$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ITRINET/S68AYrCEtB-EW_yiq7xAZB4CZ5k.roa File: S68AYrCEtB-EW_yiq7xAZB4CZ5k.roa (raw, json) Hash identifier: QpQGQvB3uoBTzEIk2XPSbfrU1AB1OoQ55iDFfUhQ7+w= Subject key identifier: 4B:AF:00:62:B0:84:B4:1F:84:5B:FC:A2:AB:BC:40:64:1E:02:67:99 Certificate issuer: /CN=2F9BECFFE7DA09CA053A2F9681412B19FB004A74 Certificate serial: 0D78 Authority key identifier: 2F:9B:EC:FF:E7:DA:09:CA:05:3A:2F:96:81:41:2B:19:FB:00:4A:74 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/L5vs_-faCcoFOi-WgUErGfsASnQ.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/S68AYrCEtB-EW_yiq7xAZB4CZ5k.roa Signing time: Fri 22 Aug 2025 08:58:02 +0000 ROA not before: Fri 22 Aug 2025 08:58:02 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18422 IP address blocks: 2001:ed8::/32 maxlen: 56 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/L5vs_-faCcoFOi-WgUErGfsASnQ.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/L5vs_-faCcoFOi-WgUErGfsASnQ.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/L5vs_-faCcoFOi-WgUErGfsASnQ.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3448 (0xd78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2F9BECFFE7DA09CA053A2F9681412B19FB004A74 Validity Not Before: Aug 22 08:58:02 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=4BAF0062B084B41F845BFCA2ABBC40641E026799 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2f:a7:34:18:6c:60:29:68:e1:e9:ee:8f:75: 4e:a2:94:fe:de:78:71:f3:bd:6b:6a:a0:c5:17:7c: 46:cb:ad:cf:bb:6f:c2:4a:fc:ac:64:4c:bd:ef:82: c2:67:c4:91:2e:10:94:4b:9a:78:c2:e5:8b:bf:e0: 03:8d:9d:2e:9a:b9:8c:6c:bb:ad:e4:89:ca:e0:3f: 0f:36:4f:60:a0:ad:e0:17:91:b9:21:93:ca:d4:f0: c3:5c:1f:74:cf:2d:10:aa:67:f8:ec:42:6d:30:82: 46:41:99:cd:61:14:50:35:d3:f3:ff:67:d1:d2:06: b8:b0:52:ef:0f:9c:c8:c0:1a:c8:19:ec:ce:97:4b: b5:17:78:3a:e2:d5:16:81:4b:6c:c2:f3:23:de:7c: 65:2f:ed:e9:c3:37:c6:0a:6c:64:03:31:13:ef:b8: 20:18:e8:ba:ba:db:f1:87:4c:7b:b4:35:53:b2:8d: f1:ab:71:ff:df:04:c7:b3:b5:b5:9e:b1:e0:43:91: 2f:9d:04:d1:66:f7:1c:3c:d1:2a:73:1a:68:93:ce: d4:33:0e:f0:d0:77:e6:df:96:77:5c:21:84:67:32: 60:bb:5b:5d:93:26:53:30:75:b3:02:ca:97:fb:ea: 20:e3:cc:1a:7f:20:2f:4c:58:d4:3c:e5:a7:8f:4f: f9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:AF:00:62:B0:84:B4:1F:84:5B:FC:A2:AB:BC:40:64:1E:02:67:99 X509v3 Authority Key Identifier: keyid:2F:9B:EC:FF:E7:DA:09:CA:05:3A:2F:96:81:41:2B:19:FB:00:4A:74 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/L5vs_-faCcoFOi-WgUErGfsASnQ.