$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/8ZwLnbGFvwZp4bJQHkrdSvMQCkk.roa File: 8ZwLnbGFvwZp4bJQHkrdSvMQCkk.roa (raw, json) Hash identifier: 5aD1vQ3sYRonF0S/8d7uhkH6loh/DOw4zlka1dFmQuw= Subject key identifier: F1:9C:0B:9D:B1:85:BF:06:69:E1:B2:50:1E:4A:DD:4A:F3:10:0A:49 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F0A Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/8ZwLnbGFvwZp4bJQHkrdSvMQCkk.roa Signing time: Fri 22 Aug 2025 09:03:45 +0000 ROA not before: Fri 22 Aug 2025 09:03:45 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18049 IP address blocks: 61.61.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3850 (0xf0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:45 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=F19C0B9DB185BF0669E1B2501E4ADD4AF3100A49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:55:6a:4e:58:37:e0:cc:f2:92:27:6c:be:af: 3e:9d:1e:a8:e5:e0:10:23:d5:bd:6b:da:9e:1b:2c: de:30:84:0e:27:fc:a2:34:2a:85:58:bf:5d:82:a6: a8:23:6a:cc:45:ba:9c:2d:1b:d0:43:e3:5d:a2:c5: a6:06:8d:83:40:11:cb:c9:01:90:c3:5e:a7:1c:ab: fd:17:02:fc:37:0d:e6:22:34:28:bf:a3:57:be:0a: 53:60:94:2c:fd:bf:44:27:2d:65:a8:68:2e:8b:0d: 79:61:a2:c5:59:8b:1f:22:bf:d6:a0:33:f0:73:c5: 59:21:35:bd:af:a2:79:33:3d:b8:1e:da:66:82:be: 17:d1:98:29:71:0e:1b:bf:0e:81:87:6c:b7:a0:2a: 90:2c:98:0d:21:21:3a:2e:5f:8d:a1:2f:79:08:82: db:93:fe:5b:19:58:5d:8d:db:34:b2:ab:81:1c:67: e6:54:3c:f6:ab:ad:d1:a1:95:1d:d2:af:95:64:c9: 62:55:a0:35:cd:0a:5d:52:71:82:a5:42:90:f5:d1: cb:99:48:0d:a4:25:0e:f4:9e:cc:10:ae:8a:af:61: 56:0f:8a:7f:f6:99:c8:73:22:55:04:ee:56:2f:20: a5:0c:2a:27:50:43:71:fd:9e:00:dc:b4:13:7d:fd: 8d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:9C:0B:9D:B1:85:BF:06:69:E1:B2:50:1E:4A:DD:4A:F3:10:0A:49 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/8ZwLnbGFvwZp4bJQHkrdSvMQCkk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.72.0/22 Signature Algorithm: sha256WithRSAEncryption 49:c5:83:f8:b8:15:12:83:e1:26:07:59:7d:0e:75:03:4b:50: f3:69:6c:e1:22:75:29:5d:d8:f0:01:15:6a:74:c1:4d:ac:dd: 9b:59:1e:d8:4b:cc:7a:ee:88:ff:a3:96:70:74:09:20:ae:67: a0:ca:40:50:84:65:ca:e1:f2:b6:3c:61:89:87:9a:ac:27:c4: d5:78:d2:8a:cd:79:32:ab:b5:bf:3f:a8:27:4f:31:6d:36:a8: b0:8f:a6:cd:74:77:06:b5:d6:f3:a5:d4:f1:f4:d8:c5:bd:59: 88:ca:65:18:59:45:92:d9:a8:8b:e0:ca:04:ae:da:e0:0f:9d: 21:2d:0f:26:fb:08:a4:5d:5c:32:79:e6:32:55:56:7f:78:d9: a0:78:9a:0a:f9:c8:c8:33:3d:30:0f:48:c0:37:4e:70:76:6b: 5e:d2:72:73:47:ec:4f:03:e7:77:d9:de:6e:d7:0b:cf:8a:47: 40:4a:43:7b:e9:94:33:50:13:98:76:d0:88:ad:a6:dc:0e:b2: 06:f2:5d:46:02:b3:26:cf:03:da:0f:13:f2:9f:47:f4:d7:36: 51:d7:b4:4b:27:9c:a5:33:05:63:b2:d1:e5:e0:c6:24:51:4e: da:8a:ae:fd:68:95:70:31:d9:6b:6b:b5:c9:92:ed:aa:ae:bc: 55:1c:19:35 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEYxOUMwQjlEQjE4NUJG MDY2OUUxQjI1MDFFNEFERDRBRjMxMDBBNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAVWpOWDfgzPKSJ2y+rz6dHqjl4BAj1b1r2p4bLN4whA4n/KI0 KoVYv12CpqgjasxFupwtG9BD412ixaYGjYNAEcvJAZDDXqccq/0XAvw3DeYiNCi/ o1e+ClNglCz9v0QnLWWoaC6LDXlhosVZix8iv9agM/BzxVkhNb2vonkzPbge2maC vhfRmClxDhu/DoGHbLegKpAsmA0hITouX42hL3kIgtuT/lsZWF2N2zSyq4EcZ+ZU PParrdGhlR3Sr5VkyWJVoDXNCl1ScYKlQpD10cuZSA2kJQ70nswQroqvYVYPin/2 mchzIlUE7lYvIKUMKidQQ3H9ngDctBN9/Y09AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQU8ZwLnbGFvwZp4bJQHkrdSvMQCkkwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzhad0xuYkdGdndacDRiSlFIa3JkU3ZN UUNray5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUgwDQYJ KoZIhvcNAQELBQADggEBAEnFg/i4FRKD4SYHWX0OdQNLUPNpbOEidSld2PABFWp0 wU2s3ZtZHthLzHruiP+jlnB0CSCuZ6DKQFCEZcrh8rY8YYmHmqwnxNV40orNeTKr tb8/qCdPMW02qLCPps10dwa11vOl1PH02MW9WYjKZRhZRZLZqIvgygSu2uAPnSEt Dyb7CKRdXDJ55jJVVn942aB4mgr5yMgzPTAPSMA3TnB2a17ScnNH7E8D53fZ3m7X C8+KR0BKQ3vplDNQE5h20IitptwOsgbyXUYCsybPA9oPE/KfR/TXNlHXtEsnnKUz BWOy0eXgxiRRTtqKrv1olXAx2WtrtcmS7aquvFUcGTU= -----END CERTIFICATE-----Generated at Sun Aug 24 07:25:23 2025 by rpki-client