$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/pglFCtLjf4muKqyk32nJ9VvL21s.roa File: pglFCtLjf4muKqyk32nJ9VvL21s.roa (raw, json) Hash identifier: Ksc+d26O/J65X5F59c4JAIJlOdfQfZ60mdyqKZyZp6E= Subject key identifier: A6:09:45:0A:D2:E3:7F:89:AE:2A:AC:A4:DF:69:C9:F5:5B:CB:DB:5B Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Certificate serial: 148F Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/pglFCtLjf4muKqyk32nJ9VvL21s.roa Signing time: Fri 22 Aug 2025 09:00:33 +0000 ROA not before: Fri 22 Aug 2025 09:00:33 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131602 IP address blocks: 218.35.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5263 (0x148f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51 Validity Not Before: Aug 22 09:00:33 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A609450AD2E37F89AE2AACA4DF69C9F55BCBDB5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:61:7b:d1:e8:68:23:2c:70:c4:3c:65:2e:6b: 7a:ab:75:3f:a1:ac:21:8e:8d:c8:06:d1:1b:7b:70: 51:4d:81:ef:39:af:a0:fa:d5:9d:2f:57:64:e9:37: e0:c3:58:67:a5:99:21:0e:af:24:c7:26:1e:76:5f: 5b:d4:a4:7e:b8:20:86:53:07:86:50:c0:0e:e9:8e: ee:12:24:bd:c4:3f:81:66:51:f7:cc:1f:eb:f6:52: ee:a0:a9:b3:91:08:bd:6d:df:44:e7:9b:90:d6:c6: 4b:e2:ab:d0:23:ef:df:a8:a3:aa:bb:06:be:64:47: 75:be:89:57:4a:e3:d1:0d:66:12:f1:b7:db:a5:83: 38:6d:c2:8e:d5:ad:1c:6e:67:bd:d8:0a:fe:fc:8b: 7a:e2:6f:b8:c1:90:1d:7a:09:30:bd:b4:c3:96:7d: 86:62:12:09:d5:e5:24:4c:65:6b:e7:9f:c7:54:48: d8:68:02:94:bc:e0:ea:70:12:8b:1a:03:66:ed:1c: ed:35:2d:c3:5c:a4:6b:5e:93:9c:e1:5f:00:35:87: 73:ad:cd:44:86:0c:9e:84:cc:af:e1:8c:ba:00:bb: 7b:c0:60:72:4a:3f:92:34:52:13:56:55:c7:4d:51: 77:b3:8c:15:72:c4:33:36:d1:ee:12:f2:c5:3e:f1: 9f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:09:45:0A:D2:E3:7F:89:AE:2A:AC:A4:DF:69:C9:F5:5B:CB:DB:5B X509v3 Authority Key Identifier: keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/pglFCtLjf4muKqyk32nJ9VvL21s.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.35.104.0/22 Signature Algorithm: sha256WithRSAEncryption 4b:6f:17:60:d3:42:f3:43:18:98:a1:2e:29:71:a2:35:2f:96: 23:e6:53:03:10:54:35:27:05:f4:03:b5:00:de:f7:4f:1b:ed: 63:11:d9:d3:1a:c4:42:5f:9b:6c:12:11:e1:15:12:80:c5:02: b0:eb:39:37:97:cf:be:fc:9d:b6:5a:50:a2:3a:66:14:81:84: 90:c2:0b:9d:19:a6:08:4d:c6:69:8d:d7:95:10:8b:84:05:55: c2:31:69:07:54:80:32:a5:a1:0c:85:12:91:3e:09:f3:a8:4a: 2f:60:6b:db:68:c7:a8:da:e4:53:b4:81:b2:47:50:4f:64:6d: 79:7b:2c:91:25:d0:f6:5f:4d:a6:da:c4:02:fb:8f:29:5d:2c: 2a:f4:bd:2d:d4:92:85:38:19:3c:a3:c4:2b:0a:89:dd:01:5a: 4c:c8:d7:93:30:21:ff:13:5f:60:55:72:05:13:cc:d2:42:47: ba:9e:16:ef:0b:e9:20:0b:02:b3:f4:35:fe:e1:04:e9:8f:62: 7f:71:d8:b2:70:ed:95:6a:12:84:4b:5a:0d:e0:bd:5c:96:2e: 0d:9f:0d:10:e0:ed:a8:2c:48:fe:fe:57:3e:37:15:5d:64:24: 05:1f:d6:64:c9:80:d1:ae:90:b9:b1:c7:ee:99:36:84:09:56: d1:59:4e:a9 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICFI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2 M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw OTAwMzNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEE2MDk0NTBBRDJFMzdG ODlBRTJBQUNBNERGNjlDOUY1NUJDQkRCNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnYXvR6GgjLHDEPGUua3qrdT+hrCGOjcgG0Rt7cFFNge85r6D6 1Z0vV2TpN+DDWGelmSEOryTHJh52X1vUpH64IIZTB4ZQwA7pju4SJL3EP4FmUffM H+v2Uu6gqbORCL1t30Tnm5DWxkviq9Aj79+oo6q7Br5kR3W+iVdK49ENZhLxt9ul gzhtwo7VrRxuZ73YCv78i3rib7jBkB16CTC9tMOWfYZiEgnV5SRMZWvnn8dUSNho ApS84OpwEosaA2btHO01LcNcpGtek5zhXwA1h3OtzUSGDJ6EzK/hjLoAu3vAYHJK P5I0UhNWVcdNUXezjBVyxDM20e4S8sU+8Z8DAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUpglFCtLjf4muKqyk32nJ9VvL21swHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3BnbEZDdExqZjRtdUtxeWszMm5KOVZ2 TDIxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALaI2gwDQYJ KoZIhvcNAQELBQADggEBAEtvF2DTQvNDGJihLilxojUvliPmUwMQVDUnBfQDtQDe 908b7WMR2dMaxEJfm2wSEeEVEoDFArDrOTeXz778nbZaUKI6ZhSBhJDCC50ZpghN xmmN15UQi4QFVcIxaQdUgDKloQyFEpE+CfOoSi9ga9tox6ja5FO0gbJHUE9kbXl7 LJEl0PZfTabaxAL7jyldLCr0vS3UkoU4GTyjxCsKid0BWkzI15MwIf8TX2BVcgUT zNJCR7qeFu8L6SALArP0Nf7hBOmPYn9x2LJw7ZVqEoRLWg3gvVyWLg2fDRDg7ags SP7+Vz43FV1kJAUf1mTJgNGukLmxx+6ZNoQJVtFZTqk= -----END CERTIFICATE-----Generated at Sun Aug 24 13:51:17 2025 by rpki-client