$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kNz31V69cLy_d14pD7fe-KFcums.roa File: kNz31V69cLy_d14pD7fe-KFcums.roa (raw, json) Hash identifier: ZlR34zKxzWR6LZs8OakhPtNBzNMEHFXcCfJej+XH+IU= Subject key identifier: 90:DC:F7:D5:5E:BD:70:BC:BF:77:5E:29:0F:B7:DE:F8:A1:5C:BA:6B Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 145E Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kNz31V69cLy_d14pD7fe-KFcums.roa Signing time: Fri 22 Aug 2025 09:00:20 +0000 ROA not before: Fri 22 Aug 2025 09:00:20 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 17709 IP address blocks: 60.244.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5214 (0x145e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:20 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=90DCF7D55EBD70BCBF775E290FB7DEF8A15CBA6B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:85:71:dd:ed:70:9f:ed:2d:a7:58:88:9f:81: b1:10:7b:47:8a:8d:2b:9a:d4:75:e3:47:c8:fc:e1: 9b:11:ba:ac:24:41:87:10:57:51:6a:02:1b:52:89: 62:20:9e:14:f3:79:98:b0:be:0e:ff:31:81:dc:51: 42:2d:42:c5:95:e9:ab:6f:53:87:08:82:bd:9a:e8: b4:91:ee:0a:2a:58:66:c0:f1:35:38:16:7a:d7:09: b1:1c:d1:2b:c4:06:ee:ae:49:4c:3d:a0:91:69:40: d0:98:02:78:0f:96:21:f5:49:74:b5:c9:d0:d5:c1: 08:88:0d:39:86:62:99:a5:9b:f6:73:47:a1:33:70: dc:19:80:9e:0f:8d:ec:2e:d3:ef:c6:90:00:7d:bf: 22:16:d3:f8:08:5c:a4:4f:91:d1:40:8e:21:f0:5f: 27:70:3d:d8:15:89:19:39:9e:c0:53:c0:2c:3d:c5: 9b:0b:38:fd:18:d2:b1:8e:46:68:ee:9a:37:58:22: c3:ea:2e:35:ad:60:84:17:e8:e7:44:ef:a2:d3:e5: 10:07:b3:1b:be:8b:85:04:72:2c:b7:c6:27:61:71: ee:d8:6d:6c:e0:af:39:74:8e:f5:a3:c4:e7:54:6c: bc:c7:ad:8c:00:20:ad:9e:90:24:a0:8a:55:48:eb: 2f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:DC:F7:D5:5E:BD:70:BC:BF:77:5E:29:0F:B7:DE:F8:A1:5C:BA:6B X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kNz31V69cLy_d14pD7fe-KFcums.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.244.0.0/17 Signature Algorithm: sha256WithRSAEncryption 9b:30:ea:73:ec:c1:91:96:6d:3d:77:93:4b:af:fe:9f:f0:9d: d0:06:93:03:d4:27:81:51:eb:cf:68:47:3b:a9:97:2f:00:f5: fc:98:2d:70:4b:2b:b9:8f:0b:57:dc:f4:c1:e2:c2:03:96:59: 61:3c:2b:08:01:8b:71:e6:dc:54:66:91:38:5b:ed:16:29:63: b9:59:a6:ef:77:32:d7:f8:48:81:fb:bb:23:ed:21:e0:c7:6a: 30:43:9b:a5:f2:1c:13:9a:fe:01:1a:92:ec:c4:61:28:1c:a4: ff:c3:75:08:40:21:a0:94:c8:40:a8:a7:c1:e6:ff:e4:3e:c4: 95:44:bd:ee:4c:be:42:c9:89:d4:66:4d:ad:ad:60:5b:8e:78: be:5b:37:cc:25:0a:52:67:97:11:97:16:40:d3:03:09:1b:1f: a1:c0:12:48:14:73:54:38:50:d9:56:22:65:7c:e5:78:f2:fe: 1c:04:31:4a:cd:86:68:b2:51:7a:1a:bd:f1:4f:59:f6:43:49: 40:46:8c:74:33:2b:a2:3b:ba:e3:61:f1:26:ab:62:b3:7a:bb: 56:f6:bf:49:70:36:e7:57:ba:ae:8d:f5:1e:ee:92:19:2f:05: 8a:d3:82:36:c4:ce:73:d6:20:7f:1f:35:95:3a:49:de:91:15: 51:f5:37:5b -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMjBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkwRENGN0Q1NUVCRDcw QkNCRjc3NUUyOTBGQjdERUY4QTE1Q0JBNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDxhXHd7XCf7S2nWIifgbEQe0eKjSua1HXjR8j84ZsRuqwkQYcQ V1FqAhtSiWIgnhTzeZiwvg7/MYHcUUItQsWV6atvU4cIgr2a6LSR7goqWGbA8TU4 FnrXCbEc0SvEBu6uSUw9oJFpQNCYAngPliH1SXS1ydDVwQiIDTmGYpmlm/ZzR6Ez cNwZgJ4Pjewu0+/GkAB9vyIW0/gIXKRPkdFAjiHwXydwPdgViRk5nsBTwCw9xZsL OP0Y0rGORmjumjdYIsPqLjWtYIQX6OdE76LT5RAHsxu+i4UEciy3xidhce7YbWzg rzl0jvWjxOdUbLzHrYwAIK2ekCSgilVI6y+vAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUkNz31V69cLy/d14pD7fe+KFcumswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2tOejMxVjY5Y0x5X2QxNHBEN2ZlLUtG Y3Vtcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc89AAwDQYJ KoZIhvcNAQELBQADggEBAJsw6nPswZGWbT13k0uv/p/wndAGkwPUJ4FR689oRzup ly8A9fyYLXBLK7mPC1fc9MHiwgOWWWE8KwgBi3Hm3FRmkThb7RYpY7lZpu93Mtf4 SIH7uyPtIeDHajBDm6XyHBOa/gEakuzEYSgcpP/DdQhAIaCUyECop8Hm/+Q+xJVE ve5MvkLJidRmTa2tYFuOeL5bN8wlClJnlxGXFkDTAwkbH6HAEkgUc1Q4UNlWImV8 5Xjy/hwEMUrNhmiyUXoavfFPWfZDSUBGjHQzK6I7uuNh8SarYrN6u1b2v0lwNudX uq6N9R7ukhkvBYrTgjbEznPWIH8fNZU6Sd6RFVH1N1s= -----END CERTIFICATE-----Generated at Sun Aug 24 14:20:11 2025 by rpki-client