$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/5IcBnAH6Fo_cLOb4lYqQjrsF1sU.roa File: 5IcBnAH6Fo_cLOb4lYqQjrsF1sU.roa (raw, json) Hash identifier: 1UoRILxr7QKz/9rLbzPgJgvueW4e5X53/3Ny82FGSLA= Subject key identifier: E4:87:01:9C:01:FA:16:8F:DC:2C:E6:F8:95:8A:90:8E:BB:05:D6:C5 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0EAC Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/5IcBnAH6Fo_cLOb4lYqQjrsF1sU.roa Signing time: Fri 22 Aug 2025 08:52:31 +0000 ROA not before: Fri 22 Aug 2025 08:52:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 115.43.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3756 (0xeac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 22 08:52:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=E487019C01FA168FDC2CE6F8958A908EBB05D6C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:16:8e:eb:13:64:de:7e:89:2d:71:25:ba:49: a9:2a:fa:5c:6f:1d:30:5d:9f:48:9c:b1:30:39:97: 1f:1d:a2:2f:4c:c3:10:74:f9:29:27:04:0d:ea:4a: ca:c8:82:a8:e2:ca:89:db:49:ed:45:01:32:e7:3e: 34:2d:10:c1:f3:a8:a6:3e:65:8c:fc:04:c3:b0:85: 83:cd:5f:8f:0f:e0:ae:09:e5:2f:ba:f5:24:74:75: d2:e0:7f:10:4c:31:6e:04:8d:7b:e5:ff:2b:ab:c9: 4e:90:cc:21:8b:ff:3b:82:c8:cf:0d:ee:b9:22:f9: 29:4c:af:12:23:75:eb:ca:58:4f:b3:87:ac:be:dd: d6:ea:29:2b:45:0d:b6:8f:e8:bb:2e:78:85:aa:a0: d3:e3:10:0e:e8:ee:f5:e3:5a:17:20:f2:83:32:e3: 81:21:04:22:85:44:eb:f2:a3:28:e2:c7:36:a7:a3: 09:c8:46:39:46:2c:76:37:b8:74:da:c8:e7:5e:f4: 5b:f4:ce:a4:b5:74:46:eb:23:94:e2:a1:b4:a3:1b: e2:cc:e0:38:e4:01:8c:41:25:f5:18:6c:b4:3c:90: 20:90:a3:25:ef:f3:39:fc:21:fa:f2:a4:cb:20:51: 3f:8c:db:fc:90:9b:17:48:84:74:52:d2:6f:8f:1e: 1d:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:87:01:9C:01:FA:16:8F:DC:2C:E6:F8:95:8A:90:8E:BB:05:D6:C5 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/5IcBnAH6Fo_cLOb4lYqQjrsF1sU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.43.128.0/17 Signature Algorithm: sha256WithRSAEncryption 26:f8:1d:c1:ce:a9:cb:49:22:c5:9a:8c:66:ef:8e:88:4b:6e: 5c:28:e0:2f:bb:4a:27:0f:85:a9:97:dc:f2:aa:cd:08:15:f8: 49:9f:da:da:24:dd:08:47:d9:18:29:2e:57:2d:31:7a:6c:cb: b6:f2:a9:eb:e9:a3:72:95:73:1c:54:e5:b1:51:7e:b7:61:75: 84:08:87:e8:d1:c6:b4:d2:a5:6a:b9:e6:96:5c:7c:00:a5:52: a7:68:83:ed:25:c0:20:e9:11:02:5f:33:5b:82:d7:59:33:7b: 33:eb:5a:b2:c1:82:1b:b3:e0:cf:ee:9c:06:4e:fb:fa:3f:5a: 5b:45:d4:9a:5d:a6:68:8f:ce:60:5b:5d:b1:cf:5b:00:55:96: 17:d9:e1:8c:7a:de:17:19:ae:ed:91:a1:6c:d0:5f:5a:57:51: ad:67:6e:b9:cb:63:b3:a8:0b:29:f4:f6:7a:02:eb:a3:bd:4a: cd:86:77:b8:91:b6:62:b2:f6:6b:e9:27:7b:0e:61:8a:84:95: 0a:d2:e7:86:d2:77:67:87:73:28:d2:42:25:05:c2:e4:8c:45: e6:1b:db:08:99:39:c4:d8:cb:cf:35:6f:49:f0:06:d1:95:cc: 25:d0:39:ec:21:07:41:c0:ca:6c:b0:f0:6d:3a:38:a9:7b:70: f0:45:bf:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTA4MjIw ODUyMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEU0ODcwMTlDMDFGQTE2 OEZEQzJDRTZGODk1OEE5MDhFQkIwNUQ2QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/Fo7rE2TefoktcSW6Sakq+lxvHTBdn0icsTA5lx8doi9MwxB0 +SknBA3qSsrIgqjiyonbSe1FATLnPjQtEMHzqKY+ZYz8BMOwhYPNX48P4K4J5S+6 9SR0ddLgfxBMMW4EjXvl/yuryU6QzCGL/zuCyM8N7rki+SlMrxIjdevKWE+zh6y+ 3dbqKStFDbaP6LsueIWqoNPjEA7o7vXjWhcg8oMy44EhBCKFROvyoyjixzanownI RjlGLHY3uHTayOde9Fv0zqS1dEbrI5TiobSjG+LM4DjkAYxBJfUYbLQ8kCCQoyXv 8zn8IfrypMsgUT+M2/yQmxdIhHRS0m+PHh1BAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU5IcBnAH6Fo/cLOb4lYqQjrsF1sUwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HLzVJY0JuQUg2Rm9fY0xPYjRs WXFRanJzRjFzVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz K4AwDQYJKoZIhvcNAQELBQADggEBACb4HcHOqctJIsWajGbvjohLblwo4C+7SicP hamX3PKqzQgV+Emf2tok3QhH2RgpLlctMXpsy7byqevpo3KVcxxU5bFRfrdhdYQI h+jRxrTSpWq55pZcfAClUqdog+0lwCDpEQJfM1uC11kzezPrWrLBghuz4M/unAZO +/o/WltF1JpdpmiPzmBbXbHPWwBVlhfZ4Yx63hcZru2RoWzQX1pXUa1nbrnLY7Oo Cyn09noC66O9Ss2Gd7iRtmKy9mvpJ3sOYYqElQrS54bSd2eHcyjSQiUFwuSMReYb 2wiZOcTYy881b0nwBtGVzCXQOewhB0HAymyw8G06OKl7cPBFvzg= -----END CERTIFICATE-----Generated at Sun Aug 24 07:42:09 2025 by rpki-client