$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/NiwUGxhoC3-bZeE7YshErbCjddk.roa File: NiwUGxhoC3-bZeE7YshErbCjddk.roa (raw, json) Hash identifier: lH5ugUbRm9ODNpW+BOMNSqQmi/becXS7k0R4iH/zdwE= Subject key identifier: 36:2C:14:1B:18:68:0B:7F:9B:65:E1:3B:62:C8:44:AD:B0:A3:75:D9 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 147A Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NiwUGxhoC3-bZeE7YshErbCjddk.roa Signing time: Fri 22 Aug 2025 09:00:28 +0000 ROA not before: Fri 22 Aug 2025 09:00:28 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 210.58.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5242 (0x147a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:28 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=362C141B18680B7F9B65E13B62C844ADB0A375D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:97:7b:cd:48:ed:27:5f:35:64:09:f9:a3:c5: e5:ec:05:3b:00:7f:d7:e2:e1:e1:9b:a6:44:53:18: f4:a2:ef:0b:23:22:55:cd:09:05:61:8d:d1:03:12: 49:8a:f2:cb:9e:c3:05:77:49:63:14:b5:e9:d7:bf: a5:20:fe:59:51:86:47:95:07:67:e1:57:ce:17:bb: 89:a5:4a:5f:71:fe:24:b6:5c:e7:42:28:76:72:e8: a4:e5:2b:f4:31:8d:37:99:79:c6:04:e6:7c:67:a3: f7:4c:5f:5b:ad:28:31:37:9a:1a:db:6c:03:9f:5d: 40:a2:e9:d7:07:52:55:c0:cc:db:79:18:f3:f6:ce: 1a:b8:f4:e9:9f:ed:d8:f6:6c:cb:c6:f5:cb:f3:2b: 47:80:94:02:92:13:5c:77:63:72:57:e6:9d:93:76: a9:13:5f:ad:8a:b7:02:89:23:93:4c:10:1b:f2:0f: df:c9:dc:7a:d3:5c:78:12:b8:ba:49:7e:69:eb:7d: ba:c2:18:1d:88:47:d0:cb:46:5c:56:ea:d0:4c:49: 80:53:c4:32:0a:d9:de:af:2d:c9:fa:79:ad:e2:cc: ba:e1:96:1c:62:b2:49:08:e7:79:53:81:05:45:95: c6:34:dc:88:92:7e:19:11:46:ca:3f:c8:00:bc:94: 82:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:2C:14:1B:18:68:0B:7F:9B:65:E1:3B:62:C8:44:AD:B0:A3:75:D9 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NiwUGxhoC3-bZeE7YshErbCjddk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.58.88.0/24 Signature Algorithm: sha256WithRSAEncryption 39:68:0f:57:3d:b2:0e:e7:de:14:b7:bf:7f:8e:fe:30:2c:ff: 1e:4a:39:00:da:71:ef:4d:b7:21:e0:c2:ae:61:65:e8:12:ed: 4e:40:17:af:c1:a9:4f:8a:4c:ae:24:e1:39:3e:cc:4f:c2:cd: ef:9a:0f:45:7b:3f:d6:9c:83:35:73:2b:36:61:14:39:41:50: a6:f9:6d:0c:ed:a7:38:5e:1a:00:9e:d8:c3:ee:02:9f:48:13: ef:6b:37:d0:07:8b:14:28:e0:b1:28:09:a7:33:7e:b5:ca:b8: 7c:d1:f9:f0:48:cb:9b:bd:7b:62:7b:e5:cc:ad:a6:ab:ce:6f: 0e:f1:43:bc:55:83:5d:03:24:c5:f5:4d:58:6e:6d:73:a7:aa: c6:7c:93:17:3f:22:98:e6:53:5a:9e:73:e8:f2:02:d3:9c:2f: 06:2b:8e:2b:f3:ee:15:31:d9:17:44:4e:40:e6:f5:81:a1:d6: 4c:ee:56:a1:35:4f:bc:4e:9f:e3:05:1e:f4:4f:de:87:33:e7: 29:bc:e1:0a:fc:c5:b8:68:60:f9:23:50:8e:e1:88:66:a0:d1: cf:c8:22:d3:1c:95:a4:43:c5:0d:a0:57:65:aa:af:40:64:b3: df:b5:14:9a:3b:24:11:38:e9:99:23:a4:d0:dd:e5:04:4d:15: a2:68:17:52 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFHowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM2MkMxNDFCMTg2ODBC N0Y5QjY1RTEzQjYyQzg0NEFEQjBBMzc1RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJl3vNSO0nXzVkCfmjxeXsBTsAf9fi4eGbpkRTGPSi7wsjIlXN CQVhjdEDEkmK8suewwV3SWMUtenXv6Ug/llRhkeVB2fhV84Xu4mlSl9x/iS2XOdC KHZy6KTlK/QxjTeZecYE5nxno/dMX1utKDE3mhrbbAOfXUCi6dcHUlXAzNt5GPP2 zhq49Omf7dj2bMvG9cvzK0eAlAKSE1x3Y3JX5p2TdqkTX62KtwKJI5NMEBvyD9/J 3HrTXHgSuLpJfmnrfbrCGB2IR9DLRlxW6tBMSYBTxDIK2d6vLcn6ea3izLrhlhxi skkI53lTgQVFlcY03IiSfhkRRso/yAC8lIKtAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUNiwUGxhoC3+bZeE7YshErbCjddkwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL05pd1VHeGhvQzMtYlplRTdZc2hFcmJD amRkay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSOlgwDQYJ KoZIhvcNAQELBQADggEBADloD1c9sg7n3hS3v3+O/jAs/x5KOQDace9NtyHgwq5h ZegS7U5AF6/BqU+KTK4k4Tk+zE/Cze+aD0V7P9acgzVzKzZhFDlBUKb5bQztpzhe GgCe2MPuAp9IE+9rN9AHixQo4LEoCaczfrXKuHzR+fBIy5u9e2J75cytpqvObw7x Q7xVg10DJMX1TVhubXOnqsZ8kxc/IpjmU1qec+jyAtOcLwYrjivz7hUx2RdETkDm 9YGh1kzuVqE1T7xOn+MFHvRP3ocz5ym84Qr8xbhoYPkjUI7hiGag0c/IItMclaRD xQ2gV2Wqr0Bks9+1FJo7JBE46ZkjpNDd5QRNFaJoF1I= -----END CERTIFICATE-----Generated at Sun Aug 24 14:20:13 2025 by rpki-client