$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/7AfICtVajCE61FPniJ3qzjP2_lY.roa File: 7AfICtVajCE61FPniJ3qzjP2_lY.roa (raw, json) Hash identifier: lUfZ1Nfgs3DuhDdYnoW444x2NDWlu5oR482JXrZOr/c= Subject key identifier: EC:07:C8:0A:D5:5A:8C:21:3A:D4:53:E7:88:9D:EA:CE:33:F6:FE:56 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 13B8 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/7AfICtVajCE61FPniJ3qzjP2_lY.roa Signing time: Fri 22 Aug 2025 08:59:38 +0000 ROA not before: Fri 22 Aug 2025 08:59:38 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 219.91.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5048 (0x13b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:38 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=EC07C80AD55A8C213AD453E7889DEACE33F6FE56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c1:34:3a:0f:d4:dd:ad:d4:8c:45:5c:79:a5: 8b:45:e3:13:3d:77:b7:af:dc:1c:74:5a:a6:5f:ab: 94:ba:1f:ed:29:35:04:07:6a:e1:88:a9:b9:05:57: ea:78:a0:a4:84:75:f4:aa:61:ba:d1:75:a3:4e:70: 8d:8c:d4:8f:5b:d8:70:55:db:0a:69:a2:d5:a8:4f: 1a:29:fa:e3:51:01:83:30:9b:cf:f9:90:94:3a:c0: 36:aa:0e:2f:12:be:9d:6c:e4:1d:9f:bb:52:4b:30: de:8c:78:8a:01:28:3d:63:60:3f:85:52:e0:70:dd: b0:be:2a:1c:6d:34:fb:85:34:b3:6c:3d:65:c4:99: 20:15:cc:9b:60:83:86:c3:55:dc:8f:f6:72:34:79: 3c:32:53:96:92:f6:03:5b:74:4e:29:88:69:48:dc: d9:56:7d:b5:7f:d6:83:e6:f1:2c:4b:e0:85:b7:86: b0:ae:11:69:ff:13:57:1e:0a:41:13:bd:27:57:99: 6f:a8:e5:cf:4d:51:f0:a7:fb:1a:bd:49:66:d2:b0: 2f:e1:16:06:7f:4a:c5:fb:e9:a6:f9:d9:cb:d9:70: c0:a9:86:e5:d5:3f:b6:47:9e:5b:0d:d3:b9:66:b1: a0:3a:32:aa:27:7a:5a:58:50:77:dd:93:b8:90:71: 98:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:07:C8:0A:D5:5A:8C:21:3A:D4:53:E7:88:9D:EA:CE:33:F6:FE:56 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/7AfICtVajCE61FPniJ3qzjP2_lY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.91.0.0/17 Signature Algorithm: sha256WithRSAEncryption 37:a6:a7:03:e0:e1:e7:6e:16:44:fa:9e:e6:c8:90:10:c5:95: e4:89:f3:43:ac:0c:77:c0:73:54:a6:a6:bf:68:be:64:b6:b8: d8:e8:7f:ad:d8:f9:ef:73:e4:64:b8:12:1d:57:85:74:35:d8: 64:26:c7:66:86:cc:7a:3a:ae:bd:d1:5e:f7:25:2a:c6:24:09: ff:04:1f:f5:68:e3:6f:17:c2:2d:b9:6b:87:3b:1e:4e:fa:02: c5:f9:8e:e2:66:09:d0:34:e8:ec:71:96:dc:78:f8:c3:f5:5e: ad:42:70:bc:20:68:b9:33:92:0b:da:f8:60:a6:57:75:ec:5d: d3:33:59:a8:c9:78:99:72:ba:5b:e0:39:87:5b:aa:58:f0:ab: 72:4c:67:b3:81:cc:b4:b4:db:6f:d6:77:15:de:01:c7:bd:ef: 4e:19:32:c6:8e:1a:dc:0e:be:86:53:64:cd:5d:3f:6b:e8:1f: 2c:04:ec:59:4a:81:05:b4:39:6e:3d:51:70:18:42:4a:6f:d2: c9:a9:cc:6c:f2:1b:c1:5f:68:2e:87:ea:fb:8c:90:a4:44:01: e3:e0:bb:50:6b:cb:87:6e:4b:71:d4:93:8a:0d:05:e5:3d:a6: 40:8d:b4:86:6f:49:a1:e7:1d:03:66:9e:d0:1f:8d:33:c6:95: 78:ca:b6:ee -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE7gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MzhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVDMDdDODBBRDU1QThD MjEzQUQ0NTNFNzg4OURFQUNFMzNGNkZFNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvwTQ6D9TdrdSMRVx5pYtF4xM9d7ev3Bx0WqZfq5S6H+0pNQQH auGIqbkFV+p4oKSEdfSqYbrRdaNOcI2M1I9b2HBV2wppotWoTxop+uNRAYMwm8/5 kJQ6wDaqDi8Svp1s5B2fu1JLMN6MeIoBKD1jYD+FUuBw3bC+KhxtNPuFNLNsPWXE mSAVzJtgg4bDVdyP9nI0eTwyU5aS9gNbdE4piGlI3NlWfbV/1oPm8SxL4IW3hrCu EWn/E1ceCkETvSdXmW+o5c9NUfCn+xq9SWbSsC/hFgZ/SsX76ab52cvZcMCphuXV P7ZHnlsN07lmsaA6MqonelpYUHfdk7iQcZhvAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU7AfICtVajCE61FPniJ3qzjP2/lYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzdBZklDdFZhakNFNjFGUG5pSjNxempQ Ml9sWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfbWwAwDQYJ KoZIhvcNAQELBQADggEBADempwPg4eduFkT6nubIkBDFleSJ80OsDHfAc1Smpr9o vmS2uNjof63Y+e9z5GS4Eh1XhXQ12GQmx2aGzHo6rr3RXvclKsYkCf8EH/Vo428X wi25a4c7Hk76AsX5juJmCdA06Oxxltx4+MP1Xq1CcLwgaLkzkgva+GCmV3XsXdMz WajJeJlyulvgOYdbqljwq3JMZ7OBzLS022/WdxXeAce9704ZMsaOGtwOvoZTZM1d P2voHywE7FlKgQW0OW49UXAYQkpv0smpzGzyG8FfaC6H6vuMkKREAePgu1Bry4du S3HUk4oNBeU9pkCNtIZvSaHnHQNmntAfjTPGlXjKtu4= -----END CERTIFICATE-----Generated at Sun Aug 24 14:21:06 2025 by rpki-client