$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Cg7tohmMh5saCNIzU2ngrmhS4hQ.roa File: Cg7tohmMh5saCNIzU2ngrmhS4hQ.roa (raw, json) Hash identifier: xLFhUUQSzCZzSuN6C34hcq+pSFhdqgsCF6lBLi1RME0= Subject key identifier: 0A:0E:ED:A2:19:8C:87:9B:1A:08:D2:33:53:69:E0:AE:68:52:E2:14 Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5 Certificate serial: 01CD Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Cg7tohmMh5saCNIzU2ngrmhS4hQ.roa Signing time: Fri 22 Aug 2025 08:49:57 +0000 ROA not before: Fri 22 Aug 2025 08:49:57 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131147 IP address blocks: 157.66.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5 Validity Not Before: Aug 22 08:49:57 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=0A0EEDA2198C879B1A08D2335369E0AE6852E214 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bd:c2:3d:3c:fd:c9:57:52:a0:f1:75:1e:e9: f1:16:76:20:54:1c:aa:67:21:87:14:dd:70:35:ff: 62:c0:db:85:77:48:00:2f:b5:d3:3e:3a:93:3e:2a: 26:22:ac:14:b9:b7:8f:1d:dd:30:b4:44:69:9d:e0: 06:09:b4:ed:38:f8:8e:83:8d:c1:70:55:1e:b2:f4: d2:7b:19:25:a0:72:d6:ef:40:9a:8a:52:d7:ed:84: cc:94:42:57:bd:94:0a:14:ec:ee:51:ae:6b:42:9a: 02:8d:48:e6:38:21:6d:89:e1:d0:15:09:fc:ba:70: c0:14:11:b4:6b:15:0c:dd:9a:1d:a0:79:51:3b:b0: c0:d9:07:88:f0:43:f1:94:f1:bd:e8:07:fc:3b:d5: 9d:db:a8:aa:d3:27:b4:a5:c4:44:9a:48:8d:b8:40: d5:1d:8e:2d:ed:d9:1a:ff:cf:0d:00:d4:b2:50:e5: dd:7d:d9:eb:c2:a1:bd:62:6d:6e:bb:01:73:d7:5a: 82:84:85:05:e8:74:5d:24:84:1b:d4:e8:da:fe:41: fa:26:d8:f0:e5:2a:44:5b:92:54:fc:c7:8d:34:91: ce:30:b1:0d:0c:57:61:c2:87:2d:33:08:ed:58:40: 3a:d7:1a:e9:d7:72:9e:f7:90:dc:51:fe:96:6a:17: 8e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:0E:ED:A2:19:8C:87:9B:1A:08:D2:33:53:69:E0:AE:68:52:E2:14 X509v3 Authority Key Identifier: keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Cg7tohmMh5saCNIzU2ngrmhS4hQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.167.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:0c:b3:26:e5:d2:9d:72:a3:0a:08:e5:de:40:12:7e:b4:a2: 28:4f:a4:35:77:04:14:f9:8c:80:55:53:55:2f:bd:82:16:1c: 0d:f9:a5:8e:6a:07:66:d6:3e:f1:91:83:47:27:36:67:c2:c5: ee:6b:39:a2:1e:5b:5d:ac:23:10:70:0b:9a:ad:84:39:0a:ca: c1:7e:57:07:4f:69:8b:d3:f1:8c:bf:b5:84:d4:af:62:5e:c3: f9:79:70:0f:dc:c8:bd:33:f2:21:46:e3:ce:c2:b6:0a:56:b1: bb:6a:29:4c:ab:ed:5a:2f:89:3a:3e:41:51:09:87:e3:8e:ed: 8f:64:88:69:2a:db:68:cc:0c:12:b1:5f:5f:6e:3f:fc:3e:71: 74:88:02:68:c2:5e:ce:2a:b6:84:5d:21:4a:db:c8:86:f9:05: 75:76:08:35:8b:cd:95:ba:7b:e0:c1:83:89:c8:cc:a8:05:03: 8d:01:55:c9:4c:53:03:fd:dc:4f:47:60:dd:2f:16:ec:dd:b4: 39:83:8e:d3:1c:66:ba:67:41:65:82:6a:b0:73:94:5f:64:41: 54:c8:43:7e:ec:47:fb:67:6e:5d:5b:1e:ea:4d:3e:8a:86:a1: 3c:43:8d:f1:c4:4c:bc:48:c8:50:71:60:bb:68:25:1c:e7:c8: 48:c1:5d:e2 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDk2 NkI1NTkwOTMyNDE4MEE4OEE0NUUxRjY4M0NGNEQyRUQ5QkNBNTAeFw0yNTA4MjIw ODQ5NTdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBBMEVFREEyMTk4Qzg3 OUIxQTA4RDIzMzUzNjlFMEFFNjg1MkUyMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4vcI9PP3JV1Kg8XUe6fEWdiBUHKpnIYcU3XA1/2LA24V3SAAv tdM+OpM+KiYirBS5t48d3TC0RGmd4AYJtO04+I6DjcFwVR6y9NJ7GSWgctbvQJqK UtfthMyUQle9lAoU7O5RrmtCmgKNSOY4IW2J4dAVCfy6cMAUEbRrFQzdmh2geVE7 sMDZB4jwQ/GU8b3oB/w71Z3bqKrTJ7SlxESaSI24QNUdji3t2Rr/zw0A1LJQ5d19 2evCob1ibW67AXPXWoKEhQXodF0khBvU6Nr+Qfom2PDlKkRbklT8x400kc4wsQ0M V2HChy0zCO1YQDrXGunXcp73kNxR/pZqF457AgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUCg7tohmMh5saCNIzU2ngrmhS4hQwHwYDVR0jBBgwFoAU2Wa1WQkyQYCoikXh 9oPPTS7ZvKUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v MldhMVdRa3lRWUNvaWtYaDlvUFBUUzdadktVLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS8yV2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9DZzd0b2htTWg1c2FDTkl6VTJu Z3JtaFM0aFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnUKn MA0GCSqGSIb3DQEBCwUAA4IBAQB8DLMm5dKdcqMKCOXeQBJ+tKIoT6Q1dwQU+YyA VVNVL72CFhwN+aWOagdm1j7xkYNHJzZnwsXuazmiHltdrCMQcAuarYQ5CsrBflcH T2mL0/GMv7WE1K9iXsP5eXAP3Mi9M/IhRuPOwrYKVrG7ailMq+1aL4k6PkFRCYfj ju2PZIhpKttozAwSsV9fbj/8PnF0iAJowl7OKraEXSFK28iG+QV1dgg1i82Vunvg wYOJyMyoBQONAVXJTFMD/dxPR2DdLxbs3bQ5g47THGa6Z0Flgmqwc5RfZEFUyEN+ 7Ef7Z25dWx7qTT6KhqE8Q43xxEy8SMhQcWC7aCUc58hIwV3i -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:49 2025 by rpki-client