$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/NrR17Az0XUEzQ4WefX3-AZt9KdE.roa File: NrR17Az0XUEzQ4WefX3-AZt9KdE.roa (raw, json) Hash identifier: ZEUlrsWokc8997Yn0okTSK58tLNe4TLl8LHohWO63fo= Subject key identifier: 36:B4:75:EC:0C:F4:5D:41:33:43:85:9E:7D:7D:FE:01:9B:7D:29:D1 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 13AD Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NrR17Az0XUEzQ4WefX3-AZt9KdE.roa Signing time: Fri 22 Aug 2025 08:59:35 +0000 ROA not before: Fri 22 Aug 2025 08:59:35 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 124.218.173.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5037 (0x13ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:35 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=36B475EC0CF45D413343859E7D7DFE019B7D29D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:fe:9d:eb:42:07:de:1c:79:8b:6a:f6:d4:e4: 10:22:f7:7b:a4:30:ae:a2:8a:0d:1b:66:e1:2a:1f: 45:9a:25:bf:9e:bf:08:69:7e:4c:89:2d:99:06:4d: 94:eb:65:3c:0f:35:94:04:5f:06:ca:be:ad:76:27: 68:d9:53:3c:b7:08:52:22:ea:a3:8f:cc:b8:0f:31: 33:1a:eb:c7:98:13:a5:a0:87:a3:55:9f:00:96:20: 81:9b:06:87:b8:80:e9:e5:5f:c8:60:0f:09:ca:fd: 39:b6:bb:a2:3b:53:5d:f4:4d:0f:c6:af:bc:57:fe: 76:86:22:82:36:4f:73:52:d3:d6:bd:de:49:ae:ef: f8:a9:8b:38:30:20:9c:e5:59:b4:88:be:2b:c3:d5: da:83:7d:6a:60:5d:b4:a8:68:36:8e:30:b7:bb:df: 40:fb:31:6b:71:bf:f1:89:ad:f0:22:92:e6:1f:b4: 31:0b:42:46:42:4c:98:c8:1d:b6:8c:97:ff:c5:5e: b2:c3:ad:fe:e4:3b:dd:3b:67:65:48:c9:f3:5b:73: f1:e4:6f:24:c4:b4:8e:3b:b3:49:e3:e0:2e:95:20: 66:3d:3c:96:b8:9a:17:8f:a8:ed:1b:b4:98:ca:85: 00:15:41:a7:6b:64:80:0a:e6:d8:20:5a:4d:97:57: 9f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:B4:75:EC:0C:F4:5D:41:33:43:85:9E:7D:7D:FE:01:9B:7D:29:D1 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/NrR17Az0XUEzQ4WefX3-AZt9KdE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.173.0/24 Signature Algorithm: sha256WithRSAEncryption 48:48:a8:04:b3:d2:ad:61:d0:e1:d7:ff:09:25:62:49:46:a2: 45:d0:24:f0:8a:cc:ab:4d:5a:63:80:82:55:a3:aa:1d:85:16: 79:72:05:04:a0:1f:fd:2c:86:f6:ea:e0:40:de:8c:ca:d6:7a: 91:b6:d1:32:d0:2b:f8:37:82:bb:a7:58:c6:5b:0d:32:3b:aa: 23:52:09:9b:c1:3d:be:52:99:6c:ba:c2:45:5e:ae:a3:ec:df: c4:a9:33:4e:3c:c0:c6:c4:4d:fa:66:11:01:30:8b:9b:a1:e9: ba:a1:74:50:7a:ca:6a:fa:52:c0:40:61:4b:04:aa:2d:ce:54: 96:1c:97:65:f7:dc:c7:62:fd:7e:28:71:ca:a6:81:c4:4a:12: 34:d4:9e:80:0c:86:30:60:17:92:e0:6f:20:49:9c:93:94:70: bf:e2:a2:3f:71:10:58:2a:ca:bf:a1:26:b7:3e:5f:7c:61:37: 46:cf:3c:a0:f3:51:56:5a:45:df:7e:73:f8:4f:00:1a:cd:60: cd:43:e6:62:a4:e7:64:71:bd:9c:7b:d6:b0:c4:48:b5:d0:ab: d6:9b:6c:dd:0b:f6:66:bf:b5:d1:68:84:34:01:b3:b1:5a:8d: 34:b7:5e:30:cf:3b:6f:83:1f:50:e9:5b:25:b8:0a:c0:74:74: 02:e1:8d:3a -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE60wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MzVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM2QjQ3NUVDMENGNDVE NDEzMzQzODU5RTdEN0RGRTAxOUI3RDI5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDM/p3rQgfeHHmLavbU5BAi93ukMK6iig0bZuEqH0WaJb+evwhp fkyJLZkGTZTrZTwPNZQEXwbKvq12J2jZUzy3CFIi6qOPzLgPMTMa68eYE6Wgh6NV nwCWIIGbBoe4gOnlX8hgDwnK/Tm2u6I7U130TQ/Gr7xX/naGIoI2T3NS09a93kmu 7/ipizgwIJzlWbSIvivD1dqDfWpgXbSoaDaOMLe730D7MWtxv/GJrfAikuYftDEL QkZCTJjIHbaMl//FXrLDrf7kO907Z2VIyfNbc/HkbyTEtI47s0nj4C6VIGY9PJa4 mhePqO0btJjKhQAVQadrZIAK5tggWk2XV5+vAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUNrR17Az0XUEzQ4WefX3+AZt9KdEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL05yUjE3QXowWFVFelE0V2VmWDMtQVp0 OUtkRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB82q0wDQYJ KoZIhvcNAQELBQADggEBAEhIqASz0q1h0OHX/wklYklGokXQJPCKzKtNWmOAglWj qh2FFnlyBQSgH/0shvbq4EDejMrWepG20TLQK/g3grunWMZbDTI7qiNSCZvBPb5S mWy6wkVerqPs38SpM048wMbETfpmEQEwi5uh6bqhdFB6ymr6UsBAYUsEqi3OVJYc l2X33Mdi/X4occqmgcRKEjTUnoAMhjBgF5LgbyBJnJOUcL/ioj9xEFgqyr+hJrc+ X3xhN0bPPKDzUVZaRd9+c/hPABrNYM1D5mKk52RxvZx71rDESLXQq9abbN0L9ma/ tdFohDQBs7FajTS3XjDPO2+DH1DpWyW4CsB0dALhjTo= -----END CERTIFICATE-----Generated at Sun Aug 24 13:52:13 2025 by rpki-client