$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/OqLPsOAPjbrqOBr2KSb8krWphVk.roa File: OqLPsOAPjbrqOBr2KSb8krWphVk.roa (raw, json) Hash identifier: 0YKbAc8Ss5fIALR/C8QfAAMnnb9z/ZXqFxNVIeF5NJw= Subject key identifier: 3A:A2:CF:B0:E0:0F:8D:BA:EA:38:1A:F6:29:26:FC:92:B5:A9:85:59 Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE Certificate serial: 01EE Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/OqLPsOAPjbrqOBr2KSb8krWphVk.roa Signing time: Fri 22 Aug 2025 09:01:27 +0000 ROA not before: Fri 22 Aug 2025 09:01:27 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 150772 IP address blocks: 157.20.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 494 (0x1ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE Validity Not Before: Aug 22 09:01:27 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=3AA2CFB0E00F8DBAEA381AF62926FC92B5A98559 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:52:46:9c:9b:be:fe:f9:71:98:aa:b4:68:b8: 4a:aa:41:5b:aa:54:3a:d3:3f:4c:2b:b7:34:ea:80: e5:3f:90:c9:0b:39:c2:34:34:53:3d:c8:4c:52:13: 3c:e0:ca:df:67:6f:dd:da:4f:78:92:c3:40:96:2c: cb:ce:4b:f9:bb:f5:43:9f:d7:4c:a4:b2:17:48:d2: 45:8e:5c:7b:4d:79:c4:73:14:8e:51:3a:1c:71:a1: 48:83:a5:e3:da:c9:dc:3a:c9:7d:06:db:1f:14:02: 71:a4:db:86:31:a6:46:f8:d5:42:15:72:63:df:b9: b1:6f:fc:8a:20:f9:ff:27:65:95:e1:8e:49:d8:4c: 22:f5:fb:69:35:2b:5f:f9:87:fc:fc:2c:e6:d8:97: a8:06:ca:a4:cf:4f:51:75:42:2e:3e:15:9a:2c:70: 0e:9a:08:ee:d1:62:46:75:1b:5b:82:c4:19:89:28: c1:7d:c5:fe:4e:d0:46:6c:34:1a:13:00:71:73:3c: aa:d1:5a:96:50:93:54:13:a0:33:b9:eb:46:57:45: 6b:6b:4b:c0:ed:b9:1e:69:3f:43:95:89:71:23:cc: 95:c7:7c:c4:5c:73:d0:d1:15:bd:f9:60:04:c8:ce: 77:27:6c:0f:c0:67:42:57:44:25:3b:a0:22:de:6a: a3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:A2:CF:B0:E0:0F:8D:BA:EA:38:1A:F6:29:26:FC:92:B5:A9:85:59 X509v3 Authority Key Identifier: keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/OqLPsOAPjbrqOBr2KSb8krWphVk.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.20.107.0/24 Signature Algorithm: sha256WithRSAEncryption 58:b4:65:ae:2d:be:73:55:c0:33:9e:8c:99:4a:07:46:ad:7b: 87:df:6a:41:b5:6a:73:e1:48:5b:81:06:5b:4b:e4:d2:5d:d8: 63:b0:b2:e9:44:d2:e1:3c:48:ab:f3:f8:3c:84:49:da:bf:e4: 09:cb:76:8f:96:cb:b1:fc:08:bf:c4:fe:72:03:72:0d:59:a1: ec:da:6d:26:58:49:21:2e:71:fd:9f:54:7f:74:6b:f0:4f:2a: 96:ee:80:0f:36:37:eb:a2:2d:6a:e9:31:3e:31:30:cd:e6:31: 28:b5:2c:24:73:c8:fc:2a:35:77:cb:de:43:75:6d:c5:6e:ec: ac:76:81:5d:7c:4e:73:c9:10:c9:f0:40:23:1a:65:92:00:93: 8c:d3:5b:f8:c1:38:45:d9:2d:40:90:d5:71:11:d7:3f:0d:23: da:22:33:75:7d:dd:4f:0c:e0:b3:4a:ed:af:66:85:fe:cc:48: c1:da:c4:9c:cc:d7:90:1b:03:31:f4:81:ff:d8:62:11:30:29: 6d:e8:f8:2f:84:48:24:c6:a5:05:6a:1a:bc:9e:23:6a:aa:cf: 74:c6:25:60:b0:76:5e:2a:1c:f0:ec:e8:57:01:68:19:07:26: 79:70:26:11:e5:6f:5b:39:8e:bd:c2:2c:a7:7f:50:86:bb:cb: ce:04:75:de -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTA4MjIw OTAxMjdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNBQTJDRkIwRTAwRjhE QkFFQTM4MUFGNjI5MjZGQzkyQjVBOTg1NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8Ukacm77++XGYqrRouEqqQVuqVDrTP0wrtzTqgOU/kMkLOcI0 NFM9yExSEzzgyt9nb93aT3iSw0CWLMvOS/m79UOf10ykshdI0kWOXHtNecRzFI5R OhxxoUiDpePaydw6yX0G2x8UAnGk24Yxpkb41UIVcmPfubFv/Iog+f8nZZXhjknY TCL1+2k1K1/5h/z8LObYl6gGyqTPT1F1Qi4+FZoscA6aCO7RYkZ1G1uCxBmJKMF9 xf5O0EZsNBoTAHFzPKrRWpZQk1QToDO560ZXRWtrS8DtuR5pP0OViXEjzJXHfMRc c9DRFb35YATIzncnbA/AZ0JXRCU7oCLeaqPhAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUOqLPsOAPjbrqOBr2KSb8krWphVkwHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvT3FMUHNPQVBqYnJxT0JyMktTYjhr cldwaFZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UazAN BgkqhkiG9w0BAQsFAAOCAQEAWLRlri2+c1XAM56MmUoHRq17h99qQbVqc+FIW4EG W0vk0l3YY7Cy6UTS4TxIq/P4PIRJ2r/kCct2j5bLsfwIv8T+cgNyDVmh7NptJlhJ IS5x/Z9Uf3Rr8E8qlu6ADzY366ItaukxPjEwzeYxKLUsJHPI/Co1d8veQ3VtxW7s rHaBXXxOc8kQyfBAIxplkgCTjNNb+ME4RdktQJDVcRHXPw0j2iIzdX3dTwzgs0rt r2aF/sxIwdrEnMzXkBsDMfSB/9hiETApbej4L4RIJMalBWoavJ4jaqrPdMYlYLB2 Xioc8OzoVwFoGQcmeXAmEeVvWzmOvcIsp39QhrvLzgR13g== -----END CERTIFICATE-----Generated at Sun Aug 24 13:49:38 2025 by rpki-client