$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/-3sr3Q3U_izuA5qNiK2zYQhXPwM.roa File: -3sr3Q3U_izuA5qNiK2zYQhXPwM.roa (raw, json) Hash identifier: 8sKx6T1rdWWWJwbkfJbtRXXXMcDP/0Yt89h2LTMQo4I= Subject key identifier: FB:7B:2B:DD:0D:D4:FE:2C:EE:03:9A:8D:88:AD:B3:61:08:57:3F:03 Certificate issuer: /CN=1A610A62A8A72CD36C1D22C7085EDF1809518994 Certificate serial: 0B05 Authority key identifier: 1A:61:0A:62:A8:A7:2C:D3:6C:1D:22:C7:08:5E:DF:18:09:51:89:94 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GmEKYqinLNNsHSLHCF7fGAlRiZQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/-3sr3Q3U_izuA5qNiK2zYQhXPwM.roa Signing time: Fri 22 Aug 2025 08:51:34 +0000 ROA not before: Fri 22 Aug 2025 08:51:34 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131667 IP address blocks: 103.146.210.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/GmEKYqinLNNsHSLHCF7fGAlRiZQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/GmEKYqinLNNsHSLHCF7fGAlRiZQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/GmEKYqinLNNsHSLHCF7fGAlRiZQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2821 (0xb05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1A610A62A8A72CD36C1D22C7085EDF1809518994 Validity Not Before: Aug 22 08:51:34 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=FB7B2BDD0DD4FE2CEE039A8D88ADB36108573F03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e6:de:c5:bd:a6:9d:99:04:42:18:cf:8b:f1: 0b:9e:31:8b:79:c9:bd:fa:1c:0a:bf:8d:d5:8b:cb: 30:d9:80:7a:69:cf:d9:86:a8:2f:4c:f8:a2:c5:7e: ac:6f:b5:10:c1:f1:61:56:50:60:9d:78:27:5a:75: d1:b7:3d:4a:d0:ae:7a:17:db:4c:ae:ca:71:54:5f: d2:07:98:42:a8:1f:54:84:4f:3d:15:68:e3:1f:8c: 02:d0:f7:77:f3:84:a3:96:bf:1d:a7:bb:51:bb:83: 61:11:11:00:fe:6d:c3:53:f7:a2:54:c7:3d:33:ff: 72:aa:40:8f:44:32:ae:97:ef:87:08:17:7d:e0:83: 2a:5a:4b:dc:9e:92:de:bf:07:14:f4:a5:2d:f7:c9: ef:37:a7:f3:0c:10:7f:a6:3d:dc:b8:6d:08:97:6c: 60:03:f4:42:0e:70:40:e3:3a:8d:cc:d4:21:be:c8: 4a:18:eb:2e:11:85:fa:cc:ad:8d:aa:86:79:9a:e5: d4:be:a4:03:fc:54:9c:5e:25:2c:19:37:36:c3:96: bf:f5:64:79:f1:53:1e:bb:66:11:c0:a1:20:2c:bd: b4:d6:1f:a4:a9:74:1a:85:db:d5:76:6e:d2:f7:f0: b3:6b:ad:f1:d5:9b:34:7f:fa:9a:cd:3f:35:39:76: a5:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:7B:2B:DD:0D:D4:FE:2C:EE:03:9A:8D:88:AD:B3:61:08:57:3F:03 X509v3 Authority Key Identifier: keyid:1A:61:0A:62:A8:A7:2C:D3:6C:1D:22:C7:08:5E:DF:18:09:51:89:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/GmEKYqinLNNsHSLHCF7fGAlRiZQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GmEKYqinLNNsHSLHCF7fGAlRiZQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GRONEXT/-3sr3Q3U_izuA5qNiK2zYQhXPwM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.146.210.0/23 