$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/NbDi8Af5Gmmz6J7SUj6VheHbgkQ.roa File: NbDi8Af5Gmmz6J7SUj6VheHbgkQ.roa (raw, json) Hash identifier: QshxsuPUbcaWeX3b7o/6+1HYkGZdF5/K5o7k1P2M0uo= Subject key identifier: 35:B0:E2:F0:07:F9:1A:69:B3:E8:9E:D2:52:3E:95:85:E1:DB:82:44 Certificate issuer: /CN=3F84FAED6CB47E112F24C6B0277A4862270672CA Certificate serial: 021D Authority key identifier: 3F:84:FA:ED:6C:B4:7E:11:2F:24:C6:B0:27:7A:48:62:27:06:72:CA Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/NbDi8Af5Gmmz6J7SUj6VheHbgkQ.roa Signing time: Fri 22 Aug 2025 09:01:16 +0000 ROA not before: Fri 22 Aug 2025 09:01:16 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 16509 IP address blocks: 113.192.24.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 03:26:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 541 (0x21d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3F84FAED6CB47E112F24C6B0277A4862270672CA Validity Not Before: Aug 22 09:01:16 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=35B0E2F007F91A69B3E89ED2523E9585E1DB8244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:76:c7:b4:79:01:95:cd:e7:fd:03:5c:a3:11: 9b:8b:3d:61:5f:40:b5:59:89:94:02:76:9a:99:d5: 48:9d:92:82:0f:04:e4:ca:a2:aa:44:fa:a2:cc:f5: 10:a4:e6:6c:18:09:83:35:92:f9:0c:59:e1:aa:e8: 6e:88:e9:4c:27:28:f3:1e:c9:8d:c1:40:18:9f:74: a1:f3:75:b4:ca:b9:45:d9:bc:e1:c6:2d:a8:ad:21: 71:bd:51:c1:dc:cb:fe:07:7c:70:bb:c9:6b:9e:e2: 2f:26:f3:82:8e:27:78:3e:df:bc:20:79:b3:68:89: b2:41:35:60:0c:dc:75:4c:19:b7:5f:28:cb:0f:ad: 03:cd:3a:4a:3b:a1:3c:0d:75:6c:d1:84:97:b9:a3: 05:7a:00:40:8f:92:0a:61:75:55:a5:f4:c6:8b:82: 09:9e:12:c9:94:6b:04:42:38:d5:97:e5:70:d4:39: dd:ef:9f:c8:87:85:ed:5c:f3:f9:b2:e3:26:e7:1d: 1d:9c:d7:d5:8e:25:37:e6:eb:df:c1:a7:16:fe:7a: 67:ef:9f:66:fa:b6:20:bf:e4:63:ac:27:87:78:4c: 15:0e:b6:5a:4b:52:c3:6f:38:ac:3f:c5:9d:bd:d1: fc:34:00:e4:c8:61:51:2f:ac:c8:72:9d:92:26:64: 2f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:B0:E2:F0:07:F9:1A:69:B3:E8:9E:D2:52:3E:95:85:E1:DB:82:44 X509v3 Authority Key Identifier: keyid:3F:84:FA:ED:6C:B4:7E:11:2F:24:C6:B0:27:7A:48:62:27:06:72:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/P4T67Wy0fhEvJMawJ3pIYicGcso.