$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ZnAtDb2JjTW8Zbrr3d7J51XHobY.roa File: ZnAtDb2JjTW8Zbrr3d7J51XHobY.roa (raw, json) Hash identifier: vqh6fX0JbTllh90oWL2BkcH33L+2oOBVsKS5JXq/3sg= Subject key identifier: 66:70:2D:0D:BD:89:8D:35:BC:65:BA:EB:DD:DE:C9:E7:55:C7:A1:B6 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 13D2 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ZnAtDb2JjTW8Zbrr3d7J51XHobY.roa Signing time: Fri 22 Aug 2025 08:59:46 +0000 ROA not before: Fri 22 Aug 2025 08:59:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 124.218.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5074 (0x13d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=66702D0DBD898D35BC65BAEBDDDEC9E755C7A1B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:20:ed:83:d3:ea:4e:40:70:ae:94:a2:ab:9d: 00:dc:ac:e3:5d:49:3c:ee:68:45:4c:c8:99:57:2a: 74:b2:28:bf:05:75:6f:97:f2:55:57:f8:21:41:09: db:0e:15:8e:cd:f0:bc:56:7a:7a:96:25:e8:29:06: e6:09:9b:65:7c:4d:00:1c:00:e5:02:3e:a3:41:f3: 4f:a2:42:99:7f:3e:d0:6e:6a:9a:f0:06:dc:7b:02: ee:e6:c3:49:40:42:02:50:1e:31:49:9e:2a:0a:69: be:ca:6b:40:7c:cc:cb:20:bf:22:62:1b:97:14:cc: 8f:f8:e4:87:f9:a2:6b:7a:ef:68:08:61:80:b3:1d: d4:6b:0e:da:12:78:2b:07:35:c2:43:a1:e2:f4:7c: bf:7a:45:b6:32:f9:6a:6a:ad:2d:4e:77:e6:84:1c: d7:c3:99:fb:fa:a9:f2:7d:9f:ee:53:15:d2:08:9d: 3f:06:02:61:09:68:44:fb:68:3f:72:d7:26:ba:2e: d3:5f:84:8c:dc:6a:8f:c6:92:b7:ca:f5:53:a8:55: cc:49:fe:5f:b7:8a:c5:b7:26:b2:e4:a6:1f:2e:82: 20:a2:cd:24:7f:37:9e:2f:5a:46:bf:76:ee:56:ac: 12:5e:5b:95:eb:d0:37:d1:d8:77:5e:75:3e:df:86: 1f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:70:2D:0D:BD:89:8D:35:BC:65:BA:EB:DD:DE:C9:E7:55:C7:A1:B6 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ZnAtDb2JjTW8Zbrr3d7J51XHobY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.64.0/22 Signature Algorithm: sha256WithRSAEncryption 09:42:9e:2a:96:8b:2e:63:37:eb:06:43:78:8b:c7:7b:3f:d0: f5:20:77:f4:e7:e8:7d:5e:04:dd:db:e8:ab:f0:b2:e3:fe:ec: 9d:10:b0:bb:c1:20:e5:36:11:c4:c9:1d:fd:73:54:03:63:77: 02:31:4d:55:59:ba:77:aa:4e:b9:1b:2b:ae:7b:47:82:96:a1: 3d:2d:39:4b:81:26:13:8e:04:f2:99:e5:83:bd:cd:f1:1d:b6: e4:75:eb:f8:85:e5:ac:ec:fb:32:2d:da:f3:86:2f:ea:c3:e3: b9:e2:54:0f:73:a3:86:7b:52:4d:c6:93:f6:70:7d:d7:e6:1c: e5:98:87:76:25:c5:b1:5a:ad:8d:b1:7c:79:bc:56:91:39:00: 99:ae:43:f4:28:c0:04:20:52:5b:06:fc:49:33:cc:9e:12:32: e7:10:20:c2:8c:e7:aa:90:90:3f:3a:8d:bd:0b:6f:84:3b:2c: 6e:ca:4a:2e:17:14:78:62:bb:c0:18:85:e4:d3:4d:cc:0e:10: e9:a0:65:f6:6a:ad:35:3e:b6:8d:e0:fe:ec:4c:3d:60:9a:0b: 24:47:0b:61:79:a8:f8:d8:eb:03:a7:ff:a9:9a:17:d5:00:47: 86:5b:ee:c8:88:74:1f:9d:0d:2e:3a:a2:14:b0:ce:a6:89:cb: a9:08:61:a5 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5NDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY2NzAyRDBEQkQ4OThE MzVCQzY1QkFFQkREREVDOUU3NTVDN0ExQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBIO2D0+pOQHCulKKrnQDcrONdSTzuaEVMyJlXKnSyKL8FdW+X 8lVX+CFBCdsOFY7N8LxWenqWJegpBuYJm2V8TQAcAOUCPqNB80+iQpl/PtBuaprw Btx7Au7mw0lAQgJQHjFJnioKab7Ka0B8zMsgvyJiG5cUzI/45If5omt672gIYYCz HdRrDtoSeCsHNcJDoeL0fL96RbYy+WpqrS1Od+aEHNfDmfv6qfJ9n+5TFdIInT8G AmEJaET7aD9y1ya6LtNfhIzcao/GkrfK9VOoVcxJ/l+3isW3JrLkph8ugiCizSR/ N54vWka/du5WrBJeW5Xr0DfR2HdedT7fhh85AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUZnAtDb2JjTW8Zbrr3d7J51XHobYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1puQXREYjJKalRXOFpicnIzZDdKNTFY SG9iWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82kAwDQYJ KoZIhvcNAQELBQADggEBAAlCniqWiy5jN+sGQ3iLx3s/0PUgd/Tn6H1eBN3b6Kvw suP+7J0QsLvBIOU2EcTJHf1zVANjdwIxTVVZuneqTrkbK657R4KWoT0tOUuBJhOO BPKZ5YO9zfEdtuR16/iF5azs+zIt2vOGL+rD47niVA9zo4Z7Uk3Gk/ZwfdfmHOWY h3YlxbFarY2xfHm8VpE5AJmuQ/QowAQgUlsG/EkzzJ4SMucQIMKM56qQkD86jb0L b4Q7LG7KSi4XFHhiu8AYheTTTcwOEOmgZfZqrTU+to3g/uxMPWCaCyRHC2F5qPjY 6wOn/6maF9UAR4Zb7siIdB+dDS46ohSwzqaJy6kIYaU= -----END CERTIFICATE-----Generated at Sun Aug 24 13:50:07 2025 by rpki-client