$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/i-0htNgqqEdSiBflGB7BU-6nK8k.roa File: i-0htNgqqEdSiBflGB7BU-6nK8k.roa (raw, json) Hash identifier: 3TAFsA7kOy6Jp+HOrmNTHVaq28ydMsIPyetUQOUnT00= Subject key identifier: 8B:ED:21:B4:D8:2A:A8:47:52:88:17:E5:18:1E:C1:53:EE:A7:2B:C9 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1420 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/i-0htNgqqEdSiBflGB7BU-6nK8k.roa Signing time: Fri 22 Aug 2025 09:00:06 +0000 ROA not before: Fri 22 Aug 2025 09:00:06 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 203.79.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5152 (0x1420) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:06 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8BED21B4D82AA847528817E5181EC153EEA72BC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:1f:61:bf:2c:cc:33:05:e7:b5:5b:ad:a3:67: 2a:29:82:3c:88:99:3d:a0:77:81:07:c3:aa:9d:11: ec:f1:bd:fd:ae:79:4c:36:b7:91:8d:6e:72:63:5e: 1a:d1:07:6d:05:39:df:97:7b:90:48:90:6f:43:46: 8b:29:6e:b2:c5:41:d9:98:2a:62:16:88:64:0e:6f: 6b:fe:d2:a6:9e:bc:7a:2d:f9:90:9d:9b:9c:39:15: 85:89:36:c5:f7:4e:57:6c:5f:71:2d:f2:d6:d5:c9: b9:48:a6:6a:c9:d6:e8:91:d8:a0:90:58:a7:82:2f: 10:12:54:d1:69:ef:7c:34:f9:6b:78:d5:bc:59:af: c1:ee:90:8b:a1:13:0b:e3:1a:e5:d9:a9:29:b9:d2: d4:50:da:af:55:59:82:89:ec:e5:03:f4:60:e1:c2: 84:51:6c:c3:b0:bb:07:95:81:38:28:00:c0:7d:51: d6:d9:ec:29:d0:85:89:29:fd:f5:c5:f9:9a:84:8f: c0:09:3a:a2:e9:04:df:b5:15:84:1b:ac:54:7e:53: a9:8f:34:47:40:ef:c0:8e:2a:6f:cf:fc:ae:d9:26: 3c:9c:3b:78:9c:bc:2f:6e:99:da:e8:3c:9f:5b:e7: 0a:06:16:18:38:0b:77:4a:cb:e6:7c:a8:4c:98:fc: 67:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:ED:21:B4:D8:2A:A8:47:52:88:17:E5:18:1E:C1:53:EE:A7:2B:C9 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/i-0htNgqqEdSiBflGB7BU-6nK8k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.79.128.0/17 Signature Algorithm: sha256WithRSAEncryption 57:11:7d:ea:fd:a4:94:2b:d7:5e:3d:62:46:36:b9:3d:62:22: b4:31:82:18:8d:2b:cd:82:47:2d:1e:4b:9e:53:23:6b:17:9d: 68:2c:07:2d:e0:53:6f:aa:99:a8:e2:e7:d9:c0:d1:d0:f8:96: 12:35:f9:eb:7f:e5:4b:b4:74:b4:11:8e:fc:49:20:f1:8b:e8: a3:da:d6:cf:6e:de:24:b3:21:3d:0b:35:44:b7:91:51:6a:8e: 02:a9:bb:22:4f:9a:d8:f1:9a:54:9d:bf:a8:6f:ab:a7:6d:a9: 1b:d7:5c:bf:51:79:8c:c0:dc:94:4f:93:1a:6f:2f:1c:28:79: 0d:08:ad:3c:b5:3d:f1:81:19:64:c5:0b:8c:d1:79:d2:e3:91: 2a:52:ce:ac:0d:08:0a:e5:c9:b1:ba:ce:86:7e:a1:5c:87:36: ca:c5:f9:e9:e7:b9:f7:f1:9c:c4:a6:b3:a5:8b:e4:be:7f:ce: ce:98:b4:1a:28:2f:b7:61:e5:9b:d8:91:9f:d1:24:1b:58:25: 54:e4:ac:d2:6e:a7:5c:19:1d:0b:18:98:1f:6a:8f:17:c6:70: fc:c3:6f:59:c2:18:65:8f:90:ce:0a:ec:a6:d8:2a:c8:30:f7: 34:98:fd:2d:2c:16:8c:44:8e:8d:e4:8b:fb:22:c0:21:02:ea: e6:0b:36:84 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFCAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhCRUQyMUI0RDgyQUE4 NDc1Mjg4MTdFNTE4MUVDMTUzRUVBNzJCQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVH2G/LMwzBee1W62jZyopgjyImT2gd4EHw6qdEezxvf2ueUw2 t5GNbnJjXhrRB20FOd+Xe5BIkG9DRospbrLFQdmYKmIWiGQOb2v+0qaevHot+ZCd m5w5FYWJNsX3TldsX3Et8tbVyblIpmrJ1uiR2KCQWKeCLxASVNFp73w0+Wt41bxZ r8HukIuhEwvjGuXZqSm50tRQ2q9VWYKJ7OUD9GDhwoRRbMOwuweVgTgoAMB9UdbZ 7CnQhYkp/fXF+ZqEj8AJOqLpBN+1FYQbrFR+U6mPNEdA78COKm/P/K7ZJjycO3ic vC9umdroPJ9b5woGFhg4C3dKy+Z8qEyY/Gd1AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUi+0htNgqqEdSiBflGB7BU+6nK8kwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2ktMGh0TmdxcUVkU2lCZmxHQjdCVS02 bks4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfLT4AwDQYJ KoZIhvcNAQELBQADggEBAFcRfer9pJQr1149YkY2uT1iIrQxghiNK82CRy0eS55T I2sXnWgsBy3gU2+qmaji59nA0dD4lhI1+et/5Uu0dLQRjvxJIPGL6KPa1s9u3iSz IT0LNUS3kVFqjgKpuyJPmtjxmlSdv6hvq6dtqRvXXL9ReYzA3JRPkxpvLxwoeQ0I rTy1PfGBGWTFC4zRedLjkSpSzqwNCArlybG6zoZ+oVyHNsrF+ennuffxnMSms6WL 5L5/zs6YtBooL7dh5ZvYkZ/RJBtYJVTkrNJup1wZHQsYmB9qjxfGcPzDb1nCGGWP kM4K7KbYKsgw9zSY/S0sFoxEjo3ki/siwCEC6uYLNoQ= -----END CERTIFICATE-----Generated at Sun Aug 24 14:22:49 2025 by rpki-client