$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/oomKe4sIa9WcWQhYtP1ySUemtpE.roa File: oomKe4sIa9WcWQhYtP1ySUemtpE.roa (raw, json) Hash identifier: GWjMSAIp2GTL6xnSqJe+5P6TJ7W2wqG/3J/Feuo2olM= Subject key identifier: A2:89:8A:7B:8B:08:6B:D5:9C:59:08:58:B4:FD:72:49:47:A6:B6:91 Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Certificate serial: 0EAD Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/oomKe4sIa9WcWQhYtP1ySUemtpE.roa Signing time: Fri 22 Aug 2025 08:52:31 +0000 ROA not before: Fri 22 Aug 2025 08:52:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18042 IP address blocks: 202.151.48.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3757 (0xead) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929 Validity Not Before: Aug 22 08:52:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=A2898A7B8B086BD59C590858B4FD724947A6B691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a3:0f:34:ff:8e:47:21:b6:8b:3c:8c:27:ce: 62:ec:43:c7:d8:76:a2:f8:ea:d7:8d:51:c5:64:89: 90:6e:40:b9:7e:99:50:e4:b8:ec:48:7c:98:15:d7: 21:d9:a6:12:0d:8e:05:46:36:3f:cc:f6:d2:4f:70: 71:de:09:0d:b1:14:d9:e3:d8:44:11:08:e5:2c:28: fc:aa:9e:75:f5:09:1f:e8:ae:f2:1c:e7:e1:74:33: 91:73:44:55:44:58:ef:f6:16:34:a1:e0:fe:b4:76: ac:78:8b:0e:b9:eb:2c:03:f6:ac:90:b4:20:78:3a: a8:1d:de:96:6d:8f:6b:14:67:27:74:67:90:61:62: ed:97:de:b3:7a:44:70:24:05:9f:7d:84:cf:b9:e7: 8b:cc:1f:6c:1d:ed:a1:cd:ca:0f:5d:91:14:7b:59: 33:02:d1:6a:fe:0f:4c:31:aa:9c:59:32:ba:ee:62: 90:1f:61:d8:d4:3e:46:24:24:38:df:a5:60:fa:07: 3c:f0:84:c9:8b:ab:ed:69:5f:be:64:05:c9:1c:21: 23:77:cf:a7:67:76:41:a8:8f:5e:29:bb:5a:05:25: 8a:dc:c8:fb:b7:b9:0e:41:5f:04:28:eb:fa:e8:be: 0e:51:b0:a2:cb:3c:31:ca:75:4d:24:f5:3a:73:89: 9b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:89:8A:7B:8B:08:6B:D5:9C:59:08:58:B4:FD:72:49:47:A6:B6:91 X509v3 Authority Key Identifier: keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/oomKe4sIa9WcWQhYtP1ySUemtpE.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.151.48.0/20 Signature Algorithm: sha256WithRSAEncryption 2f:9b:0f:70:66:51:9e:0d:ce:f7:54:3e:1b:d3:2e:0a:41:4a: 9e:7a:17:50:05:04:4b:d4:03:7b:4f:62:bd:cb:e1:8a:b6:55: a2:bc:14:0b:65:f1:63:85:65:e8:f5:41:b1:99:e3:78:03:f8: 91:c1:9c:83:a9:55:78:22:04:a3:d2:26:df:49:53:0a:76:4a: c3:2d:80:11:b5:dd:d3:99:19:fc:41:57:b3:1d:ab:27:b8:b8: 90:96:09:ca:0a:dc:88:7c:bb:4c:4c:a8:4c:f1:3c:cf:fa:38: e5:8c:54:17:66:95:0a:8e:f0:19:1c:53:c3:d4:50:9e:66:d8: 9a:fe:48:7f:a2:c4:e3:01:e1:ac:c3:53:03:e5:43:77:70:0e: 2d:7e:db:7e:dc:64:a5:94:b7:e7:7d:fd:5c:f0:f6:7a:99:07: 7e:21:90:33:71:e7:26:c6:09:f4:5b:16:bc:55:ee:49:32:8a: f1:68:5b:93:c6:91:7d:ab:f7:c2:ae:a4:d5:4d:b9:ec:09:9d: f6:8c:b6:b2:89:9e:dd:d1:fc:d1:6c:0e:f9:e4:90:59:c1:6c: a5:1f:f5:96:96:d7:cb:df:06:ab:02:70:71:3c:20:46:99:67: 0a:82:3b:f5:0f:69:3a:e3:4b:a3:1a:9d:d1:df:f8:62:3d:ee: 68:1e:df:15 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICDq0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5 QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTA4MjIw ODUyMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEEyODk4QTdCOEIwODZC RDU5QzU5MDg1OEI0RkQ3MjQ5NDdBNkI2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6ow80/45HIbaLPIwnzmLsQ8fYdqL46teNUcVkiZBuQLl+mVDk uOxIfJgV1yHZphINjgVGNj/M9tJPcHHeCQ2xFNnj2EQRCOUsKPyqnnX1CR/orvIc 5+F0M5FzRFVEWO/2FjSh4P60dqx4iw656ywD9qyQtCB4Oqgd3pZtj2sUZyd0Z5Bh Yu2X3rN6RHAkBZ99hM+554vMH2wd7aHNyg9dkRR7WTMC0Wr+D0wxqpxZMrruYpAf YdjUPkYkJDjfpWD6BzzwhMmLq+1pX75kBckcISN3z6dndkGoj14pu1oFJYrcyPu3 uQ5BXwQo6/rovg5RsKLLPDHKdU0k9TpziZuRAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUoomKe4sIa9WcWQhYtP1ySUemtpEwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL29vbUtlNHNJYTlXY1dRaFl0 UDF5U1VlbXRwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50 dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK lzAwDQYJKoZIhvcNAQELBQADggEBAC+bD3BmUZ4NzvdUPhvTLgpBSp56F1AFBEvU A3tPYr3L4Yq2VaK8FAtl8WOFZej1QbGZ43gD+JHBnIOpVXgiBKPSJt9JUwp2SsMt gBG13dOZGfxBV7Mdqye4uJCWCcoK3Ih8u0xMqEzxPM/6OOWMVBdmlQqO8BkcU8PU UJ5m2Jr+SH+ixOMB4azDUwPlQ3dwDi1+237cZKWUt+d9/Vzw9nqZB34hkDNx5ybG CfRbFrxV7kkyivFoW5PGkX2r98KupNVNuewJnfaMtrKJnt3R/NFsDvnkkFnBbKUf 9ZaW18vfBqsCcHE8IEaZZwqCO/UPaTrjS6MandHf+GI97mge3xU= -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:46 2025 by rpki-client