$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa File: ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa (raw, json) Hash identifier: nGNdPlehNsyC/vhrZQBSSfQvvs0dDNLxHzVa0VyecJA= Subject key identifier: 64:ED:61:E4:F1:66:D0:99:60:26:9B:01:C0:F9:D7:65:1C:F4:69:72 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 1290 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa Signing time: Fri 22 Aug 2025 08:49:28 +0000 ROA not before: Fri 22 Aug 2025 08:49:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17809 IP address blocks: 210.209.128.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:26:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4752 (0x1290) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 22 08:49:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=64ED61E4F166D09960269B01C0F9D7651CF46972 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:66:fd:44:17:f8:5d:09:60:35:74:5e:48:4b: 0d:2c:bb:16:c9:4c:16:bd:a9:42:62:d4:0d:60:99: 9b:15:07:54:a7:a8:20:72:ba:44:7d:28:93:70:75: 6e:1a:be:1d:e0:38:01:98:dd:f4:fb:72:7e:3d:9d: 11:36:60:fa:52:a6:26:e1:0b:e6:f7:09:c8:80:b2: 60:09:5b:3c:ed:9c:33:5f:bb:b9:82:01:a3:fb:f8: f9:f5:20:65:66:61:83:eb:0b:4f:fd:b9:d2:1e:5f: 03:95:48:cd:ff:e2:70:20:2f:45:a4:ca:5a:a6:69: 32:a7:38:61:cd:9d:3d:55:ff:d7:3e:e6:c8:6b:06: d8:06:96:80:72:43:a3:02:3a:9e:a5:6b:ef:1d:92: a5:70:a2:6f:ef:39:bf:a0:a0:f6:ab:f5:59:c0:b1: 13:b0:09:df:48:ac:6f:61:7f:46:9e:85:ab:fc:ef: 65:64:e0:d1:3e:f1:0e:3a:9a:26:eb:53:e0:1a:1c: 12:50:10:4a:21:9a:76:37:09:12:31:96:de:ee:60: e5:1a:f9:a0:c4:f0:8b:c2:0f:02:41:c6:4c:56:8b: b7:9a:c3:09:fa:e5:d0:07:ac:e4:7e:a9:4a:56:98: f3:17:ef:c1:2a:42:22:08:ad:ec:a6:2e:17:ae:07: a1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:ED:61:E4:F1:66:D0:99:60:26:9B:01:C0:F9:D7:65:1C:F4:69:72 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.209.128.0/20 Signature Algorithm: sha256WithRSAEncryption 36:ea:1c:ce:1e:f0:19:74:2f:36:a6:6b:31:5e:60:06:12:5b: ba:1c:b6:e2:d4:f7:56:72:9e:12:e3:4f:89:f6:58:fb:31:ba: 96:8f:7f:98:1e:90:6b:30:2d:17:c6:1d:99:28:18:42:4c:de: c6:d9:bc:74:0c:72:28:e4:5d:06:3a:0e:c9:63:18:0c:e6:d0: 43:18:9f:f3:06:22:61:57:69:a0:e1:b3:e5:29:db:af:34:ef: 1c:ef:55:70:b1:cf:2a:7d:fa:e1:6d:e5:87:58:58:d7:6d:31: af:dd:28:e5:97:b7:b4:b9:59:64:7e:be:95:30:bd:13:ef:13: de:16:12:4a:97:49:32:a8:c4:0d:76:04:cf:49:84:a9:81:50: fa:61:b6:fa:00:b3:fe:69:be:21:1e:f4:f1:bd:3d:95:1f:ea: ec:d6:2d:b0:a3:20:47:62:ee:db:07:76:67:82:72:b6:61:21: 63:d9:e5:1b:ed:8e:ba:26:46:49:67:6a:e8:64:db:7e:76:4e: bf:27:30:7c:ad:50:25:8c:08:ab:ef:0f:ef:6e:9f:80:eb:ff: 26:5b:9e:24:09:91:d2:e4:89:22:b3:9d:40:9c:5c:14:cc:2a: 8e:8a:16:75:65:94:69:8e:7e:d8:04:fd:f0:53:cb:29:b5:e5: 6f:80:1f:9d -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw ODQ5MjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY0RUQ2MUU0RjE2NkQw OTk2MDI2OUIwMUMwRjlENzY1MUNGNDY5NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9Zv1EF/hdCWA1dF5ISw0suxbJTBa9qUJi1A1gmZsVB1SnqCBy ukR9KJNwdW4avh3gOAGY3fT7cn49nRE2YPpSpibhC+b3CciAsmAJWzztnDNfu7mC AaP7+Pn1IGVmYYPrC0/9udIeXwOVSM3/4nAgL0WkylqmaTKnOGHNnT1V/9c+5shr BtgGloByQ6MCOp6la+8dkqVwom/vOb+goPar9VnAsROwCd9IrG9hf0aehav872Vk 4NE+8Q46mibrU+AaHBJQEEohmnY3CRIxlt7uYOUa+aDE8IvCDwJBxkxWi7eawwn6 5dAHrOR+qUpWmPMX78EqQiIIreymLheuB6HBAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUZO1h5PFm0JlgJpsBwPnXZRz0aXIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWk8xaDVQRm0wSmxnSnBzQndQblha UnowYVhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLRgDAN BgkqhkiG9w0BAQsFAAOCAQEANuoczh7wGXQvNqZrMV5gBhJbuhy24tT3VnKeEuNP ifZY+zG6lo9/mB6QazAtF8YdmSgYQkzextm8dAxyKORdBjoOyWMYDObQQxif8wYi YVdpoOGz5SnbrzTvHO9VcLHPKn364W3lh1hY120xr90o5Ze3tLlZZH6+lTC9E+8T 3hYSSpdJMqjEDXYEz0mEqYFQ+mG2+gCz/mm+IR708b09lR/q7NYtsKMgR2Lu2wd2 Z4JytmEhY9nlG+2OuiZGSWdq6GTbfnZOvycwfK1QJYwIq+8P726fgOv/JlueJAmR 0uSJIrOdQJxcFMwqjooWdWWUaY5+2AT98FPLKbXlb4AfnQ== -----END CERTIFICATE-----Generated at Mon Oct 20 23:14:27 2025 by rpki-client