$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Pb90gZyXOF2Cy-T2b0x64sqTRak.roa File: Pb90gZyXOF2Cy-T2b0x64sqTRak.roa (raw, json) Hash identifier: YES9i6OJR0d6ta1r+931LLSbGXNhMCZAAQC+W9Xx6NM= Subject key identifier: 3D:BF:74:81:9C:97:38:5D:82:CB:E4:F6:6F:4C:7A:E2:CA:93:45:A9 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0EA5 Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Pb90gZyXOF2Cy-T2b0x64sqTRak.roa Signing time: Fri 22 Aug 2025 08:52:29 +0000 ROA not before: Fri 22 Aug 2025 08:52:29 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9416 IP address blocks: 203.118.224.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3749 (0xea5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 22 08:52:29 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3DBF74819C97385D82CBE4F66F4C7AE2CA9345A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:64:24:ce:65:9c:1c:95:2a:e6:f6:b2:e5:fb: b6:aa:1a:51:08:a9:95:c2:ed:8f:17:10:b4:b2:3a: 9c:6b:38:64:3e:cd:f2:6e:59:17:0e:59:1a:69:2a: 2e:85:6f:fa:1c:45:8d:7d:e6:de:27:5d:1f:d0:07: 2a:52:ee:c1:d1:d6:a1:4e:7a:56:d9:39:17:cf:66: b2:99:00:02:7d:02:bf:1f:b5:13:3d:80:d0:9b:39: 3b:aa:f4:ae:3d:f9:ef:b1:41:c5:20:e7:b7:e0:e3: 31:f6:96:8d:17:59:de:10:7c:8e:1d:d3:2c:85:b0: da:b1:1f:b4:6e:98:b8:a8:a9:00:7a:fa:27:7e:38: 36:3a:ec:b9:ba:05:7c:e0:9e:a2:eb:30:82:61:63: 8a:88:2b:da:ce:ea:bb:ee:27:63:af:90:ce:68:fc: 4c:b6:03:52:47:ac:3b:07:c4:f3:54:dd:09:72:6e: e5:2e:a9:cc:c6:61:11:62:ff:df:cf:67:96:a6:3f: f8:11:bd:67:ee:de:ea:e3:2e:dd:76:2e:77:28:de: 7e:8e:24:d8:17:2c:b4:b3:d5:be:7b:87:a2:46:52: 90:4d:9c:3e:13:55:2e:18:53:dc:d6:e0:f7:59:59: 3d:4b:a1:ce:35:3b:3b:da:09:a0:2a:ee:60:45:a6: 17:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:BF:74:81:9C:97:38:5D:82:CB:E4:F6:6F:4C:7A:E2:CA:93:45:A9 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/Pb90gZyXOF2Cy-T2b0x64sqTRak.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.118.224.0/20 Signature Algorithm: sha256WithRSAEncryption 26:43:e4:1d:f8:65:55:28:97:bb:e0:35:4c:42:90:c6:34:60: ef:75:a1:85:77:b9:38:1f:08:94:9c:15:0c:dc:b0:03:22:d3: 0a:78:db:f9:1f:85:31:5f:da:bb:b7:e6:1a:17:1b:08:2f:21: 68:b3:60:be:8f:e4:04:0b:e1:45:5f:52:f9:c0:cd:03:d4:5f: 86:ea:72:a5:89:cd:30:60:48:df:ab:ec:2c:a6:07:9e:f8:89: 99:97:c1:80:c4:86:18:ef:cd:cc:48:82:d8:3d:d2:20:c6:26: 34:6f:d8:ea:33:ef:f1:43:f2:7d:59:f4:4f:ae:61:db:c3:95: d5:a6:57:7e:f1:38:cf:a6:ee:ba:0a:bf:97:bc:e8:91:9f:3b: 13:14:31:3d:bb:44:9a:45:b4:b1:62:6b:8d:36:d2:47:41:71: 33:28:cf:9b:17:71:06:47:0b:89:00:69:2d:f5:bb:bf:e9:40: 43:9c:36:b9:be:20:3c:9c:77:d0:ef:34:7a:4b:06:0e:96:0a: e0:ec:74:13:47:d7:c1:66:8b:a5:ca:c3:28:18:68:74:22:43: 6d:83:2d:80:b1:27:c2:f2:70:19:bc:13:e6:86:d4:b2:08:0e: 87:b2:d8:f1:91:55:57:09:45:d4:cb:2c:c7:55:b2:78:82:94: 66:42:7c:e2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTA4MjIw ODUyMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNEQkY3NDgxOUM5NzM4 NUQ4MkNCRTRGNjZGNEM3QUUyQ0E5MzQ1QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyZCTOZZwclSrm9rLl+7aqGlEIqZXC7Y8XELSyOpxrOGQ+zfJu WRcOWRppKi6Fb/ocRY195t4nXR/QBypS7sHR1qFOelbZORfPZrKZAAJ9Ar8ftRM9 gNCbOTuq9K49+e+xQcUg57fg4zH2lo0XWd4QfI4d0yyFsNqxH7RumLioqQB6+id+ ODY67Lm6BXzgnqLrMIJhY4qIK9rO6rvuJ2OvkM5o/Ey2A1JHrDsHxPNU3QlybuUu qczGYRFi/9/PZ5amP/gRvWfu3urjLt12Lnco3n6OJNgXLLSz1b57h6JGUpBNnD4T VS4YU9zW4PdZWT1Loc41OzvaCaAq7mBFphc/AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUPb90gZyXOF2Cy+T2b0x64sqTRakwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1BiOTBnWnlYT0YyQ3ktVDJi MHg2NHNxVFJhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATL duAwDQYJKoZIhvcNAQELBQADggEBACZD5B34ZVUol7vgNUxCkMY0YO91oYV3uTgf CJScFQzcsAMi0wp42/kfhTFf2ru35hoXGwgvIWizYL6P5AQL4UVfUvnAzQPUX4bq cqWJzTBgSN+r7CymB574iZmXwYDEhhjvzcxIgtg90iDGJjRv2Ooz7/FD8n1Z9E+u YdvDldWmV37xOM+m7roKv5e86JGfOxMUMT27RJpFtLFia4020kdBcTMoz5sXcQZH C4kAaS31u7/pQEOcNrm+IDycd9DvNHpLBg6WCuDsdBNH18Fmi6XKwygYaHQiQ22D LYCxJ8LycBm8E+aG1LIIDoey2PGRVVcJRdTLLMdVsniClGZCfOI= -----END CERTIFICATE-----Generated at Sun Aug 24 07:42:31 2025 by rpki-client