$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kMT63YGO1izn5TovmDUk-ulfzdg.roa File: kMT63YGO1izn5TovmDUk-ulfzdg.roa (raw, json) Hash identifier: eU9rXgBvf13AbKe67P225kVjW3u44EkQSuFE3Me6H3k= Subject key identifier: 90:C4:FA:DD:81:8E:D6:2C:E7:E5:3A:2F:98:35:24:FA:E9:5F:CD:D8 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1422 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kMT63YGO1izn5TovmDUk-ulfzdg.roa Signing time: Fri 22 Aug 2025 09:00:06 +0000 ROA not before: Fri 22 Aug 2025 09:00:06 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24154 IP address blocks: 210.202.48.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5154 (0x1422) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:06 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=90C4FADD818ED62CE7E53A2F983524FAE95FCDD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c3:33:a1:59:a8:42:35:4d:e2:90:09:e8:71: cf:8d:6d:b3:80:bd:d3:6f:1a:e5:62:a4:04:33:54: 0e:28:b3:a3:95:00:fa:42:29:ca:59:ed:df:5d:b4: 09:3e:da:f9:0b:c3:91:ab:09:9a:35:57:c2:1d:c4: da:9e:37:0e:ac:8f:5a:94:dd:e7:ac:e3:5d:ed:78: 1d:28:b9:8d:bb:79:99:f7:1f:60:ef:e0:1e:0b:8f: 32:31:99:ab:82:eb:22:cc:13:19:16:e3:02:aa:e8: 9b:ea:b7:75:50:4d:f7:b4:6e:c5:37:ce:78:b4:02: 9a:a7:c4:93:79:5b:8e:a6:73:8e:23:d7:9f:9d:f7: 84:cf:f8:84:15:39:ac:f6:35:b9:d1:68:a4:11:d5: 57:10:fc:b5:5e:7d:ff:2f:e3:95:f1:ce:83:e3:1b: 62:5d:d2:65:90:e7:e4:d6:1b:66:af:82:67:e6:93: 29:cc:8a:11:fe:7c:7a:b0:e9:13:28:2c:8b:ea:a1: db:9b:2d:da:ff:05:31:ab:8c:57:7b:ad:ae:8d:79: 70:e1:4d:9f:a1:92:aa:aa:05:39:7f:02:80:b2:fc: db:b4:7c:97:fa:2b:58:66:72:b1:4f:05:48:7b:7b: 1a:8d:a5:18:bb:03:69:af:41:30:ea:8b:49:d4:2f: 36:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:C4:FA:DD:81:8E:D6:2C:E7:E5:3A:2F:98:35:24:FA:E9:5F:CD:D8 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kMT63YGO1izn5TovmDUk-ulfzdg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 210.202.48.0/21 Signature Algorithm: sha256WithRSAEncryption 22:56:36:b6:42:81:9f:4f:fc:15:5d:d4:da:47:08:9d:06:7b: fb:11:3e:7f:bc:2d:98:1f:da:ff:e8:a9:9e:13:72:bc:dc:85: aa:bc:a8:14:15:91:ad:34:63:df:1d:e1:ec:05:ad:86:35:90: cd:91:47:86:3e:fb:77:60:64:12:e1:4f:1d:97:49:0d:76:90: be:29:69:97:09:51:ca:1f:62:1c:c3:e6:c3:cb:8f:fd:41:ab: f0:be:7d:17:34:b3:e3:89:1b:c9:65:df:8c:4c:f4:aa:2c:a0: a5:9e:d0:a5:83:fd:6f:6f:cc:63:63:8c:8a:f1:5d:25:c7:49: 20:3a:80:fd:07:17:0a:38:3c:0b:7b:c1:3c:13:33:15:4c:e0: 12:c9:63:53:dc:47:0f:ab:c2:35:b0:ed:6c:40:34:46:8c:59: 6b:42:0b:6a:58:f8:06:5c:6b:d8:25:91:ce:de:4f:bd:51:08: be:95:1e:e0:d9:9d:67:8c:ec:94:52:93:09:62:84:4e:0b:a8: 77:6f:94:12:8d:78:73:d3:b0:7a:56:1c:3e:44:6f:d2:fc:b8: c9:ef:9f:3d:82:72:d4:13:f9:65:03:2e:ce:a2:bb:53:1b:79: 9a:8d:b0:11:31:91:a6:0a:8a:06:69:6e:cf:4d:ef:1c:78:a6: 15:47:45:f5 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkwQzRGQUREODE4RUQ2 MkNFN0U1M0EyRjk4MzUyNEZBRTk1RkNERDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4wzOhWahCNU3ikAnocc+NbbOAvdNvGuVipAQzVA4os6OVAPpC KcpZ7d9dtAk+2vkLw5GrCZo1V8IdxNqeNw6sj1qU3ees413teB0ouY27eZn3H2Dv 4B4LjzIxmauC6yLMExkW4wKq6Jvqt3VQTfe0bsU3zni0ApqnxJN5W46mc44j15+d 94TP+IQVOaz2NbnRaKQR1VcQ/LVeff8v45XxzoPjG2Jd0mWQ5+TWG2avgmfmkynM ihH+fHqw6RMoLIvqodubLdr/BTGrjFd7ra6NeXDhTZ+hkqqqBTl/AoCy/Nu0fJf6 K1hmcrFPBUh7exqNpRi7A2mvQTDqi0nULzZbAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUkMT63YGO1izn5TovmDUk+ulfzdgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2tNVDYzWUdPMWl6bjVUb3ZtRFVrLXVs ZnpkZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPSyjAwDQYJ KoZIhvcNAQELBQADggEBACJWNrZCgZ9P/BVd1NpHCJ0Ge/sRPn+8LZgf2v/oqZ4T crzchaq8qBQVka00Y98d4ewFrYY1kM2RR4Y++3dgZBLhTx2XSQ12kL4paZcJUcof YhzD5sPLj/1Bq/C+fRc0s+OJG8ll34xM9KosoKWe0KWD/W9vzGNjjIrxXSXHSSA6 gP0HFwo4PAt7wTwTMxVM4BLJY1PcRw+rwjWw7WxANEaMWWtCC2pY+AZca9glkc7e T71RCL6VHuDZnWeM7JRSkwlihE4LqHdvlBKNeHPTsHpWHD5Eb9L8uMnvnz2CctQT +WUDLs6iu1MbeZqNsBExkaYKigZpbs9N7xx4phVHRfU= -----END CERTIFICATE-----Generated at Sun Aug 24 14:21:41 2025 by rpki-client