$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Ik4gcnTRuc45AQ8hid7I_eQykvQ.roa File: Ik4gcnTRuc45AQ8hid7I_eQykvQ.roa (raw, json) Hash identifier: 0QD9PtVmdzEU5gNA+ni3kOZY2JHkaHyv8Gl49DPsgxM= Subject key identifier: 22:4E:20:72:74:D1:B9:CE:39:01:0F:21:89:DE:C8:FD:E4:32:92:F4 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 142A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Ik4gcnTRuc45AQ8hid7I_eQykvQ.roa Signing time: Fri 22 Aug 2025 09:00:08 +0000 ROA not before: Fri 22 Aug 2025 09:00:08 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 124.218.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5162 (0x142a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:08 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=224E207274D1B9CE39010F2189DEC8FDE43292F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:87:cb:e1:57:95:34:e9:f1:af:9f:a1:48:cf: c6:c5:84:f9:c4:e7:53:98:80:e5:90:3c:29:6e:55: 6a:c6:61:27:9c:99:fb:20:8f:ae:51:54:7f:f7:41: 88:09:3a:cd:b8:39:df:3c:1e:9c:84:4f:5a:e2:b9: 30:95:19:90:84:a9:c1:89:82:b1:32:22:a3:a9:51: 68:aa:c5:dd:d9:be:f3:1e:c1:6c:06:94:73:8b:f2: 7f:47:e7:9e:29:f5:a3:5e:44:1c:8f:82:74:aa:0b: 4f:a3:c7:67:e7:31:db:e3:38:61:7d:c8:40:b3:e8: 24:c9:23:df:66:a2:c1:c1:2f:1d:73:b3:5a:d0:82: d1:14:5a:a1:18:70:c0:f6:68:23:04:ca:ce:7f:9d: c4:21:d4:c1:b6:d5:01:2c:69:52:f3:22:1c:a0:5c: 3a:29:8d:6d:6a:83:83:41:bb:c9:83:47:ef:be:69: 55:82:00:7b:22:4b:8d:8f:91:f0:a1:dd:97:cc:00: 28:d5:1f:33:2d:08:e6:1b:7b:2c:23:39:87:17:a5: 74:b3:83:fc:1b:c8:ec:38:0b:d2:ae:8d:fa:22:4a: 22:16:bd:99:76:9d:8c:6d:2c:ce:0c:9c:3b:6c:ed: 97:fc:f3:f2:f1:2a:9f:ef:a7:08:f5:ea:de:ac:fa: ea:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:4E:20:72:74:D1:B9:CE:39:01:0F:21:89:DE:C8:FD:E4:32:92:F4 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Ik4gcnTRuc45AQ8hid7I_eQykvQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.0.0/16 Signature Algorithm: sha256WithRSAEncryption 91:9c:ae:be:21:fe:c8:69:dd:03:e9:db:e4:da:c2:56:4b:54: 55:e3:24:ab:30:a9:0b:db:63:fa:4b:00:71:04:97:46:91:5b: 80:00:54:2e:7d:c8:4f:58:5e:1c:ea:91:a4:7f:f5:44:cc:0f: e9:c0:80:61:14:62:e2:01:c6:8d:08:18:49:31:9e:eb:ab:fc: 3d:ea:f1:21:4c:8d:5a:64:e7:62:62:97:9c:0c:a4:6f:17:13: f8:b7:a0:c5:a7:d7:61:55:14:0a:1e:16:ff:a7:f8:ac:78:8e: 4a:94:99:2f:d4:f3:d2:99:44:83:92:70:9b:0d:26:b2:2e:db: 32:ea:01:67:81:96:cc:07:47:7c:ae:c4:d8:e8:30:f0:58:76: 5a:01:a7:72:2b:77:7d:76:62:d1:52:9a:78:bc:b7:5a:5a:e9: 35:4f:61:48:43:f7:2b:6f:f4:f7:0b:23:10:f6:4b:9d:0f:63: 23:67:1d:20:8f:8e:e9:9e:8b:dc:c0:cb:f2:e1:88:9a:b0:7c: df:8f:0b:0b:1e:98:74:9e:63:ac:f1:c8:db:2a:be:5a:10:48: 23:90:3b:5d:70:2e:75:bf:05:c3:2c:2b:ac:08:4f:82:31:1c: 35:16:26:d5:34:b0:95:b8:bb:09:1f:5a:4e:cb:c3:b8:cd:1c: e0:7a:cc:5a -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgICFCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIyNEUyMDcyNzREMUI5 Q0UzOTAxMEYyMTg5REVDOEZERTQzMjkyRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvh8vhV5U06fGvn6FIz8bFhPnE51OYgOWQPCluVWrGYSecmfsg j65RVH/3QYgJOs24Od88HpyET1riuTCVGZCEqcGJgrEyIqOpUWiqxd3ZvvMewWwG lHOL8n9H554p9aNeRByPgnSqC0+jx2fnMdvjOGF9yECz6CTJI99mosHBLx1zs1rQ gtEUWqEYcMD2aCMEys5/ncQh1MG21QEsaVLzIhygXDopjW1qg4NBu8mDR+++aVWC AHsiS42PkfCh3ZfMACjVHzMtCOYbeywjOYcXpXSzg/wbyOw4C9KujfoiSiIWvZl2 nYxtLM4MnDts7Zf88/LxKp/vpwj16t6s+urXAgMBAAGjggHnMIIB4zAdBgNVHQ4E FgQUIk4gcnTRuc45AQ8hid7I/eQykvQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0lrNGdjblRSdWM0NUFROGhpZDdJX2VR eWt2US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwB82jANBgkq hkiG9w0BAQsFAAOCAQEAkZyuviH+yGndA+nb5NrCVktUVeMkqzCpC9tj+ksAcQSX RpFbgABULn3IT1heHOqRpH/1RMwP6cCAYRRi4gHGjQgYSTGe66v8PerxIUyNWmTn YmKXnAykbxcT+LegxafXYVUUCh4W/6f4rHiOSpSZL9Tz0plEg5Jwmw0msi7bMuoB Z4GWzAdHfK7E2Ogw8Fh2WgGncit3fXZi0VKaeLy3WlrpNU9hSEP3K2/09wsjEPZL nQ9jI2cdII+O6Z6L3MDL8uGImrB8348LCx6YdJ5jrPHI2yq+WhBII5A7XXAudb8F wywrrAhPgjEcNRYm1TSwlbi7CR9aTsvDuM0c4HrMWg== -----END CERTIFICATE-----Generated at Sun Aug 24 14:23:18 2025 by rpki-client