$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/3KR2KLrDureFuptZfN5eAPxUCHY.roa File: 3KR2KLrDureFuptZfN5eAPxUCHY.roa (raw, json) Hash identifier: rjsJUvSdk4zpmy6XRGGsD+TrNpxEGiLljAEZjcusxEo= Subject key identifier: DC:A4:76:28:BA:C3:BA:B7:85:BA:9B:59:7C:DE:5E:00:FC:54:08:76 Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Certificate serial: 0DA0 Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/3KR2KLrDureFuptZfN5eAPxUCHY.roa Signing time: Fri 22 Aug 2025 08:54:25 +0000 ROA not before: Fri 22 Aug 2025 08:54:25 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 7539 IP address blocks: 103.160.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3488 (0xda0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891 Validity Not Before: Aug 22 08:54:25 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DCA47628BAC3BAB785BA9B597CDE5E00FC540876 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:87:d3:60:ee:37:d0:d3:9a:97:cc:63:a4:ae: 00:e4:3c:07:52:95:7d:bb:36:a0:8b:87:8f:ba:8f: 2d:3a:64:67:34:86:22:5d:2c:05:44:19:d5:75:b8: fd:ce:5a:82:e9:39:61:9e:ac:0d:b8:e2:97:01:72: 88:38:ba:52:62:41:88:49:2b:4f:a0:c0:8f:d9:34: 95:8c:96:a7:9c:4c:fd:41:ef:bf:b4:e7:dc:8c:48: 2c:1e:1b:25:f7:f3:ae:e6:2d:10:55:04:28:fa:f1: 60:b8:48:a6:3f:a4:f3:2f:bb:bd:76:cb:e5:6f:09: d2:0f:6c:ef:51:bd:6d:0b:18:ec:2a:0e:63:10:89: 5f:f2:cc:ac:4b:49:1c:20:0f:f6:2d:28:9a:c8:df: 4d:76:ed:14:2d:b2:c1:28:af:30:01:f7:dd:95:9c: 06:29:42:bc:02:5b:8d:c5:9f:ef:c5:d6:b9:f4:99: 6a:6f:59:62:29:d6:3e:eb:9c:5a:e5:f5:da:6d:ee: 1e:51:b8:5b:b3:45:7e:35:f6:ee:ef:6f:e4:59:54: 47:fd:a7:de:cb:0d:da:bd:31:8b:71:09:e9:77:69: 0b:88:ad:e2:16:a8:1f:08:06:49:f9:6d:47:02:3e: 5d:76:65:6d:bb:5f:a8:ac:d6:8e:86:74:b1:ff:c9: c9:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:A4:76:28:BA:C3:BA:B7:85:BA:9B:59:7C:DE:5E:00:FC:54:08:76 X509v3 Authority Key Identifier: keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/3KR2KLrDureFuptZfN5eAPxUCHY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.160.220.0/23 Signature Algorithm: sha256WithRSAEncryption 78:f4:4d:36:0d:75:3a:b2:d0:86:00:a5:3a:43:fb:aa:d2:cf: 1f:63:3c:18:ee:d1:26:d7:ff:d2:8b:55:e9:26:43:a0:f0:05: f3:1e:4a:eb:17:0a:38:96:0f:b4:c3:cf:94:4f:4d:3f:9d:e3: a7:4f:80:6e:1a:1c:89:2b:1e:c3:53:fb:37:f1:1e:bf:c1:7a: 83:ea:55:29:eb:8d:0c:7a:13:06:5b:f1:f6:44:d3:7e:fd:64: 0f:60:69:d1:28:32:f4:5f:2b:58:67:f3:e5:6b:c0:9d:80:f3: a5:22:96:14:2d:1f:92:dc:38:dd:bd:ca:1a:cc:2f:22:3e:1a: ea:45:8e:5d:7c:8c:2a:c3:b3:4f:97:f4:a9:c3:21:eb:9e:49: 7e:ac:a2:15:e1:a6:1d:48:b4:cd:81:71:64:13:e3:bf:f0:da: 87:d1:69:1b:2b:01:ca:5e:6b:01:12:14:e4:fb:ed:0b:e2:0f: cf:c0:5b:3e:e5:1f:b8:1b:d8:af:57:9d:f8:ab:9c:6b:b5:c3: 6a:d4:ea:80:2f:d3:dc:20:91:1a:a3:31:2c:d5:c7:a6:7e:48: 36:39:40:2a:49:07:10:3b:c5:0c:11:1d:9e:4b:e4:8a:c4:61: af:d2:8d:6e:65:63:4d:47:5e:81:07:06:78:4e:dc:c1:7c:61: fc:e9:50:34 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICDaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNTA4MjIw ODU0MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERDQTQ3NjI4QkFDM0JB Qjc4NUJBOUI1OTdDREU1RTAwRkM1NDA4NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuh9Ng7jfQ05qXzGOkrgDkPAdSlX27NqCLh4+6jy06ZGc0hiJd LAVEGdV1uP3OWoLpOWGerA244pcBcog4ulJiQYhJK0+gwI/ZNJWMlqecTP1B77+0 59yMSCweGyX3867mLRBVBCj68WC4SKY/pPMvu712y+VvCdIPbO9RvW0LGOwqDmMQ iV/yzKxLSRwgD/YtKJrI30127RQtssEorzAB992VnAYpQrwCW43Fn+/F1rn0mWpv WWIp1j7rnFrl9dpt7h5RuFuzRX419u7vb+RZVEf9p97LDdq9MYtxCel3aQuIreIW qB8IBkn5bUcCPl12ZW27X6is1o6GdLH/ycnrAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU3KR2KLrDureFuptZfN5eAPxUCHYwHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1 fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83 VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvM0tSMktMckR1cmVGdXB0WmZONWVB UHhVQ0hZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeg3DAN BgkqhkiG9w0BAQsFAAOCAQEAePRNNg11OrLQhgClOkP7qtLPH2M8GO7RJtf/0otV 6SZDoPAF8x5K6xcKOJYPtMPPlE9NP53jp0+AbhociSsew1P7N/Eev8F6g+pVKeuN DHoTBlvx9kTTfv1kD2Bp0Sgy9F8rWGfz5WvAnYDzpSKWFC0fktw43b3KGswvIj4a 6kWOXXyMKsOzT5f0qcMh655JfqyiFeGmHUi0zYFxZBPjv/Dah9FpGysByl5rARIU 5PvtC+IPz8BbPuUfuBvYr1ed+Kuca7XDatTqgC/T3CCRGqMxLNXHpn5INjlAKkkH EDvFDBEdnkvkisRhr9KNbmVjTUdegQcGeE7cwXxh/OlQNA== -----END CERTIFICATE-----Generated at Sun Aug 24 13:42:12 2025 by rpki-client