Signature Algorithm: sha256WithRSAEncryption 10:e6:9e:dc:69:90:f8:1d:37:d3:aa:a5:66:e9:20:df:dd:f4: cf:76:bf:38:9f:4c:ae:b5:55:d6:15:60:d5:d1:4d:13:b7:37: a2:68:74:4b:24:19:83:02:60:ad:a9:f8:48:1a:51:b1:22:6f: d9:4a:9b:7c:d9:fe:c0:a6:ed:94:a1:be:0b:1f:18:1b:a0:48: 4c:5e:25:b8:6c:7e:d2:dd:af:c7:c2:8f:17:fb:bc:3c:8d:b8: d4:05:00:5a:a0:33:ea:fc:4b:8c:48:56:3f:b1:07:01:20:8a: b4:4d:2a:15:5a:c1:13:90:cd:7c:27:84:f9:63:68:df:91:b7: 9d:bd:fc:11:e3:27:14:86:21:24:fe:a8:13:39:89:5d:40:55: e3:73:15:1a:d4:8a:5d:6f:ba:7b:05:c2:17:16:5f:33:48:c6: f5:75:1d:2e:7e:f7:2c:46:de:c1:b3:dc:f8:14:83:72:60:fe: 6e:ed:05:cc:e4:79:e6:6c:80:71:f1:f3:b2:98:2e:8e:7a:0b: aa:b0:39:a4:8b:c6:e5:ec:7b:6f:fb:3d:96:fd:02:14:5c:6e: e7:31:97:28:c4:dc:e7:b0:d5:43:35:ac:0b:c2:78:36:ae:a6: 88:a1:b8:db:7e:90:0b:d6:95:b1:b6:a0:4d:dc:d6:e7:71:4b: 40:6a:99:4a -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICCwUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUE2 MTBBNjJBOEE3MkNEMzZDMUQyMkM3MDg1RURGMTgwOTUxODk5NDAeFw0yNTA4MjIw ODUxMzRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEZCN0IyQkREMERENEZF MkNFRTAzOUE4RDg4QURCMzYxMDg1NzNGMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC15t7FvaadmQRCGM+L8QueMYt5yb36HAq/jdWLyzDZgHppz9mG qC9M+KLFfqxvtRDB8WFWUGCdeCdaddG3PUrQrnoX20yuynFUX9IHmEKoH1SETz0V aOMfjALQ93fzhKOWvx2nu1G7g2EREQD+bcNT96JUxz0z/3KqQI9EMq6X74cIF33g gypaS9yekt6/BxT0pS33ye83p/MMEH+mPdy4bQiXbGAD9EIOcEDjOo3M1CG+yEoY 6y4RhfrMrY2qhnma5dS+pAP8VJxeJSwZNzbDlr/1ZHnxUx67ZhHAoSAsvbTWH6Sp dBqF29V2btL38LNrrfHVmzR/+prNPzU5dqWLAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU+3sr3Q3U/izuA5qNiK2zYQhXPwMwHwYDVR0jBBgwFoAUGmEKYqinLNNsHSLH CF7fGAlRiZQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1JPTkVY VC9HbUVLWXFpbkxOTnNIU0xIQ0Y3ZkdBbFJpWlEuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0dtRUtZcWluTE5Oc0hTTEhDRjdmR0FsUmlaUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0dST05FWFQvLTNzcjNRM1VfaXp1QTVx TmlLMnpZUWhYUHdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AWeS0jANBgkqhkiG9w0BAQsFAAOCAQEAEOae3GmQ+B0306qlZukg3930z3a/OJ9M rrVV1hVg1dFNE7c3omh0SyQZgwJgran4SBpRsSJv2UqbfNn+wKbtlKG+Cx8YG6BI TF4luGx+0t2vx8KPF/u8PI241AUAWqAz6vxLjEhWP7EHASCKtE0qFVrBE5DNfCeE +WNo35G3nb38EeMnFIYhJP6oEzmJXUBV43MVGtSKXW+6ewXCFxZfM0jG9XUdLn73 LEbewbPc+BSDcmD+bu0FzOR55myAcfHzspgujnoLqrA5pIvG5ex7b/s9lv0CFFxu 5zGXKMTc57DVQzWsC8J4Nq6miKG4236QC9aVsbagTdzW53FLQGqZSg== -----END CERTIFICATE-----Generated at Sun Aug 24 07:44:27 2025 by rpki-client