$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/J5oQ4o5Y6VLZKKkg8btXlQzuJi0.roa File: J5oQ4o5Y6VLZKKkg8btXlQzuJi0.roa (raw, json) Hash identifier: ghhwCWhBcqgnmk9S8xzKMSNpXI8LquEGN1Uq/QRa56Y= Subject key identifier: 27:9A:10:E2:8E:58:E9:52:D9:28:A9:20:F1:BB:57:95:0C:EE:26:2D Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F27 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/J5oQ4o5Y6VLZKKkg8btXlQzuJi0.roa Signing time: Fri 22 Aug 2025 09:03:51 +0000 ROA not before: Fri 22 Aug 2025 09:03:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18049 IP address blocks: 61.61.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3879 (0xf27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=279A10E28E58E952D928A920F1BB57950CEE262D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:43:29:4e:b2:56:46:5f:9e:1b:83:0d:11:4e: e0:70:bb:bf:a9:eb:11:61:83:be:17:04:77:f6:d4: 03:af:eb:4a:9a:3a:d7:49:df:c2:5a:d1:2c:0a:f5: 9b:15:8c:1e:5c:66:94:e0:2b:86:a6:32:44:34:0f: 2f:4b:a9:28:6b:a7:8f:53:55:80:f5:3b:c7:78:8a: 8b:66:fe:8a:9f:30:9b:67:85:0c:95:3e:17:a1:c5: fd:67:1a:4d:3a:55:e0:79:52:25:b8:6a:d5:41:0e: f3:bb:6a:ae:19:ec:85:ee:54:4e:ec:8b:51:12:df: 0a:66:c0:88:c5:1d:aa:66:59:4b:e6:5a:95:11:3d: 95:f0:21:bc:5e:5d:6d:6c:52:7e:2e:85:a6:ef:7b: aa:1f:76:be:0b:57:bb:c8:1b:37:50:f6:35:af:a6: eb:8c:f0:99:64:ff:3d:b0:f1:04:4d:84:d6:d5:d1: 57:93:58:7c:0b:f0:e7:7e:38:36:bc:6e:c7:51:67: 80:77:48:f6:ef:1f:58:d5:8c:0a:0d:88:0e:b4:f7: d6:e3:b6:f3:61:ea:94:93:0f:b9:42:b4:aa:6b:42: b3:81:26:b9:a2:26:06:fd:4f:59:1f:cc:96:30:4d: b1:f3:f0:79:4a:1a:a5:ff:34:4c:ae:0d:44:f8:0d: 1e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:9A:10:E2:8E:58:E9:52:D9:28:A9:20:F1:BB:57:95:0C:EE:26:2D X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/J5oQ4o5Y6VLZKKkg8btXlQzuJi0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.176.0/20 Signature Algorithm: sha256WithRSAEncryption 0d:40:8d:e4:e6:dc:9a:d2:87:40:68:ba:2a:58:fc:d3:05:34: 19:3e:61:dd:15:30:07:17:86:43:a6:1f:86:e5:66:d2:2c:c0: 20:8d:5a:e7:06:a3:3e:f7:c7:5e:aa:97:28:da:2e:ec:d7:cd: 9e:49:0a:30:ad:82:ca:4d:47:ac:98:d2:9c:0b:a6:b4:3b:91: da:94:9d:d7:f4:c4:4f:1a:8e:67:a6:9f:69:46:81:bb:56:76: 65:f1:d5:aa:d3:1e:f1:74:46:f9:04:34:be:0b:8c:01:20:da: 98:1e:9c:2f:7e:14:6d:81:be:f4:7b:54:e7:3a:82:13:aa:80: 52:6b:52:24:52:9b:8e:82:cb:7f:9c:5e:6e:c5:72:42:97:6a: 3e:34:fb:92:55:00:5c:dd:57:9d:22:27:d6:93:4c:4f:41:29: e2:c4:74:f3:13:ea:b5:d1:33:4f:e8:36:36:6d:b3:04:97:19: f5:86:8b:cb:e8:54:63:ef:ce:75:12:59:07:85:4c:4c:24:4d: 28:31:1e:82:6b:03:c4:6c:5c:2c:3d:a6:8f:06:2a:0a:0a:31: ee:5e:62:8c:ea:80:d6:7d:0f:a3:a5:14:da:0a:49:d0:e2:23: 80:55:9f:da:14:fa:93:01:fb:6b:a2:a4:19:c3:54:f0:ff:fb: 59:a0:47:24 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDycwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDI3OUExMEUyOEU1OEU5 NTJEOTI4QTkyMEYxQkI1Nzk1MENFRTI2MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkQylOslZGX54bgw0RTuBwu7+p6xFhg74XBHf21AOv60qaOtdJ 38Ja0SwK9ZsVjB5cZpTgK4amMkQ0Dy9LqShrp49TVYD1O8d4iotm/oqfMJtnhQyV Phehxf1nGk06VeB5UiW4atVBDvO7aq4Z7IXuVE7si1ES3wpmwIjFHapmWUvmWpUR PZXwIbxeXW1sUn4uhabve6ofdr4LV7vIGzdQ9jWvpuuM8Jlk/z2w8QRNhNbV0VeT WHwL8Od+ODa8bsdRZ4B3SPbvH1jVjAoNiA6099bjtvNh6pSTD7lCtKprQrOBJrmi Jgb9T1kfzJYwTbHz8HlKGqX/NEyuDUT4DR5/AgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUJ5oQ4o5Y6VLZKKkg8btXlQzuJi0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0o1b1E0bzVZNlZMWktLa2c4YnRYbFF6 dUppMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9PbAwDQYJ KoZIhvcNAQELBQADggEBAA1AjeTm3JrSh0BouipY/NMFNBk+Yd0VMAcXhkOmH4bl ZtIswCCNWucGoz73x16qlyjaLuzXzZ5JCjCtgspNR6yY0pwLprQ7kdqUndf0xE8a jmemn2lGgbtWdmXx1arTHvF0RvkENL4LjAEg2pgenC9+FG2BvvR7VOc6ghOqgFJr UiRSm46Cy3+cXm7FckKXaj40+5JVAFzdV50iJ9aTTE9BKeLEdPMT6rXRM0/oNjZt swSXGfWGi8voVGPvznUSWQeFTEwkTSgxHoJrA8RsXCw9po8GKgoKMe5eYozqgNZ9 D6OlFNoKSdDiI4BVn9oU+pMB+2uipBnDVPD/+1mgRyQ= -----END CERTIFICATE-----Generated at Sun Aug 24 07:28:20 2025 by rpki-client