$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/WIGrK8jlt2kzP1_6gdaM0x1zDog.roa File: WIGrK8jlt2kzP1_6gdaM0x1zDog.roa (raw, json) Hash identifier: 4WLx8/NdGGxXXZZhxneDyt2DHxUUW54r0MkHCdUvyu8= Subject key identifier: 58:81:AB:2B:C8:E5:B7:69:33:3F:5F:FA:81:D6:8C:D3:1D:73:0E:88 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0EBC Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/WIGrK8jlt2kzP1_6gdaM0x1zDog.roa Signing time: Fri 22 Aug 2025 08:52:34 +0000 ROA not before: Fri 22 Aug 2025 08:52:34 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9416 IP address blocks: 115.43.0.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3772 (0xebc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 22 08:52:34 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5881AB2BC8E5B769333F5FFA81D68CD31D730E88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:db:58:c5:75:19:d3:7f:86:7b:d7:df:d5:58: d3:f2:a5:1a:14:7a:79:c0:ce:90:71:51:f1:c6:9a: c1:2b:f1:15:a0:ca:b2:d5:1b:ae:33:48:0e:e5:2e: fc:7b:84:e4:e5:09:d8:fd:96:33:3b:e2:9e:70:5e: 68:24:dc:02:6c:95:0c:84:a5:6e:de:e6:53:a7:9e: a8:fd:6a:56:44:7d:81:2d:4e:8b:83:10:19:d0:28: 1f:48:1f:15:89:e7:7c:d7:3c:d1:11:d2:8a:2e:b3: 49:78:01:6a:bf:3a:60:1a:1a:d2:77:89:fa:3d:bb: 3b:6e:48:fa:9a:fd:ec:f4:e0:f6:9a:97:ee:5a:e1: 79:4e:47:79:c4:d4:21:00:51:77:4b:8c:51:4e:92: 13:ed:15:00:ab:d7:49:5e:41:52:35:d7:d3:e5:0a: ff:3d:fe:db:71:7a:75:c6:f1:bd:61:4d:6c:a1:97: 75:f0:bf:b0:c3:38:1f:46:a6:f7:d3:c3:ba:7a:c6: d8:d8:1b:39:c6:88:49:da:fd:26:93:00:18:a0:af: 48:48:6e:78:aa:e3:ac:6e:6a:96:93:31:9a:fc:7f: eb:5a:9e:d8:b1:e8:7b:f4:25:dd:7e:5e:08:a0:3b: 8b:2f:d9:da:b6:9c:ab:de:c4:77:a5:62:f3:ba:d7: 67:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:81:AB:2B:C8:E5:B7:69:33:3F:5F:FA:81:D6:8C:D3:1D:73:0E:88 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/WIGrK8jlt2kzP1_6gdaM0x1zDog.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.43.0.0/17 Signature Algorithm: sha256WithRSAEncryption 68:af:3e:0f:5b:d0:89:8b:a4:2e:bf:dc:f7:76:1a:43:ca:70: ae:06:b9:17:cc:76:81:84:0c:e7:ab:48:d6:58:d4:40:3f:d5: db:56:d7:ec:e3:b1:9f:74:6a:9e:65:fe:0e:da:0c:88:0b:a0: f1:07:b3:f1:31:2f:cc:da:1c:1d:80:33:9c:75:ef:53:f8:be: 9b:d9:8d:3d:0d:c0:9e:8d:33:5f:bd:27:56:5c:08:f4:e5:5d: 03:ca:e0:c9:a0:9a:11:fb:6d:a7:60:de:b1:1f:ab:7c:64:4e: 86:bc:0e:c7:da:3a:d5:bd:e6:60:10:4e:a8:b7:5c:91:0a:5f: d8:06:5e:00:80:69:c1:4f:75:dc:b0:7a:59:c6:8c:77:b5:b9: 9c:f5:32:5e:37:a8:28:45:7c:88:b8:41:51:a2:93:54:1b:64: bc:9a:ab:80:50:f4:6c:69:ec:00:97:fa:0a:fb:72:1b:88:7c: 70:39:4f:27:58:75:99:fd:e8:f7:38:0a:ec:f0:80:45:98:c0: 78:91:86:f2:35:3c:f2:d7:ba:69:93:30:cf:cd:25:62:65:ed: 59:70:e1:14:f1:8b:04:88:5d:45:b4:b3:43:96:89:c2:e0:d9: a3:30:bc:c0:24:d5:b4:27:2e:8e:43:38:55:59:53:3b:72:0f: 76:02:c0:18 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTA4MjIw ODUyMzRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDU4ODFBQjJCQzhFNUI3 NjkzMzNGNUZGQTgxRDY4Q0QzMUQ3MzBFODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG21jFdRnTf4Z719/VWNPypRoUennAzpBxUfHGmsEr8RWgyrLV G64zSA7lLvx7hOTlCdj9ljM74p5wXmgk3AJslQyEpW7e5lOnnqj9alZEfYEtTouD EBnQKB9IHxWJ53zXPNER0oous0l4AWq/OmAaGtJ3ifo9uztuSPqa/ez04Paal+5a 4XlOR3nE1CEAUXdLjFFOkhPtFQCr10leQVI119PlCv89/ttxenXG8b1hTWyhl3Xw v7DDOB9GpvfTw7p6xtjYGznGiEna/SaTABigr0hIbniq46xuapaTMZr8f+tantix 6Hv0Jd1+XgigO4sv2dq2nKvexHelYvO612f/AgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUWIGrK8jlt2kzP1/6gdaM0x1zDogwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL1dJR3JLOGpsdDJrelAxXzZn ZGFNMHgxekRvZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz KwAwDQYJKoZIhvcNAQELBQADggEBAGivPg9b0ImLpC6/3Pd2GkPKcK4GuRfMdoGE DOerSNZY1EA/1dtW1+zjsZ90ap5l/g7aDIgLoPEHs/ExL8zaHB2AM5x171P4vpvZ jT0NwJ6NM1+9J1ZcCPTlXQPK4MmgmhH7badg3rEfq3xkToa8DsfaOtW95mAQTqi3 XJEKX9gGXgCAacFPddywelnGjHe1uZz1Ml43qChFfIi4QVGik1QbZLyaq4BQ9Gxp 7ACX+gr7chuIfHA5TydYdZn96Pc4CuzwgEWYwHiRhvI1PPLXummTMM/NJWJl7Vlw 4RTxiwSIXUW0s0OWicLg2aMwvMAk1bQnLo5DOFVZUztyD3YCwBg= -----END CERTIFICATE-----Generated at Sun Aug 24 07:40:50 2025 by rpki-client