$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/8X9TmkpkkY-pokfGVdUZETClRk0.roa File: 8X9TmkpkkY-pokfGVdUZETClRk0.roa (raw, json) Hash identifier: T9SQSIJHfqWLQbL0iCKb9h42nDzE1X93hixzYq/Ij0Y= Subject key identifier: F1:7F:53:9A:4A:64:91:8F:A9:A2:47:C6:55:D5:19:11:30:A5:46:4D Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1401 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/8X9TmkpkkY-pokfGVdUZETClRk0.roa Signing time: Fri 22 Aug 2025 08:59:59 +0000 ROA not before: Fri 22 Aug 2025 08:59:59 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 222.250.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5121 (0x1401) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:59 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=F17F539A4A64918FA9A247C655D5191130A5464D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c6:bf:75:69:85:bf:f7:40:1a:be:c7:34:ed: f0:28:79:dd:b8:b1:2a:64:6a:c1:e3:8b:06:68:93: 35:12:05:a3:6c:6d:c2:3c:7c:b1:a8:96:e0:e6:65: 74:31:0b:f8:30:d0:be:e2:78:cb:06:5f:a7:65:a7: 66:fc:0a:4a:e1:e1:9c:f0:0e:94:43:85:5c:71:68: 77:82:7c:17:8b:83:56:74:56:f7:c2:06:9d:c1:b5: f7:6c:ee:fe:22:c5:5d:a4:8b:a1:5c:69:fd:97:2e: 90:fd:f3:bd:5b:5f:c4:a1:3e:3a:0d:b1:aa:e9:02: ce:2a:1e:9d:c7:2c:7d:d9:7c:62:a7:e5:4b:89:40: 06:19:18:2f:7c:59:2c:27:3b:a2:5c:b7:ab:16:96: a4:45:37:66:c2:4e:fc:42:9a:2f:4f:df:8b:e0:9f: 31:bb:4a:7d:13:b5:05:d8:70:71:3f:bd:cc:88:d1: 26:cc:42:8c:e5:75:43:08:53:a9:dc:b5:2a:76:ad: 97:f5:92:37:58:20:a3:1a:f7:81:f8:53:c9:d5:85: 15:9f:a4:10:82:7d:07:e3:5c:1a:c1:fb:a9:75:b4: b0:dd:3d:77:85:af:38:e6:8e:8b:fe:ef:b4:b8:4e: 11:93:64:f9:5a:8f:fb:6b:af:88:54:fd:02:3d:cb: e3:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:7F:53:9A:4A:64:91:8F:A9:A2:47:C6:55:D5:19:11:30:A5:46:4D X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/8X9TmkpkkY-pokfGVdUZETClRk0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 222.250.128.0/18 Signature Algorithm: sha256WithRSAEncryption 0e:0b:bc:7a:0c:3c:bf:e8:0f:32:93:b7:39:82:ef:e7:4f:0e: bc:7d:e2:75:c2:b3:0d:f7:1c:89:17:66:4e:fe:7a:6c:da:48: 32:6d:3f:36:72:f9:b7:ac:02:2e:76:d4:fb:60:63:ff:e4:78: 14:ca:43:5e:2b:3c:ff:ec:d7:fd:b7:a2:44:91:33:c9:b3:f9: 33:6e:73:77:1e:b9:73:e6:bc:71:a8:c9:4c:55:29:0e:6b:e6: 21:59:f1:54:ad:51:44:f7:e7:11:86:70:2c:24:02:d2:41:39: 18:13:8d:97:5b:6f:a7:ef:95:3c:0d:71:ca:89:48:95:bd:db: 25:68:0d:4d:3b:62:c5:b7:be:51:3e:52:56:4c:04:ec:b5:c3: f1:3a:ca:3e:3a:9a:3a:91:fb:1f:f4:7f:f6:84:62:fe:8f:c7: db:50:07:23:e5:e3:fe:66:bd:98:13:9a:35:87:4d:72:37:b1: 39:d1:54:a9:6c:97:77:e3:8f:20:4c:1a:2d:1b:c0:db:0d:d0: 0f:41:31:dc:59:b0:02:24:d0:67:0c:a7:82:16:59:0b:d1:8f: 72:43:9d:28:7e:e0:44:44:92:6a:64:e8:62:41:25:cf:93:31: c0:53:9a:36:92:dc:4c:00:d8:58:e0:d6:94:9a:a8:66:3b:d0: 76:48:5f:e0 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5NTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEYxN0Y1MzlBNEE2NDkx OEZBOUEyNDdDNjU1RDUxOTExMzBBNTQ2NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhxr91aYW/90Aavsc07fAoed24sSpkasHjiwZokzUSBaNsbcI8 fLGoluDmZXQxC/gw0L7ieMsGX6dlp2b8Ckrh4ZzwDpRDhVxxaHeCfBeLg1Z0VvfC Bp3Btfds7v4ixV2ki6Fcaf2XLpD9871bX8ShPjoNsarpAs4qHp3HLH3ZfGKn5UuJ QAYZGC98WSwnO6Jct6sWlqRFN2bCTvxCmi9P34vgnzG7Sn0TtQXYcHE/vcyI0SbM QozldUMIU6nctSp2rZf1kjdYIKMa94H4U8nVhRWfpBCCfQfjXBrB+6l1tLDdPXeF rzjmjov+77S4ThGTZPlaj/trr4hU/QI9y+MrAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU8X9TmkpkkY+pokfGVdUZETClRk0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzhYOVRta3Bra1ktcG9rZkdWZFVaRVRD bFJrMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbe+oAwDQYJ KoZIhvcNAQELBQADggEBAA4LvHoMPL/oDzKTtzmC7+dPDrx94nXCsw33HIkXZk7+ emzaSDJtPzZy+besAi521PtgY//keBTKQ14rPP/s1/23okSRM8mz+TNuc3ceuXPm vHGoyUxVKQ5r5iFZ8VStUUT35xGGcCwkAtJBORgTjZdbb6fvlTwNccqJSJW92yVo DU07YsW3vlE+UlZMBOy1w/E6yj46mjqR+x/0f/aEYv6Px9tQByPl4/5mvZgTmjWH TXI3sTnRVKlsl3fjjyBMGi0bwNsN0A9BMdxZsAIk0GcMp4IWWQvRj3JDnSh+4ERE kmpk6GJBJc+TMcBTmjaS3EwA2Fjg1pSaqGY70HZIX+A= -----END CERTIFICATE-----Generated at Sun Aug 24 14:22:50 2025 by rpki-client