$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/aiTjnE1YXzMts3gvgOM3Hk8FIz0.roa File: aiTjnE1YXzMts3gvgOM3Hk8FIz0.roa (raw, json) Hash identifier: 2bNMTW0AevRUaXvbhoq+oG+n3vHI2bHeiXMMJmfpPjo= Subject key identifier: 6A:24:E3:9C:4D:58:5F:33:2D:B3:78:2F:80:E3:37:1E:4F:05:23:3D Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F0E Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/aiTjnE1YXzMts3gvgOM3Hk8FIz0.roa Signing time: Fri 22 Aug 2025 09:03:45 +0000 ROA not before: Fri 22 Aug 2025 09:03:45 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9922 IP address blocks: 61.61.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3854 (0xf0e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:45 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=6A24E39C4D585F332DB3782F80E3371E4F05233D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d6:cf:7c:a6:63:3a:46:e9:92:59:7a:14:1f: f8:7c:1f:e0:48:b0:fc:f0:58:81:0f:cd:8d:d8:ce: 9f:cc:79:0d:03:90:3d:1a:44:33:be:40:16:83:26: 16:a5:d0:4f:86:18:94:63:6c:13:ff:24:fa:89:fc: 5f:5d:f8:39:87:13:25:15:7d:e1:c2:f7:03:ae:4c: ba:d5:b9:3c:38:ee:6f:a3:c8:1d:1c:c5:77:45:78: 8f:d4:49:86:76:88:0b:8c:c9:b0:4c:f2:a8:5e:d5: 19:0d:d9:5f:c5:ef:95:fd:7c:57:1a:31:75:e1:45: b3:54:e3:38:62:aa:70:2c:d6:9d:9a:70:11:fb:27: 13:34:74:24:bd:41:dd:40:cb:44:fa:78:cf:49:17: 74:8c:0b:a1:8c:e4:ab:39:50:87:69:0b:fe:e1:4c: a7:23:54:58:aa:ee:be:ee:2c:b1:9f:a4:e2:cc:88: bd:90:66:66:d4:c4:29:01:2c:9d:f8:f9:c2:a2:7e: 76:a5:3e:07:5d:04:06:85:de:9f:40:c5:37:57:c0: 33:25:d8:d1:83:2a:d1:b2:63:9c:00:53:91:e5:67: 03:e7:7d:1d:a8:05:f5:54:9c:1d:19:c5:fc:a0:f5: a1:77:55:06:9b:70:5d:1c:c3:e4:ec:cc:29:02:a8: 6f:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:24:E3:9C:4D:58:5F:33:2D:B3:78:2F:80:E3:37:1E:4F:05:23:3D X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/aiTjnE1YXzMts3gvgOM3Hk8FIz0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.152.0/22 Signature Algorithm: sha256WithRSAEncryption 01:c1:02:95:f3:d8:be:f2:44:f1:5f:1e:59:23:fe:58:fb:c8: 99:63:04:c6:ea:8c:c4:6a:b3:9c:a1:95:21:be:fb:ff:87:73: d4:0d:ac:58:ba:cf:11:2f:a2:4b:08:64:a8:ac:4c:05:65:c3: c3:76:3d:df:19:ff:aa:81:c5:b9:ab:c6:aa:78:c6:29:84:e4: ed:fa:5e:c1:d6:76:07:1d:56:fd:7a:f8:55:c5:0c:08:24:1f: ff:8c:9e:3d:c8:ed:ed:a1:f2:5b:60:0c:0a:78:df:c8:82:a0: 86:13:29:e9:fd:96:cd:00:a0:8f:db:71:47:82:76:26:94:c3: 1a:e9:fc:77:23:ce:54:7e:70:9b:43:b9:1c:62:d2:07:13:06: 86:f8:b8:61:8e:c2:0b:61:ca:5c:db:f0:f8:fb:cd:ad:01:1b: 0f:25:87:e7:8c:dd:d8:fa:c9:ac:e1:06:83:7f:6a:9c:a0:a6: 74:0b:bd:72:7b:5c:28:67:c6:79:ce:8a:b7:36:a6:0b:be:23: 34:c2:c5:66:a3:99:78:96:9e:5b:ec:ce:ff:7d:4b:d4:40:44: 58:c7:67:88:6f:83:43:48:5a:c9:d2:af:12:32:ae:0f:78:11: c9:2f:55:42:72:a4:67:b9:76:93:da:80:dc:d6:40:32:98:05: d4:22:a5:bb -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDw4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDZBMjRFMzlDNEQ1ODVG MzMyREIzNzgyRjgwRTMzNzFFNEYwNTIzM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC21s98pmM6RumSWXoUH/h8H+BIsPzwWIEPzY3Yzp/MeQ0DkD0a RDO+QBaDJhal0E+GGJRjbBP/JPqJ/F9d+DmHEyUVfeHC9wOuTLrVuTw47m+jyB0c xXdFeI/USYZ2iAuMybBM8qhe1RkN2V/F75X9fFcaMXXhRbNU4zhiqnAs1p2acBH7 JxM0dCS9Qd1Ay0T6eM9JF3SMC6GM5Ks5UIdpC/7hTKcjVFiq7r7uLLGfpOLMiL2Q ZmbUxCkBLJ34+cKifnalPgddBAaF3p9AxTdXwDMl2NGDKtGyY5wAU5HlZwPnfR2o BfVUnB0Zxfyg9aF3VQabcF0cw+TszCkCqG/XAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUaiTjnE1YXzMts3gvgOM3Hk8FIz0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2FpVGpuRTFZWHpNdHMzZ3ZnT00zSGs4 Rkl6MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PZgwDQYJ KoZIhvcNAQELBQADggEBAAHBApXz2L7yRPFfHlkj/lj7yJljBMbqjMRqs5yhlSG+ +/+Hc9QNrFi6zxEvoksIZKisTAVlw8N2Pd8Z/6qBxbmrxqp4ximE5O36XsHWdgcd Vv16+FXFDAgkH/+Mnj3I7e2h8ltgDAp438iCoIYTKen9ls0AoI/bcUeCdiaUwxrp /HcjzlR+cJtDuRxi0gcTBob4uGGOwgthylzb8Pj7za0BGw8lh+eM3dj6yazhBoN/ apygpnQLvXJ7XChnxnnOirc2pgu+IzTCxWajmXiWnlvszv99S9RARFjHZ4hvg0NI WsnSrxIyrg94EckvVUJypGe5dpPagNzWQDKYBdQipbs= -----END CERTIFICATE-----Generated at Sun Aug 24 07:31:57 2025 by rpki-client