$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/TBi0PMul5ipCwTPZGmAwadfMyRw.roa File: TBi0PMul5ipCwTPZGmAwadfMyRw.roa (raw, json) Hash identifier: bKzgvdd6uS1XkLArXiMIVcPWA+kaZ6fYFQBT+YMRPJs= Subject key identifier: 4C:18:B4:3C:CB:A5:E6:2A:42:C1:33:D9:1A:60:30:69:D7:CC:C9:1C Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 13E1 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TBi0PMul5ipCwTPZGmAwadfMyRw.roa Signing time: Fri 22 Aug 2025 08:59:50 +0000 ROA not before: Fri 22 Aug 2025 08:59:50 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 223.23.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5089 (0x13e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:50 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=4C18B43CCBA5E62A42C133D91A603069D7CCC91C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:23:df:05:52:9e:9d:c6:4f:77:4a:45:35:0c: d5:48:09:1b:fa:93:f3:e9:54:61:1c:df:53:5a:17: 48:5c:26:4e:4f:55:6f:d8:7f:a2:d4:8b:4f:21:4c: 19:14:4a:58:28:16:a6:20:cd:48:cc:6f:6b:0f:ee: 91:c1:32:97:b4:3a:38:e5:1f:b5:7f:ed:23:86:57: ac:9c:3a:1c:e6:da:e2:62:ee:4c:a4:f1:8f:25:27: f7:88:c8:f0:a3:57:2f:37:a5:72:47:81:3e:dc:a2: c6:44:7c:97:b1:f1:6b:7c:c4:da:ed:ce:94:bb:5d: a3:c1:a9:73:68:88:ee:8b:45:fe:1c:68:c7:8e:b3: ea:14:d1:31:c5:55:81:21:38:5f:b0:e3:0b:60:30: 3a:f4:e3:60:7d:73:e9:5b:6a:65:fe:94:9a:5b:bf: 64:ca:ad:56:79:d6:28:3c:61:e6:a3:d9:97:bd:68: f1:8d:db:f7:67:2d:ca:05:51:e3:ff:15:fb:b1:52: dc:80:dd:5d:b6:bb:3b:6c:2f:c9:b5:b6:74:37:93: 7e:ec:02:19:31:23:bb:c7:3e:e7:7a:f3:d4:1b:3e: 19:93:9d:a1:f8:9b:6e:af:e0:25:08:8e:a8:ea:4d: e8:ef:44:75:f1:0a:9a:75:1c:5e:10:2a:33:b3:f0: de:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:18:B4:3C:CB:A5:E6:2A:42:C1:33:D9:1A:60:30:69:D7:CC:C9:1C X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/TBi0PMul5ipCwTPZGmAwadfMyRw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.23.63.0/24 Signature Algorithm: sha256WithRSAEncryption c0:36:dc:c3:68:4d:af:b7:cf:35:bf:ad:af:ba:a0:ef:ce:3f: 48:c2:c6:e2:8b:a9:e4:17:a2:a3:35:de:d7:02:97:ce:84:bb: b7:83:38:39:58:a5:fb:f0:df:2a:20:73:bd:07:25:d6:42:b0: ee:c8:51:a1:d5:bd:6d:7b:8d:ac:b0:c4:59:59:6d:0f:54:8c: 32:c2:d7:f6:21:f2:6f:54:f6:18:c1:63:97:fc:ce:20:a4:73: d2:a6:eb:5b:bb:bb:9d:56:c8:de:20:f2:9b:74:a1:27:8a:b6: b4:1c:1e:06:f9:cc:fe:59:4a:f5:8d:a1:03:5b:1e:d4:c3:26: 37:37:0e:35:6d:9d:1b:79:b5:e4:3a:57:3c:83:36:d7:76:98: 4f:0d:45:a1:9d:ec:eb:e6:77:2e:a9:08:a4:72:e6:2d:79:97: fd:0a:b1:63:60:77:32:f7:f8:a5:2d:86:e5:42:23:27:0d:bc: cc:11:ac:66:40:be:80:2a:42:0d:dc:68:fc:81:e0:5e:d3:97: 32:52:f3:b5:e3:8a:2e:35:a6:69:dc:3e:7a:7b:ca:c2:f9:10: a6:72:f3:02:a2:6f:b6:a0:ad:06:45:4f:3e:be:23:6a:1c:b5: 7d:27:5c:6c:d8:ad:f1:7a:81:22:a9:f0:58:93:2a:d0:62:4a: 15:4b:c8:09 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE+EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5NTBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRDMThCNDNDQ0JBNUU2 MkE0MkMxMzNEOTFBNjAzMDY5RDdDQ0M5MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGI98FUp6dxk93SkU1DNVICRv6k/PpVGEc31NaF0hcJk5PVW/Y f6LUi08hTBkUSlgoFqYgzUjMb2sP7pHBMpe0OjjlH7V/7SOGV6ycOhzm2uJi7kyk 8Y8lJ/eIyPCjVy83pXJHgT7cosZEfJex8Wt8xNrtzpS7XaPBqXNoiO6LRf4caMeO s+oU0THFVYEhOF+w4wtgMDr042B9c+lbamX+lJpbv2TKrVZ51ig8Yeaj2Ze9aPGN 2/dnLcoFUeP/FfuxUtyA3V22uztsL8m1tnQ3k37sAhkxI7vHPud689QbPhmTnaH4 m26v4CUIjqjqTejvRHXxCpp1HF4QKjOz8N4ZAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUTBi0PMul5ipCwTPZGmAwadfMyRwwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1RCaTBQTXVsNWlwQ3dUUFpHbUF3YWRm TXlSdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfFz8wDQYJ KoZIhvcNAQELBQADggEBAMA23MNoTa+3zzW/ra+6oO/OP0jCxuKLqeQXoqM13tcC l86Eu7eDODlYpfvw3yogc70HJdZCsO7IUaHVvW17jaywxFlZbQ9UjDLC1/Yh8m9U 9hjBY5f8ziCkc9Km61u7u51WyN4g8pt0oSeKtrQcHgb5zP5ZSvWNoQNbHtTDJjc3 DjVtnRt5teQ6VzyDNtd2mE8NRaGd7Ovmdy6pCKRy5i15l/0KsWNgdzL3+KUthuVC IycNvMwRrGZAvoAqQg3caPyB4F7TlzJS87Xjii41pmncPnp7ysL5EKZy8wKib7ag rQZFTz6+I2octX0nXGzYrfF6gSKp8FiTKtBiShVLyAk= -----END CERTIFICATE-----Generated at Sun Aug 24 14:17:19 2025 by rpki-client