$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DWaCWgJUcyRXhRjZJgD-Yg88RKc.roa File: DWaCWgJUcyRXhRjZJgD-Yg88RKc.roa (raw, json) Hash identifier: n8cgeLUKiWP5EkWdkCf2KKvEtOVc5/nPobum9VCjxqk= Subject key identifier: 0D:66:82:5A:02:54:73:24:57:85:18:D9:26:00:FE:62:0F:3C:44:A7 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0EA7 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DWaCWgJUcyRXhRjZJgD-Yg88RKc.roa Signing time: Fri 22 Aug 2025 08:52:29 +0000 ROA not before: Fri 22 Aug 2025 08:52:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9416 IP address blocks: 123.252.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3751 (0xea7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 22 08:52:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0D66825A02547324578518D92600FE620F3C44A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:67:25:26:a3:c4:d4:65:f4:41:2e:17:8d:e1: e8:ba:c1:2a:72:e2:98:30:c4:08:c5:95:d9:48:db: b8:86:ea:02:56:44:32:2b:52:c5:a0:27:33:f3:18: 69:80:ab:5e:8c:01:0b:0e:39:c3:4b:50:08:e6:b8: 2d:aa:7a:d0:06:2e:79:55:ba:30:09:d7:af:ed:6b: 69:18:4e:7c:2f:20:a0:02:8b:35:83:3d:4f:bd:8f: eb:60:bd:f7:e5:87:4c:d1:1e:f8:b2:ad:c5:5d:c2: 89:ff:8b:9a:84:c3:8f:3d:89:84:44:c9:3f:a0:01: f2:da:00:ad:a8:84:94:3c:60:c8:67:b3:c6:25:b6: 11:23:94:69:53:1d:77:fc:63:3f:0d:81:d7:ef:82: 34:96:14:8a:f9:18:e9:27:90:18:6c:47:4e:22:70: 7b:cc:0c:c0:88:60:f6:b5:6e:15:e5:d9:f7:10:79: 57:33:c1:36:11:60:61:d6:31:9b:fd:68:40:6a:7e: 92:71:ef:9a:e7:c4:57:ee:8f:c9:ff:af:8d:8f:c6: f2:90:6d:ca:41:cb:8d:56:78:c9:b1:6e:26:7f:a3: 6f:34:b9:a8:85:16:21:96:32:3d:df:6f:4a:79:53: c3:eb:13:70:d7:f2:0e:16:52:54:8f:31:b4:8c:53: 4b:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:66:82:5A:02:54:73:24:57:85:18:D9:26:00:FE:62:0F:3C:44:A7 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/DWaCWgJUcyRXhRjZJgD-Yg88RKc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.252.0.0/17 Signature Algorithm: sha256WithRSAEncryption 7d:d2:49:be:e9:81:cf:5a:01:6e:20:42:42:82:d5:9f:4e:fb: 8d:e3:9f:47:20:88:50:fd:c8:84:c1:9e:b1:16:c3:ab:24:f0: f8:a8:e7:7a:d4:03:80:a9:81:78:2e:74:ac:f7:d2:79:44:cb: 81:a5:e0:78:05:04:0f:c5:a8:2b:3f:a5:52:69:b3:a6:92:f4: f6:b2:e6:41:4e:b6:73:39:0a:db:26:56:67:a5:18:d1:1b:5a: ab:67:13:0d:b4:82:ae:9e:b3:66:fa:7d:f1:25:f2:de:a0:49: 6b:f3:a6:95:0e:5e:81:8c:fa:24:d6:98:26:aa:c0:1b:0e:f7: 28:c9:09:89:d9:c0:f7:b2:34:90:68:eb:a5:1b:cd:4f:eb:d3: 2e:c8:66:4e:12:4a:d0:ee:eb:55:37:dc:65:8a:00:ff:35:b0: cf:a9:ad:9a:fd:32:68:83:bb:f0:00:6c:1e:e6:29:8e:4d:fc: bb:00:e6:11:2a:a1:8b:ea:1b:a7:4c:97:5d:c7:4e:a5:03:db: 0d:06:69:4f:b9:3f:e9:86:9d:42:a2:81:cc:96:03:3e:19:3d: 27:ec:8b:a8:89:5e:0a:b2:3f:bd:ec:75:d8:6c:a9:a4:ba:08: b7:09:d6:5a:95:37:86:ae:e7:fe:83:14:ff:87:b0:ec:0a:67: b5:0e:ae:4b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTA4MjIw ODUyMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBENjY4MjVBMDI1NDcz MjQ1Nzg1MThEOTI2MDBGRTYyMEYzQzQ0QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDuZyUmo8TUZfRBLheN4ei6wSpy4pgwxAjFldlI27iG6gJWRDIr UsWgJzPzGGmAq16MAQsOOcNLUAjmuC2qetAGLnlVujAJ16/ta2kYTnwvIKACizWD PU+9j+tgvfflh0zRHviyrcVdwon/i5qEw489iYREyT+gAfLaAK2ohJQ8YMhns8Yl thEjlGlTHXf8Yz8NgdfvgjSWFIr5GOknkBhsR04icHvMDMCIYPa1bhXl2fcQeVcz wTYRYGHWMZv9aEBqfpJx75rnxFfuj8n/r42PxvKQbcpBy41WeMmxbiZ/o280uaiF FiGWMj3fb0p5U8PrE3DX8g4WUlSPMbSMU0vHAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUDWaCWgJUcyRXhRjZJgD+Yg88RKcwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0RXYUNXZ0pVY3lSWGhSalpK Z0QtWWc4OFJLYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd7 /AAwDQYJKoZIhvcNAQELBQADggEBAH3SSb7pgc9aAW4gQkKC1Z9O+43jn0cgiFD9 yITBnrEWw6sk8Pio53rUA4CpgXgudKz30nlEy4Gl4HgFBA/FqCs/pVJps6aS9Pay 5kFOtnM5CtsmVmelGNEbWqtnEw20gq6es2b6ffEl8t6gSWvzppUOXoGM+iTWmCaq wBsO9yjJCYnZwPeyNJBo66UbzU/r0y7IZk4SStDu61U33GWKAP81sM+prZr9MmiD u/AAbB7mKY5N/LsA5hEqoYvqG6dMl13HTqUD2w0GaU+5P+mGnUKigcyWAz4ZPSfs i6iJXgqyP73sddhsqaS6CLcJ1lqVN4au5/6DFP+HsOwKZ7UOrks= -----END CERTIFICATE-----Generated at Sun Aug 24 09:45:08 2025 by rpki-client