$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/xmzZ1pBLStsLyX0PgJDOQFOZEoU.roa File: xmzZ1pBLStsLyX0PgJDOQFOZEoU.roa (raw, json) Hash identifier: 4rmLTlRJjto1OdtgBLZ0RGBBRgHe+xzflYRwGhYaBS8= Subject key identifier: C6:6C:D9:D6:90:4B:4A:DB:0B:C9:7D:0F:80:90:CE:40:53:99:12:85 Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Certificate serial: 1244 Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xmzZ1pBLStsLyX0PgJDOQFOZEoU.roa Signing time: Fri 22 Aug 2025 08:49:10 +0000 ROA not before: Fri 22 Aug 2025 08:49:10 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17809 IP address blocks: 113.61.128.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4676 (0x1244) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6 Validity Not Before: Aug 22 08:49:10 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C66CD9D6904B4ADB0BC97D0F8090CE4053991285 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:64:10:6f:c1:5c:eb:2a:ca:2f:9f:11:e0:65: 61:17:2d:3b:01:0a:59:47:6a:5e:68:44:88:68:c9: dd:10:b8:9a:eb:8e:b6:40:7b:f6:0a:24:5b:f2:25: 41:07:b3:31:9e:b9:9e:3b:b6:f8:be:b2:f4:7a:bb: 0c:d9:e2:f6:d6:3f:66:08:9d:d7:8c:cf:e4:f3:ad: 60:d3:b5:17:db:32:84:46:bd:59:03:82:b6:ab:b8: b5:c3:2c:27:02:4e:32:55:88:6e:64:8d:35:c7:15: 0c:58:81:42:4c:10:70:d2:48:4e:74:2a:c7:e0:14: 5d:96:33:49:58:b1:5f:42:c3:c1:a9:72:21:32:54: e6:c9:b8:0e:06:55:63:6a:73:96:93:e1:f9:ce:0c: fc:9f:c5:6c:49:ab:d1:0e:c7:35:bf:66:50:85:e3: 92:36:1f:80:7d:56:c9:51:7a:89:aa:90:ce:76:39: 45:d3:a9:a6:19:fe:bb:81:02:31:07:ca:ef:ae:37: a0:20:23:23:1a:ba:3a:47:d8:48:ca:19:cd:51:c4: dc:40:e9:01:99:5e:57:78:80:cb:5f:81:29:e3:44: 82:df:df:5d:6b:54:7c:74:83:de:b2:92:23:1c:2f: 47:41:ce:18:63:3c:f9:d3:5f:00:80:9b:f4:82:69: f9:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:6C:D9:D6:90:4B:4A:DB:0B:C9:7D:0F:80:90:CE:40:53:99:12:85 X509v3 Authority Key Identifier: keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/xmzZ1pBLStsLyX0PgJDOQFOZEoU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.61.128.0/18 Signature Algorithm: sha256WithRSAEncryption 33:12:fb:26:49:70:5c:df:a8:dd:02:2a:89:a3:0e:9c:ce:3b: a3:c5:5e:01:51:81:7b:89:1e:97:4f:80:e6:04:c9:43:fc:ea: a0:1a:e9:40:70:10:19:75:01:eb:fb:e0:e1:6b:c5:84:2a:9c: c7:e9:ac:9f:d0:ed:19:42:8a:6f:95:cc:8d:43:c3:88:df:24: 0e:18:ba:e9:93:1d:bd:32:0e:69:50:af:f3:85:53:ac:47:ec: 2b:3a:40:ba:77:2a:54:14:bc:b2:cd:4c:75:fc:c6:30:31:57: c8:6b:35:b9:89:c4:fb:20:dc:ad:6d:a9:b3:4b:d9:90:35:10: 78:b5:18:2c:b5:aa:81:d4:27:c1:61:48:a3:8b:81:cb:49:4d: 01:c3:15:88:86:b1:0f:d0:70:99:12:ea:1f:54:ea:87:a9:b4: c7:7a:84:b9:05:12:78:f5:95:32:c5:00:29:b3:9a:80:ac:b2: f1:28:0c:c6:c5:23:66:f2:ba:41:1b:9f:84:ec:18:71:03:0d: ca:c5:14:e7:1c:b3:d5:50:ac:44:93:5c:a0:37:d6:87:13:ba: 14:1b:9d:d5:1a:db:a0:f4:d0:4d:55:cb:90:66:cf:e9:f4:6e: 28:72:e5:35:4c:f2:4a:97:ac:4a:06:a9:8a:18:2a:92:27:c4: 1c:5e:ff:a8 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0 NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw ODQ5MTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM2NkNEOUQ2OTA0QjRB REIwQkM5N0QwRjgwOTBDRTQwNTM5OTEyODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwZBBvwVzrKsovnxHgZWEXLTsBCllHal5oRIhoyd0QuJrrjrZA e/YKJFvyJUEHszGeuZ47tvi+svR6uwzZ4vbWP2YIndeMz+TzrWDTtRfbMoRGvVkD graruLXDLCcCTjJViG5kjTXHFQxYgUJMEHDSSE50KsfgFF2WM0lYsV9Cw8GpciEy VObJuA4GVWNqc5aT4fnODPyfxWxJq9EOxzW/ZlCF45I2H4B9VslReomqkM52OUXT qaYZ/ruBAjEHyu+uN6AgIyMaujpH2EjKGc1RxNxA6QGZXld4gMtfgSnjRILf311r VHx0g96ykiMcL0dBzhhjPPnTXwCAm/SCafk/AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUxmzZ1pBLStsLyX0PgJDOQFOZEoUwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId 1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgveG16WjFwQkxTdHNMeVgwUGdKRE9R Rk9aRW9VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnE9gDAN BgkqhkiG9w0BAQsFAAOCAQEAMxL7JklwXN+o3QIqiaMOnM47o8VeAVGBe4kel0+A 5gTJQ/zqoBrpQHAQGXUB6/vg4WvFhCqcx+msn9DtGUKKb5XMjUPDiN8kDhi66ZMd vTIOaVCv84VTrEfsKzpAuncqVBS8ss1MdfzGMDFXyGs1uYnE+yDcrW2ps0vZkDUQ eLUYLLWqgdQnwWFIo4uBy0lNAcMViIaxD9BwmRLqH1Tqh6m0x3qEuQUSePWVMsUA KbOagKyy8SgMxsUjZvK6QRufhOwYcQMNysUU5xyz1VCsRJNcoDfWhxO6FBud1Rrb oPTQTVXLkGbP6fRuKHLlNUzySpesSgapihgqkifEHF7/qA== -----END CERTIFICATE-----Generated at Sun Aug 24 09:16:30 2025 by rpki-client