$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/UCLfHrfMxJAjUZWVG6emfe5JxQk.roa File: UCLfHrfMxJAjUZWVG6emfe5JxQk.roa (raw, json) Hash identifier: T7aTPmZtxLYGun8lCLXcpsVJ+OqGCVSdvYNmubxEAOA= Subject key identifier: 50:22:DF:1E:B7:CC:C4:90:23:51:95:95:1B:A7:A6:7D:EE:49:C5:09 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F05 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/UCLfHrfMxJAjUZWVG6emfe5JxQk.roa Signing time: Fri 22 Aug 2025 09:03:43 +0000 ROA not before: Fri 22 Aug 2025 09:03:43 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 61.61.168.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3845 (0xf05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:43 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=5022DF1EB7CCC490235195951BA7A67DEE49C509 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b3:fe:9e:43:fb:ee:89:32:cf:31:51:17:c9: 9a:30:8c:d7:9b:6d:9b:06:e5:e7:95:3e:5b:fa:fd: e0:86:6e:42:41:c2:3a:15:b2:05:fc:e7:1a:c5:99: 0f:cc:c7:f6:09:b6:ef:72:1a:e0:5d:cc:15:4c:5d: bb:84:0a:38:eb:4e:4d:a4:b2:7f:93:24:3b:f8:bb: 64:49:ff:41:6b:1f:84:cd:f1:21:e3:b5:fb:76:ad: 8b:1a:fe:93:ea:42:eb:18:88:a1:ea:ce:be:07:23: 0b:5e:e0:04:54:65:55:49:12:4b:d9:6b:45:ab:9b: d2:69:cd:8a:df:32:62:5c:68:40:67:38:5e:7e:19: f5:10:85:91:dc:31:14:eb:f8:95:48:75:9e:f4:54: ca:2c:3f:bd:a0:9f:0a:a0:38:c3:ca:dd:51:f8:0a: a4:7a:20:28:31:3b:b8:8f:84:79:7a:0a:af:f0:b8: 79:32:6a:22:8d:7a:3b:7f:14:c1:b5:6c:42:1d:4d: 0b:42:0a:5d:24:08:0c:53:db:88:f9:6d:a5:95:e2: d6:99:18:2c:21:2b:e6:21:ab:45:64:fc:65:93:51: 92:c5:fd:9d:97:e0:55:9e:78:e3:bf:36:97:e3:a0: 63:f1:50:f0:08:dc:0c:7e:82:48:e0:f2:95:ce:83: c8:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:22:DF:1E:B7:CC:C4:90:23:51:95:95:1B:A7:A6:7D:EE:49:C5:09 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/UCLfHrfMxJAjUZWVG6emfe5JxQk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.168.0/21 Signature Algorithm: sha256WithRSAEncryption 6f:c7:f6:d3:4d:c7:e2:27:0c:f8:91:a2:69:8c:6a:19:61:32: 52:db:91:12:e5:6f:e6:64:33:6e:fe:42:56:91:9e:9b:17:22: 83:cd:53:86:50:d4:18:bb:76:7d:5b:fb:40:ec:9b:03:68:a2: 40:da:1f:5e:69:5d:1b:78:5f:73:15:84:81:30:aa:fb:8e:18: 88:81:a2:b6:65:44:78:8d:a1:4d:50:55:e3:c8:bf:e1:b6:b7: f9:1f:d8:0a:54:89:79:54:1d:15:82:87:91:11:a6:66:cd:ae: 73:df:03:64:04:b8:43:d2:a0:07:72:67:d0:71:67:5c:ce:56: a4:27:06:ea:b5:ed:0d:9e:a3:a8:09:53:72:2b:37:ca:d4:c0: 54:85:40:04:ba:3f:43:4b:1b:e5:91:7d:0a:b2:a8:1c:9a:7e: 2d:71:b8:f4:47:cd:3f:05:51:d5:ab:ab:d9:be:ca:af:ce:a6: 37:e9:be:a6:93:87:94:4d:b8:62:22:3a:55:e8:2f:74:c6:12: d8:51:28:1f:ee:20:f1:5d:45:88:a5:d1:eb:87:91:68:3c:c6: 86:19:b4:3d:3b:1c:71:1f:32:ed:6c:db:5b:38:9e:06:d8:9e: 59:bc:5e:d8:c2:9a:fe:65:e2:5b:df:fe:2f:d7:ab:22:51:1f: be:bf:59:03 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDwUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDUwMjJERjFFQjdDQ0M0 OTAyMzUxOTU5NTFCQTdBNjdERUU0OUM1MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCws/6eQ/vuiTLPMVEXyZowjNebbZsG5eeVPlv6/eCGbkJBwjoV sgX85xrFmQ/Mx/YJtu9yGuBdzBVMXbuECjjrTk2ksn+TJDv4u2RJ/0FrH4TN8SHj tft2rYsa/pPqQusYiKHqzr4HIwte4ARUZVVJEkvZa0Wrm9JpzYrfMmJcaEBnOF5+ GfUQhZHcMRTr+JVIdZ70VMosP72gnwqgOMPK3VH4CqR6ICgxO7iPhHl6Cq/wuHky aiKNejt/FMG1bEIdTQtCCl0kCAxT24j5baWV4taZGCwhK+Yhq0Vk/GWTUZLF/Z2X 4FWeeOO/NpfjoGPxUPAI3Ax+gkjg8pXOg8gFAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUUCLfHrfMxJAjUZWVG6emfe5JxQkwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1VDTGZIcmZNeEpBalVaV1ZHNmVtZmU1 SnhRay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PagwDQYJ KoZIhvcNAQELBQADggEBAG/H9tNNx+InDPiRommMahlhMlLbkRLlb+ZkM27+QlaR npsXIoPNU4ZQ1Bi7dn1b+0DsmwNookDaH15pXRt4X3MVhIEwqvuOGIiBorZlRHiN oU1QVePIv+G2t/kf2ApUiXlUHRWCh5ERpmbNrnPfA2QEuEPSoAdyZ9BxZ1zOVqQn Buq17Q2eo6gJU3IrN8rUwFSFQAS6P0NLG+WRfQqyqByafi1xuPRHzT8FUdWrq9m+ yq/OpjfpvqaTh5RNuGIiOlXoL3TGEthRKB/uIPFdRYil0euHkWg8xoYZtD07HHEf Mu1s21s4ngbYnlm8XtjCmv5l4lvf/i/XqyJRH76/WQM= -----END CERTIFICATE-----Generated at Sun Aug 24 07:26:34 2025 by rpki-client