$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/0bODLTV-LWHlz5qBFQoKpSYCcPA.roa File: 0bODLTV-LWHlz5qBFQoKpSYCcPA.roa (raw, json) Hash identifier: nc6QyxFmdGjO/Jxl+xdFP/iFnu7n2WpR+SQZsIuKcKM= Subject key identifier: D1:B3:83:2D:35:7E:2D:61:E5:CF:9A:81:15:0A:0A:A5:26:02:70:F0 Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Certificate serial: 0E2A Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/0bODLTV-LWHlz5qBFQoKpSYCcPA.roa Signing time: Fri 22 Aug 2025 09:03:30 +0000 ROA not before: Fri 22 Aug 2025 09:03:30 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 58.86.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3626 (0xe2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Validity Not Before: Aug 22 09:03:30 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=D1B3832D357E2D61E5CF9A81150A0AA5260270F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:fc:c9:cf:a2:88:7d:63:63:8c:8d:dc:98:f2: 67:fe:08:03:e1:25:6b:02:cf:fc:37:da:1b:6e:81: 82:c0:f7:c8:b8:b0:b0:6c:01:77:72:3a:41:bb:5e: 4a:3b:a0:4f:2c:21:09:12:ea:fd:11:4b:69:e3:06: 29:e7:95:aa:8e:0b:dd:df:29:ca:6e:ec:73:06:ec: af:56:b6:50:84:6b:7f:9a:03:64:34:f9:d4:ea:6e: b0:46:ff:e0:00:b2:bd:fe:43:d4:d4:7a:2c:cd:3d: 8f:de:b2:0f:dd:44:9c:44:04:ef:1e:98:ee:ce:f6: 3f:74:a8:eb:84:09:8f:44:05:08:bb:c2:39:69:32: f7:96:9e:69:6e:5f:1b:2f:76:14:d1:ab:9c:e1:8f: e7:55:e8:f3:fb:a1:e1:2d:03:51:9d:f5:33:57:43: ff:90:70:0f:8c:32:66:64:43:29:d6:ef:5c:1c:f2: 29:5f:fc:ca:f9:9a:9d:99:c8:15:a4:ce:58:29:43: 6b:aa:72:bb:c5:7d:26:e6:9d:c6:03:12:34:89:41: 2a:75:84:b8:47:a8:6d:5e:46:70:f4:2c:e1:c9:5c: 14:96:49:ec:69:8c:d6:3e:d0:68:13:c0:79:18:c0: c4:12:a8:20:d1:c1:8e:17:f6:2d:7a:a4:62:a2:88: 3d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:B3:83:2D:35:7E:2D:61:E5:CF:9A:81:15:0A:0A:A5:26:02:70:F0 X509v3 Authority Key Identifier: keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/0bODLTV-LWHlz5qBFQoKpSYCcPA.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.86.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1a:6b:b7:41:6e:b2:8e:3f:94:f5:aa:f5:33:08:31:8e:bc:77: ac:d3:cb:fb:99:43:d3:b1:76:3f:5e:47:7c:6b:b3:b1:25:ac: d0:dc:fe:09:6f:68:11:98:59:31:0d:de:01:c2:1b:87:c5:65: 18:c9:0f:39:fd:e5:76:17:c2:d9:bc:40:89:fe:fb:46:82:e8: fe:df:d3:e8:4a:1e:82:c5:9e:21:2e:ed:b5:5e:09:68:13:a6: 72:05:22:2c:e2:9c:42:65:a3:2a:d5:0c:b1:11:93:b1:12:3d: 3b:5f:b2:3f:a1:35:df:71:a9:0a:d4:b5:de:2a:89:de:3b:e1: 30:50:2a:ed:7d:fb:d1:55:2b:65:c1:3b:1e:47:ff:7b:fb:0c: 97:27:81:1e:8c:ba:ad:69:8b:02:fb:ee:b1:83:6b:d4:52:d9: 28:c8:3a:0f:fe:d5:1a:ba:ea:c7:75:67:7a:eb:a3:ea:3c:ad: 24:94:14:7d:a9:12:c7:26:6c:b5:51:50:ed:37:78:b6:10:35: ef:4e:53:4c:c5:b9:8c:05:58:23:fc:1f:85:57:08:43:5b:24: b4:b3:28:33:4b:ca:20:f7:cd:2b:bc:7e:d5:9d:a4:65:56:3e: 93:d6:47:83:77:0a:02:ad:f9:86:95:51:f2:c4:77:4d:0c:7d: dc:4b:58:8b -----BEGIN CERTIFICATE----- MIIEyzCCA7OgAwIBAgICDiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTA4MjIw OTAzMzBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQxQjM4MzJEMzU3RTJE NjFFNUNGOUE4MTE1MEEwQUE1MjYwMjcwRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDC/MnPooh9Y2OMjdyY8mf+CAPhJWsCz/w32htugYLA98i4sLBs AXdyOkG7Xko7oE8sIQkS6v0RS2njBinnlaqOC93fKcpu7HMG7K9WtlCEa3+aA2Q0 +dTqbrBG/+AAsr3+Q9TUeizNPY/esg/dRJxEBO8emO7O9j90qOuECY9EBQi7wjlp MveWnmluXxsvdhTRq5zhj+dV6PP7oeEtA1Gd9TNXQ/+QcA+MMmZkQynW71wc8ilf /Mr5mp2ZyBWkzlgpQ2uqcrvFfSbmncYDEjSJQSp1hLhHqG1eRnD0LOHJXBSWSexp jNY+0GgTwHkYwMQSqCDRwY4X9i16pGKiiD0PAgMBAAGjggHnMIIB4zAdBgNVHQ4E FgQU0bODLTV+LWHlz5qBFQoKpSYCcPAwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzBiT0RMVFYtTFdIbHo1cUJGUW9LcFNZ Q2NQQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA6VjANBgkq hkiG9w0BAQsFAAOCAQEAGmu3QW6yjj+U9ar1Mwgxjrx3rNPL+5lD07F2P15HfGuz sSWs0Nz+CW9oEZhZMQ3eAcIbh8VlGMkPOf3ldhfC2bxAif77RoLo/t/T6EoegsWe IS7ttV4JaBOmcgUiLOKcQmWjKtUMsRGTsRI9O1+yP6E133GpCtS13iqJ3jvhMFAq 7X370VUrZcE7Hkf/e/sMlyeBHoy6rWmLAvvusYNr1FLZKMg6D/7VGrrqx3Vneuuj 6jytJJQUfakSxyZstVFQ7Td4thA1705TTMW5jAVYI/wfhVcIQ1sktLMoM0vKIPfN K7x+1Z2kZVY+k9ZHg3cKAq35hpVR8sR3TQx93EtYiw== -----END CERTIFICATE-----Generated at Sun Aug 24 11:45:02 2025 by rpki-client