$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/38lVHOd3h-oxfhR4Y1rCuKG5uFQ.roa File: 38lVHOd3h-oxfhR4Y1rCuKG5uFQ.roa (raw, json) Hash identifier: EyEu19vHbg+4uXzb9Ydwy1S/HCaCdKLQwA5R14t4GNk= Subject key identifier: DF:C9:55:1C:E7:77:87:EA:31:7E:14:78:63:5A:C2:B8:A1:B9:B8:54 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1A23 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/38lVHOd3h-oxfhR4Y1rCuKG5uFQ.roa Signing time: Fri 22 Aug 2025 08:53:46 +0000 ROA not before: Fri 22 Aug 2025 08:53:46 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131602 IP address blocks: 218.210.32.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6691 (0x1a23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:46 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=DFC9551CE77787EA317E1478635AC2B8A1B9B854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ec:07:8c:34:eb:62:b0:9b:11:39:76:e5:b3: b0:fa:62:0e:df:af:3c:ef:e1:fb:8c:d2:86:71:85: df:e0:39:00:8c:ee:ef:2e:cf:f3:92:43:60:e6:1b: 0b:a9:20:2b:86:63:e9:d7:02:c0:bf:35:25:5b:88: eb:cf:72:81:20:02:5d:f6:4f:d5:b0:d6:58:8b:98: 1a:b1:11:a5:e3:bb:f2:46:ac:f1:c0:ca:38:bd:f6: 46:10:9e:4a:d0:c3:98:96:fa:5f:da:36:8f:db:f3: 18:9e:8c:23:da:21:c4:a1:59:16:e4:47:a2:1d:d0: b7:eb:23:fe:7c:ca:be:5c:85:c0:ef:e8:d4:fb:a9: 90:2a:a5:0b:96:90:c6:a3:ef:dd:5e:c8:51:07:38: 12:9b:c2:6c:49:66:a9:87:b9:c4:bc:14:4a:0c:6f: 8d:87:93:c7:e9:66:09:0d:96:ef:54:a4:32:9d:c4: 65:bc:b7:d2:90:18:15:af:1c:74:37:57:ba:7c:11: dc:7d:27:c7:42:61:45:72:2f:64:e9:7e:f7:85:ac: a9:c4:75:49:64:d6:79:9c:73:47:84:01:bc:0a:c6: a8:8a:bb:48:3e:d9:9f:9b:71:d1:44:93:61:f9:06: 9e:e7:87:22:a1:c4:71:c1:3a:1f:41:16:1b:49:7a: 03:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C9:55:1C:E7:77:87:EA:31:7E:14:78:63:5A:C2:B8:A1:B9:B8:54 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/38lVHOd3h-oxfhR4Y1rCuKG5uFQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.210.32.0/20 Signature Algorithm: sha256WithRSAEncryption 6a:16:67:6a:24:f4:d6:99:91:8d:1a:4e:6b:59:03:b6:d8:92: 85:34:f7:4e:be:e1:7a:1f:cb:15:4c:43:07:f6:14:f2:31:62: 4c:c6:c6:6a:68:bc:d2:18:85:e9:9e:5f:ec:8b:44:42:4e:a9: 24:98:d4:b5:75:82:17:c9:a6:13:65:cd:5d:0d:3c:cf:7c:c8: 96:fc:2a:07:69:ed:ee:00:4d:7d:1e:99:15:07:47:01:16:8b: 86:ad:25:f3:8f:95:13:91:2a:83:84:d4:aa:67:7d:fa:fd:05: 9a:4f:75:e8:f6:f2:bd:2c:1a:d1:b7:56:a7:35:e1:af:a5:c3: 6d:1f:d2:2e:9d:3e:11:6b:4c:47:9a:92:69:97:94:4f:22:78: a8:24:b8:56:60:93:d4:d6:40:5c:9e:10:b3:89:93:d8:f2:f8: af:ff:ff:6b:18:a1:ad:96:9f:94:05:7e:0e:88:07:c0:cf:3d: 6c:92:5c:b2:29:f3:98:0f:5e:6c:88:93:2d:de:20:cb:01:a5: e5:c2:2f:59:b5:9f:bf:52:5a:44:14:7d:20:7d:77:35:b7:40: b7:92:a3:32:00:99:d7:7b:1d:5a:ee:41:73:60:f0:ad:13:94: 4b:60:b1:3b:d2:86:db:e8:72:ca:ee:31:18:c2:32:2d:44:3f: b7:bf:ba:b1 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzNDZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKERGQzk1NTFDRTc3Nzg3 RUEzMTdFMTQ3ODYzNUFDMkI4QTFCOUI4NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH7AeMNOtisJsROXbls7D6Yg7frzzv4fuM0oZxhd/gOQCM7u8u z/OSQ2DmGwupICuGY+nXAsC/NSVbiOvPcoEgAl32T9Ww1liLmBqxEaXju/JGrPHA yji99kYQnkrQw5iW+l/aNo/b8xiejCPaIcShWRbkR6Id0LfrI/58yr5chcDv6NT7 qZAqpQuWkMaj791eyFEHOBKbwmxJZqmHucS8FEoMb42Hk8fpZgkNlu9UpDKdxGW8 t9KQGBWvHHQ3V7p8Edx9J8dCYUVyL2TpfveFrKnEdUlk1nmcc0eEAbwKxqiKu0g+ 2Z+bcdFEk2H5Bp7nhyKhxHHBOh9BFhtJegMJAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQU38lVHOd3h+oxfhR4Y1rCuKG5uFQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMzhsVkhPZDNoLW94ZmhSNFkxckN1 S0c1dUZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNrSIDAN BgkqhkiG9w0BAQsFAAOCAQEAahZnaiT01pmRjRpOa1kDttiShTT3Tr7heh/LFUxD B/YU8jFiTMbGami80hiF6Z5f7ItEQk6pJJjUtXWCF8mmE2XNXQ08z3zIlvwqB2nt 7gBNfR6ZFQdHARaLhq0l84+VE5Eqg4TUqmd9+v0Fmk916PbyvSwa0bdWpzXhr6XD bR/SLp0+EWtMR5qSaZeUTyJ4qCS4VmCT1NZAXJ4Qs4mT2PL4r///axihrZaflAV+ DogHwM89bJJcsinzmA9ebIiTLd4gywGl5cIvWbWfv1JaRBR9IH13NbdAt5KjMgCZ 13sdWu5Bc2DwrROUS2CxO9KG2+hyyu4xGMIyLUQ/t7+6sQ== -----END CERTIFICATE-----Generated at Sun Aug 24 13:52:46 2025 by rpki-client