$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/ARl3SsLwjsmoE88hnJTtgKR5e9E.roa File: ARl3SsLwjsmoE88hnJTtgKR5e9E.roa (raw, json) Hash identifier: 5U+qhoq7NC7EFqqSbM5BaC6W41bAWBEw4tHdx7SU+Sk= Subject key identifier: 01:19:77:4A:C2:F0:8E:C9:A8:13:CF:21:9C:94:ED:80:A4:79:7B:D1 Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Certificate serial: 0E22 Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ARl3SsLwjsmoE88hnJTtgKR5e9E.roa Signing time: Fri 22 Aug 2025 09:03:29 +0000 ROA not before: Fri 22 Aug 2025 09:03:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 61.67.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3618 (0xe22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Validity Not Before: Aug 22 09:03:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0119774AC2F08EC9A813CF219C94ED80A4797BD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:5a:28:c5:8b:11:3d:56:4f:f2:79:ea:52:b3: 70:31:e0:ef:03:30:89:c3:8d:f7:f9:12:23:ee:be: d0:f5:11:38:8e:4d:c5:49:ad:61:17:33:3a:53:4a: 42:bb:ba:d0:5f:05:26:b3:31:f3:2e:30:d2:c5:0d: f3:c9:d4:ab:b1:28:f8:55:38:71:8a:e0:09:d9:89: 0d:ce:d1:86:0f:8f:fd:e4:d2:2d:40:f4:4f:be:aa: 71:4b:8c:9a:b9:fc:88:dc:0b:92:8d:78:ff:1c:3d: 7c:51:f4:35:75:b3:83:9d:37:07:ea:cf:30:1b:1b: 72:a5:68:b3:cb:3f:72:46:15:89:84:77:a4:94:a9: f1:f6:1b:52:89:5b:58:ec:d0:52:f3:69:e9:33:24: 9b:88:a0:c1:a3:07:1e:e0:b8:1c:ec:21:46:8a:95: 50:49:c4:91:d3:31:ad:d2:15:3d:84:59:99:65:e1: 21:78:10:ab:96:16:35:bf:96:e3:71:05:46:1e:c7: 8f:19:54:0a:c5:c3:ac:0b:73:d7:fe:88:d6:27:1a: 23:78:a5:f7:64:57:e9:d4:ff:e1:08:b2:8a:7e:6a: fd:de:87:55:7b:c4:83:71:b2:5b:be:20:45:20:83: 5a:84:5b:5f:38:25:e9:64:1c:a6:3c:5f:67:07:4e: cd:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:19:77:4A:C2:F0:8E:C9:A8:13:CF:21:9C:94:ED:80:A4:79:7B:D1 X509v3 Authority Key Identifier: keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/ARl3SsLwjsmoE88hnJTtgKR5e9E.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.67.128.0/17 Signature Algorithm: sha256WithRSAEncryption 3d:41:6f:2a:46:da:52:dd:85:7d:5d:ef:60:83:d4:a2:cb:26: 60:1b:49:94:ca:12:40:e6:b3:da:4c:f7:7c:37:68:ff:55:b0: 66:98:aa:26:55:19:e5:b3:a3:d6:9f:48:14:93:de:1e:48:42: 5c:8b:77:e2:f9:3a:e8:38:94:45:a6:d8:71:2d:05:ab:66:e6: 07:f6:30:d6:d5:dc:f2:b1:71:7f:0a:ef:6b:52:58:3a:50:48: b6:75:55:a7:48:28:b5:6a:73:13:76:c6:6e:8b:64:36:d8:4d: 52:de:48:9e:08:cc:ad:6b:78:03:44:a6:49:d9:b6:34:50:19: ca:40:8a:5e:a8:41:d9:9b:a8:36:aa:92:f7:ae:fc:95:5d:05: 2d:b5:0c:3a:8a:c1:43:ce:41:66:ab:c5:e3:c7:04:c5:ed:3a: de:2e:8b:32:76:cc:59:09:97:d8:90:9a:9d:fe:84:4a:dc:49: a0:cf:e1:34:58:04:08:06:d8:35:8e:a7:59:60:80:23:8b:8d: 9a:70:91:4a:a6:11:54:04:eb:aa:47:a5:6d:9a:17:83:7b:0e: c9:d5:cc:cd:da:be:6d:bb:1c:cf:48:18:c9:61:ac:ad:8d:20: 81:26:b9:45:cf:22:7d:19:26:26:db:6b:2a:03:8e:a1:ad:ed: 76:a7:7e:d7 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDiIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTA4MjIw OTAzMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAxMTk3NzRBQzJGMDhF QzlBODEzQ0YyMTlDOTRFRDgwQTQ3OTdCRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQWijFixE9Vk/yeepSs3Ax4O8DMInDjff5EiPuvtD1ETiOTcVJ rWEXMzpTSkK7utBfBSazMfMuMNLFDfPJ1KuxKPhVOHGK4AnZiQ3O0YYPj/3k0i1A 9E++qnFLjJq5/IjcC5KNeP8cPXxR9DV1s4OdNwfqzzAbG3KlaLPLP3JGFYmEd6SU qfH2G1KJW1js0FLzaekzJJuIoMGjBx7guBzsIUaKlVBJxJHTMa3SFT2EWZll4SF4 EKuWFjW/luNxBUYex48ZVArFw6wLc9f+iNYnGiN4pfdkV+nU/+EIsop+av3eh1V7 xINxslu+IEUgg1qEW184JelkHKY8X2cHTs0xAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUARl3SsLwjsmoE88hnJTtgKR5e9EwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0FSbDNTc0x3anNtb0U4OGhuSlR0Z0tS NWU5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9Q4AwDQYJ KoZIhvcNAQELBQADggEBAD1BbypG2lLdhX1d72CD1KLLJmAbSZTKEkDms9pM93w3 aP9VsGaYqiZVGeWzo9afSBST3h5IQlyLd+L5Oug4lEWm2HEtBatm5gf2MNbV3PKx cX8K72tSWDpQSLZ1VadIKLVqcxN2xm6LZDbYTVLeSJ4IzK1reANEpknZtjRQGcpA il6oQdmbqDaqkveu/JVdBS21DDqKwUPOQWarxePHBMXtOt4uizJ2zFkJl9iQmp3+ hErcSaDP4TRYBAgG2DWOp1lggCOLjZpwkUqmEVQE66pHpW2aF4N7DsnVzM3avm27 HM9IGMlhrK2NIIEmuUXPIn0ZJibbayoDjqGt7Xanftc= -----END CERTIFICATE-----Generated at Sun Aug 24 11:46:45 2025 by rpki-client