$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/dKNb6BgHPbGXAr2zD9vl7ihJnbg.roa File: dKNb6BgHPbGXAr2zD9vl7ihJnbg.roa (raw, json) Hash identifier: EURJTRUePW4GNQc4W1PAvqd5XEtjifoMSFo4nD4EIhU= Subject key identifier: 74:A3:5B:E8:18:07:3D:B1:97:02:BD:B3:0F:DB:E5:EE:28:49:9D:B8 Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F14 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/dKNb6BgHPbGXAr2zD9vl7ihJnbg.roa Signing time: Fri 22 Aug 2025 09:03:46 +0000 ROA not before: Fri 22 Aug 2025 09:03:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131627 IP address blocks: 61.61.144.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3860 (0xf14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=74A35BE818073DB19702BDB30FDBE5EE28499DB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b5:f0:12:3a:d2:ba:cd:c3:fd:86:2e:e7:26: 00:dd:43:c3:7d:6b:c8:c4:35:e9:0f:f0:3a:bf:32: 15:ae:f6:12:88:35:6c:45:83:67:b8:ee:36:45:7f: 16:47:2f:6f:4f:56:e0:2f:d4:05:a1:3c:ac:f2:55: 1c:f2:b7:b1:59:e0:45:50:70:cf:d8:0b:3d:79:16: 05:71:76:5a:3b:29:22:40:68:03:6d:03:55:03:8a: 2c:9b:22:da:7d:10:50:92:41:9d:ff:99:a2:75:5b: 68:76:ee:1a:ee:63:2c:ae:ea:98:7b:89:5d:a0:10: 27:86:47:9c:2a:c4:46:0b:df:3e:2b:94:a0:48:80: c0:9b:4e:11:96:eb:1e:06:4b:90:3d:b6:1b:0c:f1: cc:a7:f9:ac:1b:4d:52:20:37:11:32:6e:58:cb:40: ff:b8:bb:ff:a4:40:30:82:06:d8:7b:6d:f3:8a:5e: 82:4f:60:68:23:a0:2c:2d:07:d8:8a:de:ef:cc:ef: 80:19:9b:32:6d:32:70:d2:8f:31:44:b0:46:fa:43: 36:1b:0b:50:6d:64:e2:6a:9c:10:21:f7:40:f6:5e: 27:62:5a:2e:f9:81:13:f3:64:0e:6a:86:b6:f8:f4: 44:07:d4:4c:b4:f5:b2:5e:f5:84:d6:fd:06:b8:9e: 93:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:A3:5B:E8:18:07:3D:B1:97:02:BD:B3:0F:DB:E5:EE:28:49:9D:B8 X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/dKNb6BgHPbGXAr2zD9vl7ihJnbg.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.144.0/21 Signature Algorithm: sha256WithRSAEncryption 63:84:1d:d9:d3:68:17:b8:f5:ad:f6:b3:8a:b9:0c:dd:ce:74: 17:42:ba:0a:4e:49:e8:16:a3:9f:e3:27:e9:76:06:a1:7a:8b: 01:3a:f1:ed:8c:bc:a1:a8:e5:27:20:43:51:2b:50:63:68:fe: 35:e3:25:09:47:d5:59:49:4f:37:61:37:af:08:58:cd:97:33: 2d:23:a6:f6:55:21:0e:f5:b2:a8:1d:4f:bd:f2:31:25:58:05: 07:0d:09:cd:cf:0c:f5:34:4e:0a:79:fe:17:e6:fd:b9:a5:da: 8a:05:94:24:da:b6:06:87:19:5f:22:d7:78:f2:e8:89:33:6d: 89:9b:31:08:e1:89:63:e4:df:c0:11:02:dd:70:61:84:b1:d1: bc:92:7d:b8:11:ed:bd:b2:2e:07:87:1d:26:b3:b5:9f:88:8d: 08:22:1a:2d:fe:8f:12:59:b5:cc:79:14:8b:9f:65:aa:26:53: bc:2a:3e:64:c0:b6:0b:ee:64:b8:d9:13:e7:23:0b:32:eb:ee: 35:81:f7:84:48:db:a1:48:6c:13:81:85:9b:3b:9d:15:e0:7f: f4:f1:0d:5a:9f:cc:9d:9d:35:c0:57:69:76:f5:fd:4b:b9:4b: b9:35:58:1c:a9:90:77:de:70:fb:21:99:bf:d2:f0:81:6c:b2: f4:3a:3f:73 -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDc0QTM1QkU4MTgwNzNE QjE5NzAyQkRCMzBGREJFNUVFMjg0OTlEQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDtfASOtK6zcP9hi7nJgDdQ8N9a8jENekP8Dq/MhWu9hKINWxF g2e47jZFfxZHL29PVuAv1AWhPKzyVRzyt7FZ4EVQcM/YCz15FgVxdlo7KSJAaANt A1UDiiybItp9EFCSQZ3/maJ1W2h27hruYyyu6ph7iV2gECeGR5wqxEYL3z4rlKBI gMCbThGW6x4GS5A9thsM8cyn+awbTVIgNxEybljLQP+4u/+kQDCCBth7bfOKXoJP YGgjoCwtB9iK3u/M74AZmzJtMnDSjzFEsEb6QzYbC1BtZOJqnBAh90D2XidiWi75 gRPzZA5qhrb49EQH1Ey09bJe9YTW/Qa4npNFAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUdKNb6BgHPbGXAr2zD9vl7ihJnbgwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2RLTmI2QmdIUGJHWEFyMnpEOXZsN2lo Sm5iZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PZAwDQYJ KoZIhvcNAQELBQADggEBAGOEHdnTaBe49a32s4q5DN3OdBdCugpOSegWo5/jJ+l2 BqF6iwE68e2MvKGo5ScgQ1ErUGNo/jXjJQlH1VlJTzdhN68IWM2XMy0jpvZVIQ71 sqgdT73yMSVYBQcNCc3PDPU0Tgp5/hfm/bml2ooFlCTatgaHGV8i13jy6IkzbYmb MQjhiWPk38ARAt1wYYSx0bySfbgR7b2yLgeHHSaztZ+IjQgiGi3+jxJZtcx5FIuf ZaomU7wqPmTAtgvuZLjZE+cjCzLr7jWB94RI26FIbBOBhZs7nRXgf/TxDVqfzJ2d NcBXaXb1/Uu5S7k1WBypkHfecPshmb/S8IFssvQ6P3M= -----END CERTIFICATE-----Generated at Sun Aug 24 05:33:19 2025 by rpki-client