$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa File: PQZ7xOezw9es6nQ420QMNGKpX4U.roa (raw, json) Hash identifier: IyvsccRxuBqwNgfap88+e5yNbcD7cwI91LBDMhkh4W8= Subject key identifier: 3D:06:7B:C4:E7:B3:C3:D7:AC:EA:74:38:DB:44:0C:34:62:A9:5F:85 Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Certificate serial: 0130 Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa Signing time: Fri 22 Aug 2025 08:58:52 +0000 ROA not before: Fri 22 Aug 2025 08:58:52 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9678 IP address blocks: 2.58.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0dL1XCbbKFIKeZb_cu0BBCAHmKI.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 12:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 304 (0x130) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647 Validity Not Before: Aug 22 08:58:52 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3D067BC4E7B3C3D7ACEA7438DB440C3462A95F85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:86:43:83:d7:74:f5:46:10:cf:df:4c:ef:a1: fd:64:1e:28:9e:ff:52:a7:8b:91:44:b6:f0:60:bc: e6:01:5a:6f:d0:2d:f1:bc:05:d5:01:4c:0c:2b:bf: 6d:6d:1c:e5:06:b7:c3:3a:07:31:3e:c0:b7:20:a4: bc:db:ad:4c:ab:81:ef:5f:1b:a7:f0:80:7c:c9:75: 8b:71:13:9d:3e:cd:ce:43:94:66:09:4d:e0:67:a2: fb:80:ff:b6:ba:f8:19:cc:81:18:4f:4b:4b:a7:14: 80:65:8c:ce:e8:e8:f8:98:a0:3b:5a:de:92:62:8e: 1a:50:dd:14:75:e4:f5:da:5a:6d:10:39:4c:b1:ad: 1d:2f:ad:77:ac:e2:c9:27:5d:85:dd:19:ae:59:e6: 9d:82:4f:32:8b:d4:00:92:25:9a:be:b1:aa:6c:df: 4f:de:e9:ea:25:14:5a:d6:94:14:03:c5:a7:f0:f3: 06:e7:22:f6:f5:b0:7f:da:37:ab:b3:12:90:22:f3: 7e:32:6f:43:5b:8a:d2:d5:ae:ac:35:28:9f:44:79: c9:89:15:fe:7d:fa:a9:98:89:4e:3c:f6:74:8a:38: dd:78:9a:64:58:96:db:ea:02:29:4f:97:33:ab:00: 79:9e:dc:a0:71:6b:25:62:09:38:45:13:ac:d1:81: e0:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:06:7B:C4:E7:B3:C3:D7:AC:EA:74:38:DB:44:0C:34:62:A9:5F:85 X509v3 Authority Key Identifier: keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 2.58.241.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:08:1b:eb:94:82:6c:0c:ef:7f:b8:87:74:50:f4:75:d2:04: c9:fe:a4:84:86:ac:5e:41:a3:fd:cd:c4:57:c6:82:ce:8f:29: 64:8d:2c:0c:0f:9c:72:aa:10:c6:46:30:38:c5:fc:eb:6d:9f: ef:26:01:5b:db:76:d8:8f:e6:cf:22:df:d5:b8:83:41:0b:8c: 4f:93:96:6f:f7:ba:a5:58:87:ad:48:5d:1d:23:23:26:e8:b1: 2a:21:12:4b:a4:45:89:92:18:da:a6:22:9b:8b:3b:87:84:bf: 19:02:c8:42:3e:99:50:8e:a8:29:72:d0:72:20:fd:d3:5a:9c: d8:73:61:66:b5:7f:5c:a4:09:e6:09:12:da:b7:ec:57:5c:35: c1:79:a8:86:f5:da:7d:5a:cc:bf:6a:36:e7:c4:98:84:73:34: 4a:8f:53:7a:eb:f7:5c:a0:2c:c3:d7:86:74:52:0c:8d:0f:5c: 18:45:e9:86:15:5a:94:98:c5:16:d7:66:bb:47:55:de:1c:af: 9e:7b:73:86:5f:ec:b2:30:2b:55:f1:99:a0:ae:9e:ec:83:30: c0:0d:a6:a6:b4:56:ec:f7:7b:5e:a0:2c:d1:fb:a7:80:d8:e4: ee:6b:e3:11:92:85:e1:26:bb:7a:b4:a6:6a:be:3a:a5:68:27: e2:0b:52:12 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkI4 OEE5MTc4NUE3ODJDOEVBM0NEREVEM0U3QzFGMDlEQTc5RjY0NzAeFw0yNTA4MjIw ODU4NTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNEMDY3QkM0RTdCM0Mz RDdBQ0VBNzQzOERCNDQwQzM0NjJBOTVGODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1hkOD13T1RhDP30zvof1kHiie/1Kni5FEtvBgvOYBWm/QLfG8 BdUBTAwrv21tHOUGt8M6BzE+wLcgpLzbrUyrge9fG6fwgHzJdYtxE50+zc5DlGYJ TeBnovuA/7a6+BnMgRhPS0unFIBljM7o6PiYoDta3pJijhpQ3RR15PXaWm0QOUyx rR0vrXes4sknXYXdGa5Z5p2CTzKL1ACSJZq+saps30/e6eolFFrWlBQDxafw8wbn Ivb1sH/aN6uzEpAi834yb0NbitLVrqw1KJ9EecmJFf59+qmYiU489nSKON14mmRY ltvqAilPlzOrAHme3KBxayViCThFE6zRgeBvAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUPQZ7xOezw9es6nQ420QMNGKpX4UwHwYDVR0jBBgwFoAUu4ipF4WngsjqPN3t PnwfCdp59kcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO L3U0aXBGNFduZ3NqcVBOM3RQbndmQ2RwNTlrYy5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvdTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL1BRWjd4T2V6dzllczZuUTQy MFFNTkdLcFg0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAC OvEwDQYJKoZIhvcNAQELBQADggEBAD0IG+uUgmwM73+4h3RQ9HXSBMn+pISGrF5B o/3NxFfGgs6PKWSNLAwPnHKqEMZGMDjF/Ottn+8mAVvbdtiP5s8i39W4g0ELjE+T lm/3uqVYh61IXR0jIybosSohEkukRYmSGNqmIpuLO4eEvxkCyEI+mVCOqCly0HIg /dNanNhzYWa1f1ykCeYJEtq37FdcNcF5qIb12n1azL9qNufEmIRzNEqPU3rr91yg LMPXhnRSDI0PXBhF6YYVWpSYxRbXZrtHVd4cr557c4Zf7LIwK1XxmaCunuyDMMAN pqa0Vuz3e16gLNH7p4DY5O5r4xGSheEmu3q0pmq+OqVoJ+ILUhI= -----END CERTIFICATE-----Generated at Sun Aug 24 09:42:21 2025 by rpki-client