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/L5vs_-faCcoFOi-WgUErGfsASnQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ITRINET/S68AYrCEtB-EW_yiq7xAZB4CZ5k.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2001:ed8::/32 Signature Algorithm: sha256WithRSAEncryption 88:63:6c:b1:cc:78:8f:92:e4:12:e2:e5:41:fc:26:3e:39:f7: d9:81:81:b6:dd:98:fe:b5:f4:a5:93:3e:b2:7e:0d:bb:8c:9d: 65:44:20:a7:2f:d9:df:19:de:19:f3:d3:1c:8c:8a:a7:91:a8: ee:90:19:1c:27:e8:cd:4d:b0:fe:1a:b4:fb:c1:ad:b2:c3:22: 4b:7a:d0:51:d8:f1:be:f1:c7:78:42:f3:6f:9a:0b:94:1e:35: 77:35:3d:5d:22:81:c0:05:b3:14:ab:98:b0:9a:b2:49:61:31: 7b:4c:0b:c5:60:5d:78:6a:ac:c8:12:24:e4:ca:8c:28:74:b8: 45:8e:0c:c3:c9:e3:f6:5b:6f:b8:fe:c4:09:fc:35:0a:0b:b9: 55:bd:01:7c:b6:23:de:0f:05:a0:d1:ef:41:a0:c0:0a:8c:4e: cc:82:61:21:ef:25:c2:64:1e:3b:52:e5:b5:fe:a8:2e:22:18: dc:44:03:ad:3b:cc:bb:e1:e0:2b:c0:e8:c2:fe:9b:ab:ff:bf: 34:bd:bc:f2:50:cb:4b:12:9f:e6:41:79:8c:68:09:10:e6:15: 6b:11:02:eb:0c:53:65:25:22:62:ee:5c:7e:3f:d2:f0:75:fe: 02:17:c6:bf:30:df:54:35:27:17:4e:0d:94:a6:f6:db:70:03: 51:3d:93:25 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkY5 QkVDRkZFN0RBMDlDQTA1M0EyRjk2ODE0MTJCMTlGQjAwNEE3NDAeFw0yNTA4MjIw ODU4MDJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRCQUYwMDYyQjA4NEI0 MUY4NDVCRkNBMkFCQkM0MDY0MUUwMjY3OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDML6c0GGxgKWjh6e6PdU6ilP7eeHHzvWtqoMUXfEbLrc+7b8JK /KxkTL3vgsJnxJEuEJRLmnjC5Yu/4AONnS6auYxsu63kicrgPw82T2CgreAXkbkh k8rU8MNcH3TPLRCqZ/jsQm0wgkZBmc1hFFA10/P/Z9HSBriwUu8PnMjAGsgZ7M6X S7UXeDri1RaBS2zC8yPefGUv7enDN8YKbGQDMRPvuCAY6Lq62/GHTHu0NVOyjfGr cf/fBMeztbWeseBDkS+dBNFm9xw80SpzGmiTztQzDvDQd+bflndcIYRnMmC7W12T JlMwdbMCypf76iDjzBp/IC9MWNQ85aePT/kHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUS68AYrCEtB+EW/yiq7xAZB4CZ5kwHwYDVR0jBBgwFoAUL5vs/+faCcoFOi+W gUErGfsASnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSVRSSU5F VC9MNXZzXy1mYUNjb0ZPaS1XZ1VFckdmc0FTblEuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0w1dnNfLWZhQ2NvRk9pLVdnVUVyR2ZzQVNuUS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0lUUklORVQvUzY4QVlyQ0V0Qi1FV195 aXE3eEFaQjRDWjVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACABDtgwDQYJKoZIhvcNAQELBQADggEBAIhjbLHMeI+S5BLi5UH8Jj4599mBgbbd mP619KWTPrJ+DbuMnWVEIKcv2d8Z3hnz0xyMiqeRqO6QGRwn6M1NsP4atPvBrbLD Ikt60FHY8b7xx3hC82+aC5QeNXc1PV0igcAFsxSrmLCasklhMXtMC8VgXXhqrMgS JOTKjCh0uEWODMPJ4/Zbb7j+xAn8NQoLuVW9AXy2I94PBaDR70GgwAqMTsyCYSHv JcJkHjtS5bX+qC4iGNxEA607zLvh4CvA6ML+m6v/vzS9vPJQy0sSn+ZBeYxoCRDm FWsRAusMU2UlImLuXH4/0vB1/gIXxr8w31Q1JxdODZSm9ttwA1E9kyU= -----END CERTIFICATE-----Generated at Sun Aug 24 05:45:29 2025 by rpki-client