$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/Sabq8rTxhQaLTvQLsSdwjqssAiM.roa File: Sabq8rTxhQaLTvQLsSdwjqssAiM.roa (raw, json) Hash identifier: diekZ04OVKpDpLajD/bJjmDFgYfNZPQJD4wHw3cIHwU= Subject key identifier: 49:A6:EA:F2:B4:F1:85:06:8B:4E:F4:0B:B1:27:70:8E:AB:2C:02:23 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F10 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Sabq8rTxhQaLTvQLsSdwjqssAiM.roa Signing time: Fri 22 Aug 2025 09:03:46 +0000 ROA not before: Fri 22 Aug 2025 09:03:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131602 IP address blocks: 211.78.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3856 (0xf10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=49A6EAF2B4F185068B4EF40BB127708EAB2C0223 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:0a:ed:4e:8c:45:a4:4c:bb:9f:57:ec:31:f1: 9d:09:63:eb:09:53:92:29:88:19:d8:f6:19:e6:95: 81:da:53:05:7a:c3:0f:4b:36:25:53:2f:72:8b:6d: 4e:bc:2f:62:ea:ed:9c:83:af:46:c4:11:c8:e8:4d: ba:c6:31:ac:b3:7a:72:70:59:f7:09:10:fa:84:5e: 8f:7e:0f:62:31:7f:d3:be:2e:d0:31:c8:a0:f5:a8: bb:a5:d2:a9:53:35:f3:69:93:d5:68:6e:fe:a1:79: a5:c6:f9:dd:a6:58:7f:1e:2a:4e:05:10:eb:da:68: 11:c2:eb:e6:e4:0a:80:80:c8:e5:f9:85:f7:e9:91: 1f:14:55:e5:72:0d:79:ce:de:7f:64:26:a7:ad:7e: bb:96:5a:50:8d:66:b7:b8:06:07:dc:f0:de:f0:61: 3c:2f:79:f6:77:d5:c1:47:de:33:4d:24:c1:f5:50: 13:4f:82:1d:df:e0:aa:9d:89:1f:ed:d6:4d:fb:1b: a0:a4:9b:56:95:d4:69:31:0a:94:d5:77:74:a8:47: 24:67:57:45:72:f7:35:61:d5:3d:aa:39:f0:f0:d2: fc:be:4f:79:79:b8:28:59:bb:9a:0c:e8:72:e1:c3: cf:69:7e:1d:36:e9:40:0d:15:fe:6e:7b:bf:b9:bb: 0d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:A6:EA:F2:B4:F1:85:06:8B:4E:F4:0B:B1:27:70:8E:AB:2C:02:23 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Sabq8rTxhQaLTvQLsSdwjqssAiM.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.78.8.0/22 Signature Algorithm: sha256WithRSAEncryption 83:84:c4:dd:fc:aa:12:e5:4b:44:fb:88:50:85:84:a0:55:97: dc:2a:ff:b9:f9:66:43:a3:93:b0:3a:5d:9d:aa:4a:e2:3d:39: 24:38:87:88:b6:7f:bd:ba:79:78:8c:1d:6d:81:d3:fd:d0:fd: 6e:44:37:d2:2c:92:df:6d:f2:b4:d0:01:19:7d:6c:bd:b3:7d: 8b:3e:99:3a:4e:7b:b4:f1:eb:51:89:1b:7b:1b:8a:4e:eb:a5: 96:1a:1c:67:b3:02:c9:86:be:0b:f1:93:53:40:d9:a9:72:37: 2f:a8:aa:6d:37:84:55:4d:b0:a9:f0:16:b7:1a:2b:5c:14:0f: 28:41:a4:ff:07:d0:13:8e:ea:60:95:80:90:81:21:a0:e3:cc: a3:bb:c9:45:64:01:b3:48:bc:dd:c7:43:59:45:6c:0f:d5:d9: 31:55:a8:7e:f9:84:a2:3c:d2:9a:ab:48:f3:6b:c9:ba:69:b4: a2:d9:f6:8d:81:e2:4a:95:59:ca:ac:89:d7:4c:27:d1:da:65: 7a:3c:b7:19:38:8b:7c:c2:46:bb:55:f0:53:fe:ad:e1:02:01: 27:4f:b7:ac:d7:5f:70:76:bc:ef:d8:a1:0a:5b:36:f2:04:6c: 55:02:ed:01:1e:e5:e3:87:7a:46:d8:df:f3:f5:00:a2:ab:a9: 9f:0d:8d:03 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ5QTZFQUYyQjRGMTg1 MDY4QjRFRjQwQkIxMjc3MDhFQUIyQzAyMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHCu1OjEWkTLufV+wx8Z0JY+sJU5IpiBnY9hnmlYHaUwV6ww9L NiVTL3KLbU68L2Lq7ZyDr0bEEcjoTbrGMayzenJwWfcJEPqEXo9+D2Ixf9O+LtAx yKD1qLul0qlTNfNpk9Vobv6heaXG+d2mWH8eKk4FEOvaaBHC6+bkCoCAyOX5hffp kR8UVeVyDXnO3n9kJqetfruWWlCNZre4Bgfc8N7wYTwvefZ31cFH3jNNJMH1UBNP gh3f4KqdiR/t1k37G6Ckm1aV1GkxCpTVd3SoRyRnV0Vy9zVh1T2qOfDw0vy+T3l5 uChZu5oM6HLhw89pfh026UANFf5ue7+5uw3zAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUSabq8rTxhQaLTvQLsSdwjqssAiMwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1NhYnE4clR4aFFhTFR2UUxzU2R3anFz c0FpTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ KoZIhvcNAQELBQADggEBAIOExN38qhLlS0T7iFCFhKBVl9wq/7n5ZkOjk7A6XZ2q SuI9OSQ4h4i2f726eXiMHW2B0/3Q/W5EN9Iskt9t8rTQARl9bL2zfYs+mTpOe7Tx 61GJG3sbik7rpZYaHGezAsmGvgvxk1NA2alyNy+oqm03hFVNsKnwFrcaK1wUDyhB pP8H0BOO6mCVgJCBIaDjzKO7yUVkAbNIvN3HQ1lFbA/V2TFVqH75hKI80pqrSPNr ybpptKLZ9o2B4kqVWcqsiddMJ9HaZXo8txk4i3zCRrtV8FP+reECASdPt6zXX3B2 vO/YoQpbNvIEbFUC7QEe5eOHekbY3/P1AKKrqZ8NjQM= -----END CERTIFICATE-----Generated at Sun Aug 24 07:29:33 2025 by rpki-client