$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/67L4el1GUGyI8RYCBYJyaFYkWG8.roa File: 67L4el1GUGyI8RYCBYJyaFYkWG8.roa (raw, json) Hash identifier: 8ZmeIGGytTe2XUISiiNdVohQl2kTATrmYm3T+aLoHvE= Subject key identifier: EB:B2:F8:7A:5D:46:50:6C:88:F1:16:02:05:82:72:68:56:24:58:6F Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 148C Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/67L4el1GUGyI8RYCBYJyaFYkWG8.roa Signing time: Fri 22 Aug 2025 09:00:32 +0000 ROA not before: Fri 22 Aug 2025 09:00:32 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131602 IP address blocks: 218.35.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5260 (0x148c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:32 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=EBB2F87A5D46506C88F11602058272685624586F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:46:50:96:20:a7:4f:a4:df:81:22:51:69:e3: 48:aa:af:88:09:01:20:09:0d:34:5d:fb:2f:9c:1a: dc:e6:2f:b4:d9:7c:0e:5a:fa:f8:84:3c:30:d7:75: 8f:5f:e5:b7:bf:d6:b2:e0:85:da:aa:f8:a5:55:d2: 47:b3:a8:31:d0:67:60:0a:95:ef:65:32:85:3a:df: db:12:18:c4:3f:02:9e:b1:b5:85:89:d3:05:3f:43: 91:50:ad:9c:89:b6:be:f7:21:94:05:1d:89:ba:35: b6:6c:86:54:22:58:f5:86:f6:6d:a6:04:f3:ac:c9: 38:1b:87:b6:d6:e0:60:3f:95:b8:2b:33:10:4b:9d: 3b:dd:b7:b5:48:bf:1b:2c:f4:6d:37:e1:b2:4f:b4: 35:c7:d8:56:9f:48:88:6f:24:01:c4:52:6e:06:2e: 98:c7:06:e6:21:76:f6:57:a1:cc:6f:a9:f2:d2:b5: 5b:71:d3:cb:ce:5c:d2:f2:83:3d:74:98:4c:a1:d5: a2:cb:75:77:c9:8b:f0:41:cb:e4:fc:18:da:cd:56: e7:fe:44:0d:72:94:78:86:a6:e2:a3:9d:4e:4e:ea: 6b:19:8f:5a:67:b7:a4:ec:37:29:a3:0b:58:5d:51: c7:15:59:cc:56:e7:63:88:a8:f8:94:30:45:f5:6c: cc:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:B2:F8:7A:5D:46:50:6C:88:F1:16:02:05:82:72:68:56:24:58:6F X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/67L4el1GUGyI8RYCBYJyaFYkWG8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.35.248.0/21 Signature Algorithm: sha256WithRSAEncryption ac:8e:60:7e:e9:f3:21:e9:a4:40:a3:dc:25:b5:2c:49:e1:16: ee:b1:a7:c9:1a:9b:ee:3a:06:83:39:5e:ac:ef:c8:f0:ef:f6: f7:65:16:35:9b:46:4e:12:af:16:59:ca:76:54:f9:21:75:b0: ad:4f:41:af:ff:27:99:8e:6d:2b:67:77:f2:1c:7d:eb:05:ed: 78:13:62:ac:03:d0:13:40:40:7e:df:6f:44:28:d8:00:1a:3f: 3c:d8:b2:d0:17:3d:f3:7e:94:da:9c:0b:f0:e8:72:3d:8c:05: b2:75:bd:92:90:b1:a5:aa:b9:0a:2f:19:18:80:7f:9a:33:0a: 66:d3:b5:2b:fa:b9:0b:20:3f:e5:f0:6e:9e:a1:2a:54:98:d5: 91:3f:a8:ac:f8:4a:86:23:55:2d:35:74:6b:bd:53:90:9e:2f: db:f8:b6:31:b0:a8:d8:0a:cd:c6:e8:f2:6c:82:36:df:89:bf: 64:93:12:e4:81:67:1f:ed:08:a1:fd:fb:6e:a3:da:f6:69:a8: 2c:20:dc:1e:9a:90:38:e3:f1:c3:0b:7b:e1:fd:f3:4a:55:bf: 43:69:46:ce:3a:22:82:d1:1e:2e:e6:42:c9:e7:2b:43:a9:18: e5:cf:f7:24:cf:b1:7d:1c:c5:bf:db:c5:20:0c:d3:25:e4:56: 9e:c9:fc:ec -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMzJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVCQjJGODdBNUQ0NjUw NkM4OEYxMTYwMjA1ODI3MjY4NTYyNDU4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnRlCWIKdPpN+BIlFp40iqr4gJASAJDTRd+y+cGtzmL7TZfA5a +viEPDDXdY9f5be/1rLghdqq+KVV0kezqDHQZ2AKle9lMoU639sSGMQ/Ap6xtYWJ 0wU/Q5FQrZyJtr73IZQFHYm6NbZshlQiWPWG9m2mBPOsyTgbh7bW4GA/lbgrMxBL nTvdt7VIvxss9G034bJPtDXH2FafSIhvJAHEUm4GLpjHBuYhdvZXocxvqfLStVtx 08vOXNLygz10mEyh1aLLdXfJi/BBy+T8GNrNVuf+RA1ylHiGpuKjnU5O6msZj1pn t6TsNymjC1hdUccVWcxW52OIqPiUMEX1bMzNAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU67L4el1GUGyI8RYCBYJyaFYkWG8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzY3TDRlbDFHVUd5SThSWUNCWUp5YUZZ a1dHOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPaI/gwDQYJ KoZIhvcNAQELBQADggEBAKyOYH7p8yHppECj3CW1LEnhFu6xp8kam+46BoM5Xqzv yPDv9vdlFjWbRk4SrxZZynZU+SF1sK1PQa//J5mObStnd/IcfesF7XgTYqwD0BNA QH7fb0Qo2AAaPzzYstAXPfN+lNqcC/Docj2MBbJ1vZKQsaWquQovGRiAf5ozCmbT tSv6uQsgP+Xwbp6hKlSY1ZE/qKz4SoYjVS01dGu9U5CeL9v4tjGwqNgKzcbo8myC Nt+Jv2STEuSBZx/tCKH9+26j2vZpqCwg3B6akDjj8cMLe+H980pVv0NpRs46IoLR Hi7mQsnnK0OpGOXP9yTPsX0cxb/bxSAM0yXkVp7J/Ow= -----END CERTIFICATE-----Generated at Sun Aug 24 13:52:46 2025 by rpki-client