$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kMATK__4OaBxtwNYZkj4d_WQTDs.roa File: kMATK__4OaBxtwNYZkj4d_WQTDs.roa (raw, json) Hash identifier: mRCauYAGGp3EXDGZ1J8nX0MxvtR1RlHEqrQ7mYZ8VWE= Subject key identifier: 90:C0:13:2B:FF:F8:39:A0:71:B7:03:58:66:48:F8:77:F5:90:4C:3B Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1392 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kMATK__4OaBxtwNYZkj4d_WQTDs.roa Signing time: Fri 22 Aug 2025 08:59:26 +0000 ROA not before: Fri 22 Aug 2025 08:59:26 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24154 IP address blocks: 203.207.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5010 (0x1392) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:26 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=90C0132BFFF839A071B703586648F877F5904C3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7b:40:94:30:69:72:81:30:9f:c2:8d:17:2c: 4d:02:8b:10:33:71:36:ad:d5:40:08:93:f2:ed:65: 55:73:b4:87:b3:3b:70:79:86:4c:11:aa:40:0a:61: c6:c3:42:76:52:a2:eb:27:8d:b6:11:28:85:ec:e4: 4a:a2:ff:e6:a4:15:c8:ad:b6:19:fb:2f:f9:06:41: ae:f5:90:6c:ea:87:d3:9d:d6:1d:c5:0f:65:e9:e8: f2:e1:6a:19:1d:ec:97:a2:c9:b4:d3:9c:40:7d:3e: 1a:72:ad:2c:a6:fa:dc:dd:d0:08:f4:66:91:df:18: 72:d2:0a:cc:33:1c:9c:f7:96:a0:61:b9:11:bd:cf: d1:28:d3:47:f7:a4:93:13:1c:9b:c3:68:c8:29:3e: 27:3f:8a:ab:e8:c2:7e:e2:d0:c0:c0:f6:26:76:56: a4:2c:7d:5d:b5:44:1e:70:75:13:b3:2d:c9:c3:5a: c7:b8:b3:2a:f0:3d:b0:6a:a5:4a:13:76:f6:08:5b: 22:1c:e1:c0:5e:e3:af:72:d9:ac:97:e8:21:aa:e4: b9:b7:7c:fc:a6:63:6c:4a:fa:ee:a0:73:96:2d:69: 29:20:bd:c6:88:80:b3:48:c7:e0:e1:ad:f8:47:73: 96:9b:16:36:5d:d0:7f:5f:c7:ec:fb:27:82:d5:fc: 5c:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C0:13:2B:FF:F8:39:A0:71:B7:03:58:66:48:F8:77:F5:90:4C:3B X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kMATK__4OaBxtwNYZkj4d_WQTDs.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.207.44.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:7f:11:8a:53:38:f0:11:4c:a5:83:d2:6c:b8:5d:35:56:e5: 3b:16:25:c8:b9:75:e5:12:58:ca:9b:40:60:75:87:de:d1:5b: d0:7b:30:50:af:22:b0:dd:99:b9:e7:d2:18:86:ab:94:e4:f1: 4b:f6:a9:24:48:d0:e0:91:eb:5e:73:ec:36:6a:c2:08:98:4c: 44:74:c5:3d:0d:8f:a7:82:20:be:7c:a5:a4:6f:e6:10:88:2d: 21:4b:a9:0c:b7:b2:65:20:f5:b5:53:33:38:3a:a7:9b:dc:6b: f8:a4:4d:14:2e:4c:b5:03:74:79:a9:bd:13:42:77:13:c6:91: 92:73:f8:63:b2:41:27:f1:b0:c5:5c:c8:dd:5e:33:9d:0e:57: 4e:8e:05:0b:b2:73:5d:27:36:11:d9:a9:9c:cb:31:99:b4:e3: bf:bc:c7:ef:1b:05:1f:d8:ad:bb:f2:f0:78:bd:c7:a0:ea:c2: 43:dc:6e:e4:90:47:79:ee:e2:df:57:24:bd:c8:33:2e:1e:b9: 7e:89:80:63:29:a3:64:cc:05:7c:2d:85:b3:c3:85:b9:78:92: 8a:8c:57:95:b7:97:ca:3c:d0:99:92:fd:bc:2f:c5:24:33:a4: 1f:40:80:01:27:4f:51:cb:0d:b8:09:fe:a5:53:7e:6d:e3:52: ea:f6:09:4c -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MjZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkwQzAxMzJCRkZGODM5 QTA3MUI3MDM1ODY2NDhGODc3RjU5MDRDM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCme0CUMGlygTCfwo0XLE0CixAzcTat1UAIk/LtZVVztIezO3B5 hkwRqkAKYcbDQnZSousnjbYRKIXs5Eqi/+akFcitthn7L/kGQa71kGzqh9Od1h3F D2Xp6PLhahkd7JeiybTTnEB9PhpyrSym+tzd0Aj0ZpHfGHLSCswzHJz3lqBhuRG9 z9Eo00f3pJMTHJvDaMgpPic/iqvown7i0MDA9iZ2VqQsfV21RB5wdROzLcnDWse4 syrwPbBqpUoTdvYIWyIc4cBe469y2ayX6CGq5Lm3fPymY2xK+u6gc5YtaSkgvcaI gLNIx+DhrfhHc5abFjZd0H9fx+z7J4LV/FxXAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUkMATK//4OaBxtwNYZkj4d/WQTDswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2tNQVRLX180T2FCeHR3Tllaa2o0ZF9X UVREcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLzywwDQYJ KoZIhvcNAQELBQADggEBAAx/EYpTOPARTKWD0my4XTVW5TsWJci5deUSWMqbQGB1 h97RW9B7MFCvIrDdmbnn0hiGq5Tk8Uv2qSRI0OCR615z7DZqwgiYTER0xT0Nj6eC IL58paRv5hCILSFLqQy3smUg9bVTMzg6p5vca/ikTRQuTLUDdHmpvRNCdxPGkZJz +GOyQSfxsMVcyN1eM50OV06OBQuyc10nNhHZqZzLMZm047+8x+8bBR/Yrbvy8Hi9 x6DqwkPcbuSQR3nu4t9XJL3IMy4euX6JgGMpo2TMBXwthbPDhbl4koqMV5W3l8o8 0JmS/bwvxSQzpB9AgAEnT1HLDbgJ/qVTfm3jUur2CUw= -----END CERTIFICATE-----Generated at Sun Aug 24 14:16:33 2025 by rpki-client