$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/I7qwI1gfHdruaMYPjd4UjAzM860.roa File: I7qwI1gfHdruaMYPjd4UjAzM860.roa (raw, json) Hash identifier: KoRXGMrjBVfQWe2i4f9nTPNoh8jjf6pAhx14M5muY60= Subject key identifier: 23:BA:B0:23:58:1F:1D:DA:EE:68:C6:0F:8D:DE:14:8C:0C:CC:F3:AD Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Certificate serial: 0D96 Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/I7qwI1gfHdruaMYPjd4UjAzM860.roa Signing time: Fri 22 Aug 2025 08:52:55 +0000 ROA not before: Fri 22 Aug 2025 08:52:55 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131602 IP address blocks: 103.252.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3478 (0xd96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4 Validity Not Before: Aug 22 08:52:55 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=23BAB023581F1DDAEE68C60F8DDE148C0CCCF3AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:8b:24:7b:1e:61:59:8c:c6:95:4f:4b:95:7b: 86:18:73:6d:a7:6d:ec:2d:08:37:d0:7d:48:ed:fa: 2f:b9:b1:64:29:86:fa:6a:47:c9:3d:b1:76:0b:48: 9a:e5:ae:77:12:22:de:51:4b:92:0c:2c:d2:1d:f4: 15:af:65:b5:66:52:4b:75:51:d1:dd:ba:19:b3:ef: ea:c2:fe:e6:30:b3:ff:67:73:58:79:9d:7f:41:ad: e2:97:6b:7b:86:b4:98:9a:42:f8:28:07:2c:f9:c2: 3c:be:67:e0:50:5f:17:ed:36:c8:b7:d5:99:7e:f5: 60:bb:3d:de:43:09:36:8c:a1:e3:b5:0b:55:31:ae: f0:36:38:b7:ef:09:8e:32:91:bf:21:37:db:5a:01: 33:82:6a:66:6e:15:be:aa:e4:36:0f:f7:47:49:c1: d6:e2:16:55:7f:c8:ac:02:87:f5:6e:a6:f7:1c:ee: f8:e6:ee:ba:e1:b2:5d:db:01:c5:21:e7:81:f0:3b: d5:3f:19:c8:5d:88:d9:73:9b:06:1d:70:58:8f:28: 37:ae:f5:67:62:dc:61:85:06:d0:22:99:5a:1e:7d: f5:3e:50:32:e0:98:ea:cb:25:67:f1:ae:e7:52:4d: 19:c2:8e:f9:da:aa:00:f3:15:25:47:f7:90:b4:e4: ae:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:BA:B0:23:58:1F:1D:DA:EE:68:C6:0F:8D:DE:14:8C:0C:CC:F3:AD X509v3 Authority Key Identifier: keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/I7qwI1gfHdruaMYPjd4UjAzM860.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.252.128.0/22 Signature Algorithm: sha256WithRSAEncryption 03:66:31:55:9d:07:91:de:1f:47:7b:fc:5d:aa:89:12:85:00: 92:be:ee:95:f8:c6:5f:44:7e:53:da:15:d8:84:5f:d7:0e:53: ca:68:83:c8:ad:7f:be:3d:f9:b8:72:4e:33:49:cf:cb:15:70: 95:5f:25:6e:f1:17:2a:f2:6f:c3:30:31:58:6c:84:a0:38:69: 25:13:89:38:67:58:09:ad:08:38:e9:76:83:cc:c1:36:10:d9: 2a:05:bd:69:8a:43:32:17:b5:0b:48:0b:b1:d1:50:9a:f8:16: 3d:d3:15:90:d0:b1:e2:92:36:25:fb:51:03:82:a3:bc:ae:6d: 34:ff:4e:fe:a9:11:4a:2e:d3:0d:20:4f:a5:b8:47:25:26:cb: b8:a6:77:1e:b2:ed:69:61:a0:c0:96:a1:19:cd:26:e7:ef:d4: c0:34:4a:79:2a:04:c0:fe:75:03:52:9f:f0:62:6e:89:7f:b2: fa:30:88:07:e7:6c:b5:7c:90:7b:03:bb:45:d7:b5:ed:f8:34: d7:59:88:98:96:64:1f:04:48:ea:a6:15:cd:45:ef:96:c4:c6: 7b:5c:e0:a1:ba:8e:f6:13:ce:9f:e0:55:13:ce:e1:31:94:d2: f6:0a:1a:ba:58:79:7a:43:98:20:4e:e8:06:50:ea:c7:8d:0d: 9b:4b:2a:a8 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTA4MjIw ODUyNTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIzQkFCMDIzNTgxRjFE REFFRTY4QzYwRjhEREUxNDhDMENDQ0YzQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdiyR7HmFZjMaVT0uVe4YYc22nbewtCDfQfUjt+i+5sWQphvpq R8k9sXYLSJrlrncSIt5RS5IMLNId9BWvZbVmUkt1UdHduhmz7+rC/uYws/9nc1h5 nX9BreKXa3uGtJiaQvgoByz5wjy+Z+BQXxftNsi31Zl+9WC7Pd5DCTaMoeO1C1Ux rvA2OLfvCY4ykb8hN9taATOCamZuFb6q5DYP90dJwdbiFlV/yKwCh/Vupvcc7vjm 7rrhsl3bAcUh54HwO9U/GchdiNlzmwYdcFiPKDeu9Wdi3GGFBtAimVoeffU+UDLg mOrLJWfxrudSTRnCjvnaqgDzFSVH95C05K6hAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUI7qwI1gfHdruaMYPjd4UjAzM860wHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6 /hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0k3cXdJMWdmSGRydWFNWVBqZDRVakF6 TTg2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ KoZIhvcNAQELBQADggEBAANmMVWdB5HeH0d7/F2qiRKFAJK+7pX4xl9EflPaFdiE X9cOU8pog8itf749+bhyTjNJz8sVcJVfJW7xFyryb8MwMVhshKA4aSUTiThnWAmt CDjpdoPMwTYQ2SoFvWmKQzIXtQtIC7HRUJr4Fj3TFZDQseKSNiX7UQOCo7yubTT/ Tv6pEUou0w0gT6W4RyUmy7imdx6y7WlhoMCWoRnNJufv1MA0SnkqBMD+dQNSn/Bi bol/svowiAfnbLV8kHsDu0XXte34NNdZiJiWZB8ESOqmFc1F75bExntc4KG6jvYT zp/gVRPO4TGU0vYKGrpYeXpDmCBO6AZQ6seNDZtLKqg= -----END CERTIFICATE-----Generated at Sun Aug 24 09:22:32 2025 by rpki-client