$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRF-PT6-IJjgcbUt5Eit6XV9Pv0.roa File: CRF-PT6-IJjgcbUt5Eit6XV9Pv0.roa (raw, json) Hash identifier: Ayct/3QqzmOFm36Y017QbJCNp7DZGQzYHB6Qr7DMnYY= Subject key identifier: 09:11:7E:3D:3E:BE:20:98:E0:71:B5:2D:E4:48:AD:E9:75:7D:3E:FD Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 1075 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRF-PT6-IJjgcbUt5Eit6XV9Pv0.roa Signing time: Fri 22 Aug 2025 08:54:16 +0000 ROA not before: Fri 22 Aug 2025 08:54:16 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 192.72.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4213 (0x1075) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 22 08:54:16 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=09117E3D3EBE2098E071B52DE448ADE9757D3EFD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a6:9d:bf:a6:f0:8e:b3:75:cb:2c:7f:a7:78: 0c:25:09:9e:d6:66:64:6e:36:00:04:35:cf:b1:80: 5c:af:d5:d3:a0:50:ac:c0:f6:e6:38:b1:e3:68:55: 17:33:a8:6d:14:e8:dc:9c:df:c0:55:20:7f:49:a8: 50:78:15:5a:65:26:c0:1d:43:ea:e2:a5:a3:6f:00: 87:05:65:6c:d8:ec:08:bd:f8:dd:19:2e:a3:f1:b8: a9:0b:a2:67:f7:3f:47:51:9b:dd:90:52:30:7f:a2: fe:e5:7b:d1:e1:3d:7a:13:1d:b8:73:74:a2:f4:40: 40:37:55:b2:c0:23:d0:39:df:a7:37:07:4b:2d:47: 20:4f:de:42:8c:08:98:46:c9:70:c3:28:d6:c4:1e: 8f:d8:8e:3b:b6:5b:53:92:3f:c8:e6:45:9d:76:e5: 18:da:3c:53:54:a6:54:e6:4e:3b:fc:06:64:d4:9d: f0:05:ac:4d:63:27:2c:37:c4:50:dd:68:3d:65:77: 60:44:b0:b0:69:ec:06:ab:f3:46:3b:ea:87:fd:c6: cf:f3:d4:a9:6f:49:d0:43:05:91:e7:98:09:93:85: 1a:64:10:ba:1d:4f:ed:59:f4:62:73:8a:02:1f:17: eb:e4:1c:85:27:5e:0d:ea:63:5e:69:fa:0e:cd:45: 8b:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:11:7E:3D:3E:BE:20:98:E0:71:B5:2D:E4:48:AD:E9:75:7D:3E:FD X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CRF-PT6-IJjgcbUt5Eit6XV9Pv0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.248.0/22 Signature Algorithm: sha256WithRSAEncryption a3:a1:b6:81:9b:79:bc:ca:7e:02:55:28:8d:a2:d0:3e:f8:fe: 00:de:f7:99:34:cf:da:e2:1b:ed:54:0f:63:6d:7d:c0:62:2d: 59:29:c6:18:80:da:46:84:d5:d1:9e:c7:98:76:e3:fd:bb:60: 1b:31:ee:b8:78:77:23:73:0c:50:1f:d5:d0:2e:7b:8d:fe:49: 67:3d:b8:3c:a8:68:84:86:c8:26:33:d4:7c:98:52:ec:99:aa: 06:d6:c6:33:e0:64:ca:68:31:50:2f:e1:76:f8:db:3e:0f:c5: 9b:cf:3b:63:19:30:b2:36:d5:08:c0:50:44:9d:f7:2d:b1:a2: 83:91:9f:63:f7:7c:74:f0:4d:e6:9b:a1:9d:62:e6:44:1b:f1: d7:d9:d9:93:c8:cd:4d:07:ef:93:1e:be:c6:c3:89:a5:78:94: 0f:5a:2a:9d:65:96:98:5b:f2:9a:d0:b1:b4:77:0c:69:88:cf: f1:be:7a:ee:51:84:60:27:16:ec:bd:fb:52:49:d2:c1:b8:b0: 7b:c8:8b:1c:75:0d:87:76:6d:91:bd:77:52:34:51:ab:98:32: b5:94:3c:e9:70:d2:71:f3:ce:d5:95:0b:b2:95:d9:f5:8f:f0: aa:d0:23:bc:d8:12:d4:a4:89:b7:7a:57:5b:15:71:3e:7c:a6: 70:37:fa:1e -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw ODU0MTZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDA5MTE3RTNEM0VCRTIw OThFMDcxQjUyREU0NDhBREU5NzU3RDNFRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzpp2/pvCOs3XLLH+neAwlCZ7WZmRuNgAENc+xgFyv1dOgUKzA 9uY4seNoVRczqG0U6Nyc38BVIH9JqFB4FVplJsAdQ+ripaNvAIcFZWzY7Ai9+N0Z LqPxuKkLomf3P0dRm92QUjB/ov7le9HhPXoTHbhzdKL0QEA3VbLAI9A536c3B0st RyBP3kKMCJhGyXDDKNbEHo/Yjju2W1OSP8jmRZ125RjaPFNUplTmTjv8BmTUnfAF rE1jJyw3xFDdaD1ld2BEsLBp7Aar80Y76of9xs/z1KlvSdBDBZHnmAmThRpkELod T+1Z9GJzigIfF+vkHIUnXg3qY15p+g7NRYv5AgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUCRF+PT6+IJjgcbUt5Eit6XV9Pv0wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ1JGLVBUNi1JSmpnY2JVdDVFaXQ2 WFY5UHYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsBI+DAN BgkqhkiG9w0BAQsFAAOCAQEAo6G2gZt5vMp+AlUojaLQPvj+AN73mTTP2uIb7VQP Y219wGItWSnGGIDaRoTV0Z7HmHbj/btgGzHuuHh3I3MMUB/V0C57jf5JZz24PKho hIbIJjPUfJhS7JmqBtbGM+BkymgxUC/hdvjbPg/Fm887YxkwsjbVCMBQRJ33LbGi g5GfY/d8dPBN5puhnWLmRBvx19nZk8jNTQfvkx6+xsOJpXiUD1oqnWWWmFvymtCx tHcMaYjP8b567lGEYCcW7L37UknSwbiwe8iLHHUNh3Ztkb13UjRRq5gytZQ86XDS cfPO1ZULspXZ9Y/wqtAjvNgS1KSJt3pXWxVxPnymcDf6Hg== -----END CERTIFICATE-----Generated at Sun Aug 24 07:39:26 2025 by rpki-client