$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/Zj_p3cvUEU8xv9z9iptxuniQ5uc.roa File: Zj_p3cvUEU8xv9z9iptxuniQ5uc.roa (raw, json) Hash identifier: nbUQCo2dNkmRaHzRZsbfFU/2lhheH+5Gz10BOy/rh1E= Subject key identifier: 66:3F:E9:DD:CB:D4:11:4F:31:BF:DC:FD:8A:9B:71:BA:78:90:E6:E7 Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Certificate serial: 0E2B Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Zj_p3cvUEU8xv9z9iptxuniQ5uc.roa Signing time: Fri 22 Aug 2025 09:03:31 +0000 ROA not before: Fri 22 Aug 2025 09:03:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 58.86.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3627 (0xe2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C Validity Not Before: Aug 22 09:03:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=663FE9DDCBD4114F31BFDCFD8A9B71BA7890E6E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:74:f4:5c:82:a4:49:ae:be:6f:fe:83:a9:cf: aa:b5:a8:24:34:06:0c:51:a4:c8:6f:94:93:0a:5a: cf:c2:3d:75:6c:bc:ac:76:0f:16:5b:81:75:b6:c6: 1d:3f:3d:3b:ae:32:19:e1:d8:b7:79:5b:16:38:68: 70:ce:a6:32:23:37:8a:56:86:ee:4c:72:80:4d:91: f4:53:22:5f:a7:6d:b1:33:a0:ec:b3:35:a2:96:50: a4:da:5b:9b:79:4e:80:64:f1:6d:58:65:5e:c2:f5: bc:ae:14:be:8f:2b:c8:d3:bc:09:83:73:8a:84:ff: 2a:8b:0b:1b:93:a5:c7:99:f6:ff:01:1c:42:20:cb: d0:43:6b:42:e8:4b:47:0a:9f:df:d0:b5:c5:81:40: 21:57:53:44:6b:6b:83:4c:56:4c:a7:ce:60:05:f0: 24:f2:c6:a2:ca:9f:0f:1a:6d:23:ae:c2:06:97:d8: 0b:fb:4e:d7:fe:a2:fb:e8:07:e0:9b:51:37:e5:84: d4:14:e9:07:34:37:36:65:a4:57:6b:62:96:5b:0e: 94:36:c9:1b:8b:d5:82:04:ea:d3:9a:a5:ff:b6:d2: 97:5b:92:5b:15:e9:d0:60:24:6b:e5:0c:74:57:a1: e3:68:79:7d:35:d2:6d:35:31:05:1b:b3:e9:66:0d: 21:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:3F:E9:DD:CB:D4:11:4F:31:BF:DC:FD:8A:9B:71:BA:78:90:E6:E7 X509v3 Authority Key Identifier: keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Zj_p3cvUEU8xv9z9iptxuniQ5uc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.86.38.0/24 Signature Algorithm: sha256WithRSAEncryption 14:56:c0:e7:73:7b:33:68:1f:60:e2:9b:7a:c7:d3:3c:19:87: 94:8e:2d:69:80:06:2f:39:d0:7a:26:6c:15:bf:fa:42:7d:c1: 7d:34:53:6b:cc:4b:e2:1d:57:36:12:0e:ca:21:b9:86:8c:27: cf:fb:45:2d:c6:0e:dc:39:7f:da:fa:74:c3:46:6e:56:85:87: 92:32:98:4e:76:89:24:8a:03:d1:4d:8f:ec:fd:d7:08:3e:aa: fb:e2:1b:ae:8e:5b:7f:cf:7a:a8:9b:e6:e6:6e:6a:8f:2d:b8: d2:ca:33:82:66:4e:96:ee:3c:29:04:fb:38:c2:2d:9e:12:eb: e0:04:2e:71:94:9f:8a:d4:37:f3:93:1c:97:2c:86:bf:bf:9d: 18:3e:d9:55:f2:8b:25:a6:8f:7e:8b:2c:ad:a7:e7:0b:c1:09: 06:d6:72:46:39:42:d7:11:a9:15:99:e4:22:63:06:f0:79:db: 28:80:6c:fb:8c:c0:17:15:ec:a8:bd:d2:df:69:10:67:b2:8d: 3e:54:8d:be:a4:20:64:13:c3:65:9c:4d:aa:52:59:7e:0f:fc: 0e:89:8d:81:d1:66:d5:ae:0d:3b:44:65:55:3c:58:2d:a3:62: e3:88:a8:af:f1:26:d4:15:39:78:0e:21:29:84:18:2a:56:80: 7a:19:0f:c7 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTA4MjIw OTAzMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY2M0ZFOUREQ0JENDEx NEYzMUJGRENGRDhBOUI3MUJBNzg5MEU2RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/dPRcgqRJrr5v/oOpz6q1qCQ0BgxRpMhvlJMKWs/CPXVsvKx2 DxZbgXW2xh0/PTuuMhnh2Ld5WxY4aHDOpjIjN4pWhu5McoBNkfRTIl+nbbEzoOyz NaKWUKTaW5t5ToBk8W1YZV7C9byuFL6PK8jTvAmDc4qE/yqLCxuTpceZ9v8BHEIg y9BDa0LoS0cKn9/QtcWBQCFXU0Rra4NMVkynzmAF8CTyxqLKnw8abSOuwgaX2Av7 Ttf+ovvoB+CbUTflhNQU6Qc0NzZlpFdrYpZbDpQ2yRuL1YIE6tOapf+20pdbklsV 6dBgJGvlDHRXoeNoeX010m01MQUbs+lmDSFDAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUZj/p3cvUEU8xv9z9iptxuniQ5ucwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1pqX3AzY3ZVRVU4eHY5ejlpcHR4dW5p UTV1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6ViYwDQYJ KoZIhvcNAQELBQADggEBABRWwOdzezNoH2Dim3rH0zwZh5SOLWmABi850HombBW/ +kJ9wX00U2vMS+IdVzYSDsohuYaMJ8/7RS3GDtw5f9r6dMNGblaFh5IymE52iSSK A9FNj+z91wg+qvviG66OW3/Peqib5uZuao8tuNLKM4JmTpbuPCkE+zjCLZ4S6+AE LnGUn4rUN/OTHJcshr+/nRg+2VXyiyWmj36LLK2n5wvBCQbWckY5QtcRqRWZ5CJj BvB52yiAbPuMwBcV7Ki90t9pEGeyjT5Ujb6kIGQTw2WcTapSWX4P/A6JjYHRZtWu DTtEZVU8WC2jYuOIqK/xJtQVOXgOISmEGCpWgHoZD8c= -----END CERTIFICATE-----Generated at Sun Aug 24 11:40:25 2025 by rpki-client