$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/IEtt-nr5JGLM1fwxcNDkEgduy0s.roa File: IEtt-nr5JGLM1fwxcNDkEgduy0s.roa (raw, json) Hash identifier: qYJanxAtEWLhW571abp657CkFLC3LDk/XnzAx3DRz8U= Subject key identifier: 20:4B:6D:FA:7A:F9:24:62:CC:D5:FC:31:70:D0:E4:12:07:6E:CB:4B Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1381 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/IEtt-nr5JGLM1fwxcNDkEgduy0s.roa Signing time: Fri 22 Aug 2025 08:59:22 +0000 ROA not before: Fri 22 Aug 2025 08:59:22 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 22787 IP address blocks: 210.58.89.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4993 (0x1381) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:22 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=204B6DFA7AF92462CCD5FC3170D0E412076ECB4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4a:af:a2:34:13:5a:61:23:b7:48:ab:66:59: 33:05:24:e7:db:5c:3d:06:48:0c:17:47:fb:f5:28: 19:9f:44:7b:f9:ab:00:81:70:db:8e:c6:73:70:3c: 44:c8:80:8b:65:c4:2d:f5:c2:05:72:26:0a:94:c9: cb:eb:e3:0b:43:ff:4d:73:8d:b6:98:38:a3:cf:17: ff:a3:92:fd:50:1b:19:ab:06:a3:38:42:ca:15:d4: ee:91:5e:83:db:3c:0f:9f:cb:b4:27:f1:98:c4:70: b8:3e:9a:ac:d0:33:ff:b4:36:33:ea:0f:41:e9:d8: 74:2a:ce:90:8a:cf:1b:58:4e:87:cc:02:e0:a1:5e: 5b:cd:67:16:04:c2:fd:ab:bc:2e:32:a9:ef:f0:6d: 53:5e:67:a2:78:4c:3c:c8:3e:e7:2c:d3:29:85:9e: a7:1e:d4:fc:b0:33:6b:7f:20:11:e7:ca:eb:5c:6f: 6c:40:4e:c6:1d:9f:b6:48:11:88:f5:27:90:2f:b1: e0:97:3f:5f:91:a9:4d:f8:e8:3c:fd:78:97:a9:f5: b9:aa:81:c3:26:ad:89:1a:4e:69:5c:b9:70:e2:c8: 90:99:0d:77:c9:88:05:ca:4e:a4:c2:a3:10:2f:e6: cf:05:01:77:d6:f2:19:5b:07:0f:88:f3:11:35:c5: fc:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:4B:6D:FA:7A:F9:24:62:CC:D5:FC:31:70:D0:E4:12:07:6E:CB:4B X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/IEtt-nr5JGLM1fwxcNDkEgduy0s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.58.89.0/24 Signature Algorithm: sha256WithRSAEncryption c1:22:69:24:90:c9:96:d5:11:61:b3:c9:dc:32:d5:53:77:68: 60:02:f0:4c:c4:be:25:05:0a:e7:f8:1a:db:2d:6a:2a:c3:ff: 10:6b:15:ba:e7:84:d0:42:a6:68:2d:ad:21:91:79:4d:04:83: b9:7e:0e:38:bf:41:32:77:10:50:03:21:3a:2c:e8:1f:a2:f3: 35:d1:28:3f:f9:dc:4c:6d:4b:26:c2:6a:12:93:bb:d5:aa:e1: 2c:55:a9:ba:4e:09:33:2f:4f:52:8c:91:ba:df:e7:b6:68:74: 95:ff:81:04:2c:a5:89:0e:c1:3c:c0:bd:95:2a:84:55:38:48: d2:d0:33:7b:47:b2:05:1a:05:8b:7d:be:4e:db:be:a8:84:3e: 8d:85:51:0e:a5:5e:63:be:57:a8:fd:14:36:85:35:bd:70:15: 7c:9c:e1:43:76:0e:5a:ed:1d:fd:48:41:30:53:36:a6:bf:97: 5d:74:d2:15:3f:1a:e5:98:56:e3:06:9f:36:58:cd:ac:ff:e1: 6e:7d:44:8a:0a:9f:e1:15:2d:4d:fd:d5:d1:81:23:42:cd:3b: 9f:fc:f0:f1:41:fa:2a:02:0f:59:f6:52:79:ad:34:04:b6:ba: 22:9b:cf:49:c5:61:c4:9c:5f:af:2a:64:93:fa:21:a8:ab:2d: 13:aa:ef:76 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MjJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIwNEI2REZBN0FGOTI0 NjJDQ0Q1RkMzMTcwRDBFNDEyMDc2RUNCNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4Sq+iNBNaYSO3SKtmWTMFJOfbXD0GSAwXR/v1KBmfRHv5qwCB cNuOxnNwPETIgItlxC31wgVyJgqUycvr4wtD/01zjbaYOKPPF/+jkv1QGxmrBqM4 QsoV1O6RXoPbPA+fy7Qn8ZjEcLg+mqzQM/+0NjPqD0Hp2HQqzpCKzxtYTofMAuCh XlvNZxYEwv2rvC4yqe/wbVNeZ6J4TDzIPucs0ymFnqce1PywM2t/IBHnyutcb2xA TsYdn7ZIEYj1J5AvseCXP1+RqU346Dz9eJep9bmqgcMmrYkaTmlcuXDiyJCZDXfJ iAXKTqTCoxAv5s8FAXfW8hlbBw+I8xE1xfytAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUIEtt+nr5JGLM1fwxcNDkEgduy0swHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0lFdHQtbnI1SkdMTTFmd3hjTkRrRWdk dXkwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSOlkwDQYJ KoZIhvcNAQELBQADggEBAMEiaSSQyZbVEWGzydwy1VN3aGAC8EzEviUFCuf4Gtst airD/xBrFbrnhNBCpmgtrSGReU0Eg7l+Dji/QTJ3EFADITos6B+i8zXRKD/53Ext SybCahKTu9Wq4SxVqbpOCTMvT1KMkbrf57ZodJX/gQQspYkOwTzAvZUqhFU4SNLQ M3tHsgUaBYt9vk7bvqiEPo2FUQ6lXmO+V6j9FDaFNb1wFXyc4UN2DlrtHf1IQTBT Nqa/l1100hU/GuWYVuMGnzZYzaz/4W59RIoKn+EVLU391dGBI0LNO5/88PFB+ioC D1n2UnmtNAS2uiKbz0nFYcScX68qZJP6IairLROq73Y= -----END CERTIFICATE-----Generated at Sun Aug 24 14:15:03 2025 by rpki-client