$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/lDkdFNcbDuCD9e_jS4mxu2eLuCM.roa File: lDkdFNcbDuCD9e_jS4mxu2eLuCM.roa (raw, json) Hash identifier: 19sOe/337gvbKKDFggn5bQJo4eBxtH4Ck6rVRmvRBcY= Subject key identifier: 94:39:1D:14:D7:1B:0E:E0:83:F5:EF:E3:4B:89:B1:BB:67:8B:B8:23 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1386 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lDkdFNcbDuCD9e_jS4mxu2eLuCM.roa Signing time: Fri 22 Aug 2025 08:59:23 +0000 ROA not before: Fri 22 Aug 2025 08:59:23 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 24154 IP address blocks: 222.156.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4998 (0x1386) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 08:59:23 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=94391D14D71B0EE083F5EFE34B89B1BB678BB823 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:06:d2:42:8e:93:39:e8:61:38:40:8f:01:1e: 47:6f:34:06:55:62:ad:e6:58:7f:51:fd:45:84:f9: 38:c1:78:43:1c:9b:44:4e:45:82:5d:1a:d0:8c:a7: 33:8f:88:fe:db:99:98:0b:19:79:41:ea:f1:15:a3: a2:b9:fa:54:e2:f7:1c:4c:5a:7e:52:34:83:05:92: cf:01:9e:35:f9:5d:ff:dd:dc:f6:1c:41:9a:cf:e1: cd:50:de:a1:a9:cc:49:b1:02:1d:05:e8:d0:5a:6c: e2:8a:0c:49:5d:46:5a:b9:5a:cb:29:8c:8d:6a:cb: db:2a:31:b0:e6:e0:02:9f:9b:0e:f0:0a:68:0e:3f: 0d:16:35:0a:2a:8b:d9:7c:57:9f:3f:a3:bf:5b:d3: 02:54:93:ef:6f:ac:29:b2:9c:48:2f:2b:db:c2:37: 9d:18:2e:57:4b:0d:0f:6b:eb:7e:8e:24:ba:f0:7a: 50:4a:48:46:2f:13:bc:52:ec:6b:1b:84:f3:15:b6: e9:e4:a4:26:ef:66:58:ca:1b:3f:93:4d:1d:f5:9b: ed:e6:74:14:87:a4:c4:c0:ef:70:2f:e1:88:fc:e7: 50:81:7a:72:d1:e4:6a:72:16:77:e9:78:84:27:f1: a4:9d:19:98:2b:9b:ea:e7:17:fe:67:4c:48:fa:27: e1:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:39:1D:14:D7:1B:0E:E0:83:F5:EF:E3:4B:89:B1:BB:67:8B:B8:23 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lDkdFNcbDuCD9e_jS4mxu2eLuCM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 222.156.254.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:9d:07:89:de:16:8b:ed:4e:dc:8f:57:3a:4a:d8:71:17:0b: 9b:8f:dc:9c:18:6e:ba:68:75:e1:c7:a5:59:d8:47:61:66:4b: d5:47:d5:05:a9:5b:0e:14:c6:77:68:a2:b4:f0:09:6c:7f:a5: be:6a:ee:85:9f:11:33:ff:9e:72:ea:22:12:de:d7:d2:01:27: e5:00:89:68:33:33:eb:21:e4:b5:8a:93:24:17:a9:5d:c8:6e: c3:f8:54:85:4b:e1:43:f5:f4:36:70:df:d8:d9:35:1f:87:4c: 6d:3e:63:f5:2d:98:2e:e7:95:a0:a6:93:a6:e9:7b:76:60:b1: 37:0b:d2:d3:7c:f7:ef:26:fe:e5:61:8d:c0:3f:2a:44:8f:07: 0d:6b:d7:58:91:3d:92:42:0a:18:a7:2b:df:a6:f6:82:e9:13: b2:0f:14:20:c0:da:35:c9:bc:c6:f3:20:c6:c9:a5:25:d5:7d: ea:8f:b2:85:84:d8:d4:eb:7b:31:c4:99:1f:2d:23:59:f3:46: 60:3e:31:b6:85:db:b7:45:f1:d7:ea:7b:15:e3:57:e5:59:9d: 17:fe:c4:31:e8:62:2f:53:a7:c7:28:09:11:4e:9f:95:8f:f5: ec:3c:6e:f7:6b:f0:fe:bf:43:4d:e8:b6:1b:c3:20:7f:53:a5: 63:66:aa:b3 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICE4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw ODU5MjNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk0MzkxRDE0RDcxQjBF RTA4M0Y1RUZFMzRCODlCMUJCNjc4QkI4MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOBtJCjpM56GE4QI8BHkdvNAZVYq3mWH9R/UWE+TjBeEMcm0RO RYJdGtCMpzOPiP7bmZgLGXlB6vEVo6K5+lTi9xxMWn5SNIMFks8BnjX5Xf/d3PYc QZrP4c1Q3qGpzEmxAh0F6NBabOKKDEldRlq5WsspjI1qy9sqMbDm4AKfmw7wCmgO Pw0WNQoqi9l8V58/o79b0wJUk+9vrCmynEgvK9vCN50YLldLDQ9r636OJLrwelBK SEYvE7xS7GsbhPMVtunkpCbvZljKGz+TTR31m+3mdBSHpMTA73Av4Yj851CBenLR 5GpyFnfpeIQn8aSdGZgrm+rnF/5nTEj6J+FrAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUlDkdFNcbDuCD9e/jS4mxu2eLuCMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2xEa2RGTmNiRHVDRDllX2pTNG14dTJl THVDTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADenP4wDQYJ KoZIhvcNAQELBQADggEBAGudB4neFovtTtyPVzpK2HEXC5uP3JwYbrpodeHHpVnY R2FmS9VH1QWpWw4UxndoorTwCWx/pb5q7oWfETP/nnLqIhLe19IBJ+UAiWgzM+sh 5LWKkyQXqV3IbsP4VIVL4UP19DZw39jZNR+HTG0+Y/UtmC7nlaCmk6bpe3ZgsTcL 0tN89+8m/uVhjcA/KkSPBw1r11iRPZJCChinK9+m9oLpE7IPFCDA2jXJvMbzIMbJ pSXVfeqPsoWE2NTrezHEmR8tI1nzRmA+MbaF27dF8dfqexXjV+VZnRf+xDHoYi9T p8coCRFOn5WP9ew8bvdr8P6/Q03othvDIH9TpWNmqrM= -----END CERTIFICATE-----Generated at Sun Aug 24 14:15:04 2025 by rpki-client