$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/tSs09ZuNNjhcaUhNKw_f-1dr9B4.roa File: tSs09ZuNNjhcaUhNKw_f-1dr9B4.roa (raw, json) Hash identifier: /flT2vOyrWd2XhZBD9PtpgXKoVRzpNY65qds0LUaxcM= Subject key identifier: B5:2B:34:F5:9B:8D:36:38:5C:69:48:4D:2B:0F:DF:FB:57:6B:F4:1E Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Certificate serial: 0F08 Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/tSs09ZuNNjhcaUhNKw_f-1dr9B4.roa Signing time: Fri 22 Aug 2025 09:03:44 +0000 ROA not before: Fri 22 Aug 2025 09:03:44 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18049 IP address blocks: 61.61.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3848 (0xf08) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3 Validity Not Before: Aug 22 09:03:44 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=B52B34F59B8D36385C69484D2B0FDFFB576BF41E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:56:8b:61:4c:78:39:42:9d:e7:15:97:85:a5: 7b:c4:9d:fb:c3:13:90:0e:8a:e1:2d:4c:12:19:09: 9c:14:b6:bf:f8:5f:93:0c:f4:fc:d4:8c:71:e1:80: 90:71:4d:3c:e9:01:7f:fa:7d:61:1d:8f:0e:a3:f8: 67:21:8c:6a:d6:46:f9:ef:94:9f:fa:2e:64:bf:21: 9c:45:74:32:04:80:b5:99:a3:b7:e2:62:e6:19:f0: 4e:24:1a:1e:5e:22:32:db:0c:00:26:d0:ef:cb:71: a6:c9:c4:e5:bf:ae:e6:32:72:ee:d6:9f:8a:02:84: 34:b9:66:ba:bc:8d:d3:2a:7f:49:7d:ea:2c:d5:1d: dd:8c:1f:a6:f6:b9:08:f0:aa:70:6d:6d:a2:2c:03: 2f:9d:7d:52:b1:a1:c1:8d:94:2d:1d:06:33:d2:b8: 86:1d:ac:81:d8:1b:2c:c3:5f:f6:07:83:2a:11:2e: 41:75:e8:7a:ca:e9:b8:27:b1:b6:d1:7e:35:59:d4: 8b:74:26:fe:7e:5f:08:7b:d9:b8:87:b3:01:70:aa: e8:da:b4:4c:fd:ca:fd:15:0a:e5:f1:aa:a2:db:26: c2:64:0f:76:ed:05:98:f3:91:9a:4b:c1:9b:23:8b: 4b:a6:03:59:a2:9e:66:78:22:cf:9b:2a:ab:46:c3: 0c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:2B:34:F5:9B:8D:36:38:5C:69:48:4D:2B:0F:DF:FB:57:6B:F4:1E X509v3 Authority Key Identifier: keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/tSs09ZuNNjhcaUhNKw_f-1dr9B4.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 61.61.56.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:53:dc:7c:f1:aa:98:f6:42:7a:3e:11:21:a7:e5:2c:8c:fe: 49:75:ee:38:8c:6e:ed:c6:92:37:96:1b:3a:f1:9c:52:b9:e1: ba:d5:08:5c:74:b0:86:f6:31:1e:73:a2:8b:24:0a:01:b0:4b: ca:b1:17:88:5c:71:0b:85:42:a0:0d:a4:4d:ea:84:cd:48:10: 7e:45:ab:c2:8f:36:b4:b9:a3:0e:68:74:cb:3d:4d:c1:07:a1: b0:f3:d9:6e:bf:5c:9e:ea:86:10:3a:17:af:c1:15:28:26:2f: b5:ed:8c:30:03:f8:6f:12:25:4c:f7:ca:f0:3c:26:1e:a6:8f: df:83:86:3f:07:33:d3:97:82:60:1b:4a:79:19:f5:0e:67:55: a1:e3:b3:e1:96:ea:52:6d:bc:cd:6d:9c:46:24:e1:2f:dc:ab: 09:d7:17:3e:39:76:25:ed:1a:10:1c:49:01:40:b7:6d:07:5a: 5b:9b:15:4d:4f:56:91:0d:e0:8c:94:fb:19:58:ea:83:95:46: e8:26:d9:d9:fa:85:42:37:4f:45:74:ad:ee:84:82:1f:6c:61: d8:a1:6c:34:34:01:43:d5:f6:d3:07:38:ad:94:ef:d7:d2:94: a1:bb:43:2e:6b:a3:20:9d:22:91:eb:1f:ed:10:6a:35:55:25: 32:2a:c6:3a -----BEGIN CERTIFICATE----- MIIEzDCCA7SgAwIBAgICDwgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3 MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTA4MjIw OTAzNDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEI1MkIzNEY1OUI4RDM2 Mzg1QzY5NDg0RDJCMEZERkZCNTc2QkY0MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiVothTHg5Qp3nFZeFpXvEnfvDE5AOiuEtTBIZCZwUtr/4X5MM 9PzUjHHhgJBxTTzpAX/6fWEdjw6j+GchjGrWRvnvlJ/6LmS/IZxFdDIEgLWZo7fi YuYZ8E4kGh5eIjLbDAAm0O/LcabJxOW/ruYycu7Wn4oChDS5Zrq8jdMqf0l96izV Hd2MH6b2uQjwqnBtbaIsAy+dfVKxocGNlC0dBjPSuIYdrIHYGyzDX/YHgyoRLkF1 6HrK6bgnsbbRfjVZ1It0Jv5+Xwh72biHswFwqujatEz9yv0VCuXxqqLbJsJkD3bt BZjzkZpLwZsji0umA1minmZ4Is+bKqtGwwwnAgMBAAGjggHoMIIB5DAdBgNVHQ4E FgQUtSs09ZuNNjhcaUhNKw/f+1dr9B4wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50 d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3RTczA5WnVOTmpoY2FVaE5Ld19mLTFk cjlCNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTgwDQYJ KoZIhvcNAQELBQADggEBAJ9T3Hzxqpj2Qno+ESGn5SyM/kl17jiMbu3GkjeWGzrx nFK54brVCFx0sIb2MR5zooskCgGwS8qxF4hccQuFQqANpE3qhM1IEH5Fq8KPNrS5 ow5odMs9TcEHobDz2W6/XJ7qhhA6F6/BFSgmL7XtjDAD+G8SJUz3yvA8Jh6mj9+D hj8HM9OXgmAbSnkZ9Q5nVaHjs+GW6lJtvM1tnEYk4S/cqwnXFz45diXtGhAcSQFA t20HWlubFU1PVpEN4IyU+xlY6oOVRugm2dn6hUI3T0V0re6Egh9sYdihbDQ0AUPV 9tMHOK2U79fSlKG7Qy5royCdIpHrH+0QajVVJTIqxjo= -----END CERTIFICATE-----Generated at Sun Aug 24 07:31:59 2025 by rpki-client