 6e:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:35:ED:06:77:69:87:B2:81:6C:B4:99:EF:03:4F:A4:A1:D5:AF:59 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/2DXtBndph7KBbLSZ7wNPpKHVr1k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 121.254.88.0/21 Signature Algorithm: sha256WithRSAEncryption 24:20:d0:5f:7c:25:2f:6d:32:e9:51:ca:27:fd:b5:c4:ef:3c: 6c:a0:16:67:92:f5:d6:40:25:3e:06:e6:cb:05:c5:0e:a1:d9: a4:54:a3:fb:74:c9:e7:09:38:88:e4:8c:a6:43:7a:65:78:d0: f2:a2:8c:4d:e5:93:ba:ed:1b:c8:a1:ab:52:bb:e1:54:97:b0: 04:92:97:68:0b:19:78:ea:53:f2:fb:fb:bc:f7:23:fd:0d:00: d5:0d:42:0c:ab:bc:76:b5:8b:f2:d8:a3:01:9f:a5:86:ef:69: 3d:25:60:63:dd:00:b8:35:c2:cc:ae:4d:e0:e5:b5:da:99:50: a7:23:d4:e9:4a:ed:01:d5:a5:cc:52:a0:aa:c6:86:12:12:f4: 3c:04:9c:40:78:1d:a0:c1:fb:c6:5d:9c:e2:cf:b9:a1:6a:b0: be:72:fb:3b:f0:75:76:bd:b1:d9:e9:95:ac:ca:ae:db:42:f4: 2a:22:cf:f3:0d:4a:fb:d3:5c:77:94:be:2f:f6:c7:4f:b7:70: ee:8c:28:3f:55:9b:2e:45:aa:69:5c:f5:dd:91:f1:a9:9c:69: 03:93:a3:cc:ea:81:30:a1:aa:29:a0:d9:b4:70:8c:21:18:03: 2e:34:3d:04:8d:eb:84:65:a8:ee:8d:69:37:14:b6:32:20:f4: 8f:75:e7:02 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw ODQ5MDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ4MzVFRDA2Nzc2OTg3 QjI4MTZDQjQ5OUVGMDM0RkE0QTFENUFGNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDD5pkjk4dzGloeP20fHgU0XhI6m2lfMp6H6kZyreBrkyrQOWuJ IaOaQZYlRifzc4vdxBKrgSTxipXAZiELQzp1PGo7aejPiHCRsshdWJezWDBHbDrm Kofglc+WXoA1cvlVYIlLpKjH/BfhCOrzpjy044pKmzRd8ePS7/WwstciRGPWl2tS KqpznKFc7TER/VgKJCXA6BXy29yrKO/LzMSBWarFqziJ4WAD2FhoBNpjQMVdp0XI XjS4epWcY7tqZi/WuzBD4Aq7/ix0ruxtxk0V9CHJed0oeZcg5OIV5+yO2+Sm48Fv gzKKzfcGAronpTlNW5n0t7o44cFsLGoVC25JAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU2DXtBndph7KBbLSZ7wNPpKHVr1kwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvMkRYdEJuZHBoN0tCYkxTWjd3TlBw S0hWcjFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+WDAN BgkqhkiG9w0BAQsFAAOCAQEAJCDQX3wlL20y6VHKJ/21xO88bKAWZ5L11kAlPgbm ywXFDqHZpFSj+3TJ5wk4iOSMpkN6ZXjQ8qKMTeWTuu0byKGrUrvhVJewBJKXaAsZ eOpT8vv7vPcj/Q0A1Q1CDKu8drWL8tijAZ+lhu9pPSVgY90AuDXCzK5N4OW12plQ pyPU6UrtAdWlzFKgqsaGEhL0PAScQHgdoMH7xl2c4s+5oWqwvnL7O/B1dr2x2emV rMqu20L0KiLP8w1K+9Ncd5S+L/bHT7dw7owoP1WbLkWqaVz13ZHxqZxpA5OjzOqB MKGqKaDZtHCMIRgDLjQ9BI3rhGWo7o1pNxS2MiD0j3XnAg== -----END CERTIFICATE-----Generated at Sun Aug 24 09:15:06 2025 by rpki-client