$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/erMJ_lFJMrMYBy4K7QGY4UHH9q0.roa File: erMJ_lFJMrMYBy4K7QGY4UHH9q0.roa (raw, json) Hash identifier: +PSth6ZvlEWnu2EWLT0/21HBmJRg95JOmMUdYzpLB8U= Subject key identifier: 7A:B3:09:FE:51:49:32:B3:18:07:2E:0A:ED:01:98:E1:41:C7:F6:AD Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 138D Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/erMJ_lFJMrMYBy4K7QGY4UHH9q0.roa Signing time: Fri 22 Aug 2025 08:59:25 +0000 ROA not before: Fri 22 Aug 2025 08:59:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 2404:0:1000::/40 maxlen: 56 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5005 (0x138d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=7AB309FE514932B318072E0AED0198E141C7F6AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2a:cf:95:7f:50:eb:c8:21:9a:ca:8c:5d:ff: 0a:00:01:6f:6c:50:4f:1e:12:fe:ae:89:d6:82:22: 72:7b:6e:1b:70:98:33:72:b4:48:8a:94:80:0b:cb: 78:08:ab:ab:fa:73:fa:8c:e3:c4:e9:e7:1e:77:28: b4:b5:8f:fc:96:75:05:36:00:1e:4c:3c:5d:9c:a5: ff:64:67:1f:c1:bf:0b:e6:0f:6c:99:6b:3d:a8:6d: 35:de:77:24:59:a5:db:dd:52:ac:72:54:fb:9c:e5: ea:9f:49:6e:3d:1d:de:c1:94:0a:82:34:cb:2a:1b: ff:ce:39:a6:f6:0e:ed:d1:8c:77:e5:7e:db:0a:ef: 5d:cf:53:86:00:d5:58:d2:04:1a:03:75:d0:cd:50: 7a:37:f0:98:3b:7b:b2:67:33:61:35:41:0e:c1:20: dc:28:b6:60:7d:6f:1d:34:73:b0:51:58:b4:6d:15: f6:e1:2c:b8:eb:d7:15:2d:8a:66:54:2a:ef:0d:fa: 51:94:91:f0:a0:37:3d:78:b2:81:6a:47:f0:9c:a9: 2d:b3:48:f8:6c:f9:88:f1:d8:5e:7d:d1:ff:b5:00: 35:2b:2e:07:fc:dd:a2:7d:94:f4:bc:79:e5:33:7d: 1d:3c:98:58:be:d7:75:1b:96:42:b2:7a:79:07:18: 66:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B3:09:FE:51:49:32:B3:18:07:2E:0A:ED:01:98:E1:41:C7:F6:AD X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/erMJ_lFJMrMYBy4K7QGY4UHH9q0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:0:1000::/40 Signature Algorithm: sha256WithRSAEncryption c8:e3:04:6d:1c:24:d6:3c:e1:4a:cb:53:f6:4b:e2:96:9d:42: 91:01:83:45:a5:b3:9c:fa:3b:8f:c1:a1:ae:db:c0:0c:e8:6e: ea:eb:0c:80:4a:77:15:df:a4:6e:df:b0:7e:58:af:bc:73:b3: 08:62:53:f2:b9:2c:61:f2:45:01:68:1a:b1:43:f3:7c:fc:a9: 16:43:34:1b:38:58:51:54:df:c4:51:dc:7c:1a:09:8f:8a:70: c8:bc:cc:cb:07:e6:34:80:41:d3:39:de:6f:e9:1b:28:16:18: 4c:73:37:85:b2:c8:67:0c:76:ea:39:3b:e3:a7:7e:8f:50:82: fd:2b:23:8c:ce:05:05:d8:17:bf:0e:00:01:5e:fe:4e:b7:53: 7a:b7:35:d0:16:a4:8f:c7:ba:df:60:40:00:19:35:99:71:23: b7:48:b9:62:bb:bd:9c:db:08:72:0b:90:4f:e2:df:33:a8:9e: 52:da:c8:28:3f:a2:65:dc:60:ef:fc:f6:69:f6:37:e5:df:e4: ea:99:5c:67:33:62:92:0c:bd:64:17:60:07:11:02:e5:44:3d: 2b:40:98:05:2f:a1:f5:23:2f:00:16:53:54:56:40:ca:e5:6a: 5c:4c:1a:b3:ff:b0:19:a4:11:31:8a:50:87:8c:0b:9f:b2:88: 5f:77:ae:ca -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICE40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDdBQjMwOUZFNTE0OTMy QjMxODA3MkUwQUVEMDE5OEUxNDFDN0Y2QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNKs+Vf1DryCGayoxd/woAAW9sUE8eEv6uidaCInJ7bhtwmDNy tEiKlIALy3gIq6v6c/qM48Tp5x53KLS1j/yWdQU2AB5MPF2cpf9kZx/BvwvmD2yZ az2obTXedyRZpdvdUqxyVPuc5eqfSW49Hd7BlAqCNMsqG//OOab2Du3RjHflftsK 713PU4YA1VjSBBoDddDNUHo38Jg7e7JnM2E1QQ7BINwotmB9bx00c7BRWLRtFfbh LLjr1xUtimZUKu8N+lGUkfCgNz14soFqR/CcqS2zSPhs+Yjx2F590f+1ADUrLgf8 3aJ9lPS8eeUzfR08mFi+13UblkKyenkHGGYVAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUerMJ/lFJMrMYBy4K7QGY4UHH9q0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2VyTUpfbEZKTXJNWUJ5NEs3UUdZNFVI SDlxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAkBAAAEDAN BgkqhkiG9w0BAQsFAAOCAQEAyOMEbRwk1jzhSstT9kvilp1CkQGDRaWznPo7j8Gh rtvADOhu6usMgEp3Fd+kbt+wflivvHOzCGJT8rksYfJFAWgasUPzfPypFkM0GzhY UVTfxFHcfBoJj4pwyLzMywfmNIBB0zneb+kbKBYYTHM3hbLIZwx26jk746d+j1CC /SsjjM4FBdgXvw4AAV7+TrdTerc10Bakj8e632BAABk1mXEjt0i5Yru9nNsIcguQ T+LfM6ieUtrIKD+iZdxg7/z2afY35d/k6plcZzNikgy9ZBdgBxEC5UQ9K0CYBS+h 9SMvABZTVFZAyuVqXEwas/+wGaQRMYpQh4wLn7KIX3euyg== -----END CERTIFICATE-----Generated at Sun Aug 24 14:22:49 2025 by rpki-client