$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/lHA1MgM17mLGpDYCsme0BWcGG4I.roa File: lHA1MgM17mLGpDYCsme0BWcGG4I.roa (raw, json) Hash identifier: ruDwo6oIHGQAfny2EINLBvfMcumT6bl3QgO1JIrqPjo= Subject key identifier: 94:70:35:32:03:35:EE:62:C6:A4:36:02:B2:67:B4:05:67:06:1B:82 Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 1425 Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lHA1MgM17mLGpDYCsme0BWcGG4I.roa Signing time: Fri 22 Aug 2025 09:00:07 +0000 ROA not before: Fri 22 Aug 2025 09:00:07 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 124.218.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5157 (0x1425) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:07 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=947035320335EE62C6A43602B267B40567061B82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:84:b5:08:34:dd:3f:f4:06:a3:a9:5f:00:ca: 39:a6:cd:7b:fc:e3:09:e6:ec:e7:60:17:7a:43:ad: b3:cb:0e:85:2b:31:24:f9:8b:b2:81:ba:68:db:62: 15:f5:ef:0e:2d:41:b2:cf:a5:58:f9:ac:cc:c6:f0: 5d:65:1b:bc:95:2e:97:10:e2:c5:e8:7a:1d:23:ff: 37:9a:c1:ff:59:94:37:ac:74:3b:66:85:e8:75:04: 23:16:e5:25:e8:bd:ea:f5:e2:83:e8:8b:1f:9a:47: 46:88:6b:5a:bc:70:1b:77:8c:80:23:90:17:e1:14: 7f:e9:31:fe:cc:58:70:3d:73:95:63:22:48:71:13: da:8c:85:f9:cb:06:71:70:ce:55:79:1f:2f:8f:0b: aa:92:18:a3:81:05:ff:a0:cf:f3:c5:fb:9b:6b:a4: d6:f6:2e:6e:d0:7e:71:f0:e0:39:29:6f:76:5a:d8: c1:a1:a5:4c:73:90:2d:eb:f9:9d:62:30:5b:d0:5c: 42:a7:e0:06:76:8a:16:e6:64:fb:5d:48:e6:dd:10: 04:5c:6f:42:35:99:85:b2:db:cb:1b:93:d8:da:3a: 78:ad:71:4f:9f:c1:40:b8:59:28:d3:46:c0:6e:f0: 84:d4:3f:13:1d:99:cd:a4:ef:78:fb:a6:b8:44:b1: 5e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:70:35:32:03:35:EE:62:C6:A4:36:02:B2:67:B4:05:67:06:1B:82 X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lHA1MgM17mLGpDYCsme0BWcGG4I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.218.72.0/21 Signature Algorithm: sha256WithRSAEncryption 1e:22:d0:eb:d3:77:92:51:9b:5e:44:49:0e:75:b7:20:30:99: 25:c2:e9:03:4f:82:f1:b9:2e:b5:9e:4d:d2:95:d0:36:48:45: af:7a:37:91:69:3e:3f:81:50:6b:39:32:22:4d:c9:19:7b:35: 9a:cb:ca:4a:bf:a9:23:b7:b0:e5:bf:d2:87:b1:1c:2e:f0:51: dd:49:5e:37:72:d4:64:f4:23:9c:d3:66:89:9d:bf:0a:92:eb: 70:bb:1b:67:0a:3f:ee:9d:f6:80:44:51:9d:ff:10:bc:cb:1b: 89:b0:04:63:ea:1b:50:17:0a:e5:e2:b2:aa:85:ff:bd:89:6a: 30:3d:da:91:9f:90:19:94:f5:8c:1b:be:ae:f2:a3:3e:49:40: 82:4f:44:14:c2:c0:5b:a7:f5:4b:32:f0:dc:d6:ae:da:cc:70: 0b:51:cd:80:c6:ad:e7:79:24:01:99:1a:7a:03:8f:e8:53:a1: 23:73:3b:ee:4c:ec:33:43:72:00:02:f0:35:92:5e:53:35:6f: 6e:1c:70:26:8e:0a:91:03:82:84:d1:9c:aa:23:4e:8a:61:1f: e5:60:94:22:8e:6f:1c:d1:8e:fe:46:55:7a:ed:53:fa:4b:52: a2:11:b5:30:75:fb:fc:5f:63:0c:87:e8:a8:da:1a:89:2d:39: f9:7e:72:0a -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMDdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDk0NzAzNTMyMDMzNUVF NjJDNkE0MzYwMkIyNjdCNDA1NjcwNjFCODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnhLUINN0/9AajqV8AyjmmzXv84wnm7OdgF3pDrbPLDoUrMST5 i7KBumjbYhX17w4tQbLPpVj5rMzG8F1lG7yVLpcQ4sXoeh0j/zeawf9ZlDesdDtm heh1BCMW5SXover14oPoix+aR0aIa1q8cBt3jIAjkBfhFH/pMf7MWHA9c5VjIkhx E9qMhfnLBnFwzlV5Hy+PC6qSGKOBBf+gz/PF+5trpNb2Lm7QfnHw4Dkpb3Za2MGh pUxzkC3r+Z1iMFvQXEKn4AZ2ihbmZPtdSObdEARcb0I1mYWy28sbk9jaOnitcU+f wUC4WSjTRsBu8ITUPxMdmc2k73j7prhEsV6NAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUlHA1MgM17mLGpDYCsme0BWcGG4IwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2xIQTFNZ00xN21MR3BEWUNzbWUwQldj R0c0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN82kgwDQYJ KoZIhvcNAQELBQADggEBAB4i0OvTd5JRm15ESQ51tyAwmSXC6QNPgvG5LrWeTdKV 0DZIRa96N5FpPj+BUGs5MiJNyRl7NZrLykq/qSO3sOW/0oexHC7wUd1JXjdy1GT0 I5zTZomdvwqS63C7G2cKP+6d9oBEUZ3/ELzLG4mwBGPqG1AXCuXisqqF/72JajA9 2pGfkBmU9Ywbvq7yoz5JQIJPRBTCwFun9Usy8NzWrtrMcAtRzYDGred5JAGZGnoD j+hToSNzO+5M7DNDcgAC8DWSXlM1b24ccCaOCpEDgoTRnKojTophH+VglCKObxzR jv5GVXrtU/pLUqIRtTB1+/xfYwyH6KjaGoktOfl+cgo= -----END CERTIFICATE-----Generated at Sun Aug 24 13:49:37 2025 by rpki-client