$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/z_k5BaajG_dnYSMKj3tUGE5B-kU.roa File: z_k5BaajG_dnYSMKj3tUGE5B-kU.roa (raw, json) Hash identifier: 8nJ2GeAM8p4JgFdru7DTU1hVDZSDf4B0vSWUBpEXY2I= Subject key identifier: CF:F9:39:05:A6:A3:1B:F7:67:61:23:0A:8F:7B:54:18:4E:41:FA:45 Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C Certificate serial: 01E1 Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/z_k5BaajG_dnYSMKj3tUGE5B-kU.roa Signing time: Fri 22 Aug 2025 08:44:09 +0000 ROA not before: Fri 22 Aug 2025 08:44:09 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 141001 IP address blocks: 157.20.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 481 (0x1e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C Validity Not Before: Aug 22 08:44:09 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CFF93905A6A31BF76761230A8F7B54184E41FA45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:84:13:70:b5:b3:75:80:a0:63:6b:96:06:63: 84:dd:af:e0:b4:11:ab:15:bf:57:4c:f1:f2:a6:37: 74:4c:af:0c:39:e5:4d:8e:ca:9b:57:f9:a0:fa:8d: 4b:7e:19:af:be:f9:2a:f8:5a:39:31:17:05:ff:23: 66:9c:ce:70:d7:a7:0e:69:08:57:14:84:83:98:b0: 8d:d1:e9:1a:85:ac:65:6e:82:58:f5:d2:3a:71:94: 7c:74:bd:32:14:b8:ca:97:d7:3d:96:18:5b:74:17: ce:6a:85:28:da:13:bf:16:44:ba:1f:cf:39:a7:00: 5c:57:b5:84:5c:07:15:85:ec:9c:bb:0d:41:88:a0: 68:b5:a1:75:f1:79:c4:23:2a:cf:18:6e:dc:c5:43: f3:39:1d:45:f2:be:10:35:46:52:7c:60:5f:0a:d9: eb:1e:3d:15:c1:6a:6e:2d:ac:02:b5:b2:2b:04:f8: cf:f7:c6:f3:d7:c5:9f:1a:53:28:b3:d7:bc:16:3c: 72:87:c2:bd:fb:44:4b:de:2f:3e:fd:72:39:bd:d9: 2c:88:43:43:d1:40:c2:bb:79:16:b4:81:e2:a6:f5: 22:eb:c0:bb:93:4b:ee:53:4a:16:6b:28:2a:b1:67: 77:dd:21:ff:98:ce:a7:76:bc:fb:28:ba:60:08:66: f4:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:F9:39:05:A6:A3:1B:F7:67:61:23:0A:8F:7B:54:18:4E:41:FA:45 X509v3 Authority Key Identifier: keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/z_k5BaajG_dnYSMKj3tUGE5B-kU.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.135.0/24 Signature Algorithm: sha256WithRSAEncryption 17:73:17:e0:b7:26:be:72:95:71:d6:7c:30:3c:3d:08:eb:53: f8:2f:17:cb:b3:05:f4:fb:56:fd:2f:01:3f:a9:d1:47:24:f6: c1:d4:5d:90:71:62:c2:ca:06:58:6e:c6:61:d0:e7:db:92:f9: 96:8e:f8:fb:22:d5:bc:d0:45:a4:32:22:72:cc:7f:1c:5f:cd: 12:c6:a6:96:55:57:f8:37:c3:68:1c:24:4f:64:5b:8f:56:1b: 86:57:f4:1a:9d:35:09:a4:fb:19:e0:27:a2:24:75:f8:43:af: 6c:47:15:fc:f5:3e:84:52:ee:fd:76:b3:a9:99:b7:2e:41:6a: 0d:24:40:b3:db:60:5a:f0:26:7d:97:b0:08:ba:75:d4:e5:f4: 47:69:0a:30:59:f9:ed:80:3b:ab:62:4b:61:04:0a:8e:fc:0d: 6d:96:ae:af:b6:92:ed:62:11:55:c7:ba:e5:2b:7b:ff:12:9b: 70:5d:8a:3c:d0:be:98:ec:83:3d:bd:99:1c:9e:9d:c1:3d:bf: 10:32:4e:66:11:55:c3:f9:d0:7a:07:3f:84:56:f7:e8:9e:44: 0c:34:a7:f2:3a:e1:da:33:84:95:cc:21:a5:d0:02:f9:4f:cc: 81:e5:c4:91:c7:1e:d6:73:b1:5f:69:94:e6:2f:4d:eb:3c:68: 2e:34:a8:a7 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICAeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdE M0U3M0VDNUVCM0Q3MDQ4NjM4ODlFMjIxODQ1Qjc2OTVENDA5QzAeFw0yNTA4MjIw ODQ0MDlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENGRjkzOTA1QTZBMzFC Rjc2NzYxMjMwQThGN0I1NDE4NEU0MUZBNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQhBNwtbN1gKBja5YGY4Tdr+C0EasVv1dM8fKmN3RMrww55U2O yptX+aD6jUt+Ga+++Sr4WjkxFwX/I2acznDXpw5pCFcUhIOYsI3R6RqFrGVuglj1 0jpxlHx0vTIUuMqX1z2WGFt0F85qhSjaE78WRLofzzmnAFxXtYRcBxWF7Jy7DUGI oGi1oXXxecQjKs8YbtzFQ/M5HUXyvhA1RlJ8YF8K2esePRXBam4trAK1sisE+M/3 xvPXxZ8aUyiz17wWPHKHwr37REveLz79cjm92SyIQ0PRQMK7eRa0geKm9SLrwLuT S+5TShZrKCqxZ3fdIf+Yzqd2vPsoumAIZvQLAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUz/k5BaajG/dnYSMKj3tUGE5B+kUwHwYDVR0jBBgwFoAUB9PnPsXrPXBIY4ie IhhFt2ldQJwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTTJOSU0v QjlQblBzWHJQWEJJWTRpZUloaEZ0MmxkUUp3LmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9COVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS96X2s1QmFhakdfZG5ZU01LajN0 VUdFNUIta1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRSH MA0GCSqGSIb3DQEBCwUAA4IBAQAXcxfgtya+cpVx1nwwPD0I61P4LxfLswX0+1b9 LwE/qdFHJPbB1F2QcWLCygZYbsZh0OfbkvmWjvj7ItW80EWkMiJyzH8cX80SxqaW VVf4N8NoHCRPZFuPVhuGV/QanTUJpPsZ4CeiJHX4Q69sRxX89T6EUu79drOpmbcu QWoNJECz22Ba8CZ9l7AIunXU5fRHaQowWfntgDurYkthBAqO/A1tlq6vtpLtYhFV x7rlK3v/EptwXYo80L6Y7IM9vZkcnp3BPb8QMk5mEVXD+dB6Bz+EVvfonkQMNKfy OuHaM4SVzCGl0AL5T8yB5cSRxx7Wc7FfaZTmL03rPGguNKin -----END CERTIFICATE-----Generated at Sun Aug 24 05:32:16 2025 by rpki-client