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/P4T67Wy0fhEvJMawJ3pIYicGcso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRONOSTECH/NbDi8Af5Gmmz6J7SUj6VheHbgkQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.192.24.0/23 Signature Algorithm: sha256WithRSAEncryption 99:1e:f5:55:84:91:62:c5:76:ac:a7:6a:c3:42:39:8e:e5:a3: fb:de:e1:49:8a:7e:82:5e:c8:fa:e8:29:61:96:29:5b:a8:0e: 4a:38:cd:6b:17:b0:b3:2b:a1:ee:31:ec:25:ac:c1:91:de:90: 87:52:f8:bf:d9:dc:ff:ff:66:b6:25:23:59:eb:93:6d:4d:45: 2e:2d:b9:41:fb:b5:21:c4:b3:0d:f6:90:b2:53:f7:8e:d6:1b: c8:11:ad:d8:f2:a5:e3:e3:17:f0:05:66:45:4b:77:17:b5:af: 06:b2:70:e6:43:be:36:91:45:1b:59:96:5f:fa:ec:98:c2:f1: 9a:a4:5e:a1:21:09:80:73:88:9f:44:46:4d:b4:77:41:4f:a9: 24:ec:25:07:5d:28:bb:08:3b:84:2d:e7:71:4d:92:43:46:b5: 17:e4:8c:90:78:5b:05:56:41:51:c9:58:83:e5:b7:26:43:46: 7b:d1:36:72:62:5e:70:56:61:4d:09:6b:c6:9a:72:b4:83:39: 8e:cc:97:d8:a8:39:f7:d5:b0:a1:e6:d4:1b:21:96:e3:a9:8a: 0b:ed:11:dc:2e:bb:4f:76:f2:d8:c8:e2:ea:5c:4d:28:74:a5: 69:c2:5d:92:15:23:06:fa:09:61:ca:1d:fc:a0:74:c5:23:8c: 62:a3:bf:dd -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0Y4 NEZBRUQ2Q0I0N0UxMTJGMjRDNkIwMjc3QTQ4NjIyNzA2NzJDQTAeFw0yNTA4MjIw OTAxMTZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDM1QjBFMkYwMDdGOTFB NjlCM0U4OUVEMjUyM0U5NTg1RTFEQjgyNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2dse0eQGVzef9A1yjEZuLPWFfQLVZiZQCdpqZ1UidkoIPBOTK oqpE+qLM9RCk5mwYCYM1kvkMWeGq6G6I6UwnKPMeyY3BQBifdKHzdbTKuUXZvOHG LaitIXG9UcHcy/4HfHC7yWue4i8m84KOJ3g+37wgebNoibJBNWAM3HVMGbdfKMsP rQPNOko7oTwNdWzRhJe5owV6AECPkgphdVWl9MaLggmeEsmUawRCONWX5XDUOd3v n8iHhe1c8/my4ybnHR2c19WOJTfm69/Bpxb+emfvn2b6tiC/5GOsJ4d4TBUOtlpL UsNvOKw/xZ290fw0AOTIYVEvrMhynZImZC9tAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUNbDi8Af5Gmmz6J7SUj6VheHbgkQwHwYDVR0jBBgwFoAUP4T67Wy0fhEvJMaw J3pIYicGcsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS1JPTk9T VEVDSC9QNFQ2N1d5MGZoRXZKTWF3SjNwSVlpY0djc28uY3JsMGAGCCsGAQUFBwEB BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U V05JQ0NBL1A0VDY3V3kwZmhFdkpNYXdKM3BJWWljR2Nzby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0tST05PU1RFQ0gvTmJEaThBZjVH bW16Nko3U1VqNlZoZUhiZ2tRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAXHAGDANBgkqhkiG9w0BAQsFAAOCAQEAmR71VYSRYsV2rKdqw0I5juWj +97hSYp+gl7I+ugpYZYpW6gOSjjNaxewsyuh7jHsJazBkd6Qh1L4v9nc//9mtiUj WeuTbU1FLi25Qfu1IcSzDfaQslP3jtYbyBGt2PKl4+MX8AVmRUt3F7WvBrJw5kO+ NpFFG1mWX/rsmMLxmqReoSEJgHOIn0RGTbR3QU+pJOwlB10ouwg7hC3ncU2SQ0a1 F+SMkHhbBVZBUclYg+W3JkNGe9E2cmJecFZhTQlrxppytIM5jsyX2Kg599WwoebU GyGW46mKC+0R3C67T3by2Mji6lxNKHSlacJdkhUjBvoJYcod/KB0xSOMYqO/3Q== -----END CERTIFICATE-----Generated at Mon Oct 20 23:27:15 2025 by rpki-client