$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jy2uyWfZVPUsHrHCi6SCe8zDUPQ.roa File: Jy2uyWfZVPUsHrHCi6SCe8zDUPQ.roa (raw, json) Hash identifier: /8h500QcIkxMfPUjgGE3YiKFzVKuofx1cWZXpMhILS4= Subject key identifier: 27:2D:AE:C9:67:D9:54:F5:2C:1E:B1:C2:8B:A4:82:7B:CC:C3:50:F4 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 106C Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jy2uyWfZVPUsHrHCi6SCe8zDUPQ.roa Signing time: Fri 22 Aug 2025 08:54:14 +0000 ROA not before: Fri 22 Aug 2025 08:54:14 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 192.72.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4204 (0x106c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 22 08:54:14 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=272DAEC967D954F52C1EB1C28BA4827BCCC350F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:da:2b:08:d0:ac:61:46:e4:14:92:e7:59:fe: 78:a3:21:56:c4:e9:c6:98:ce:47:8e:86:70:63:7a: e4:14:81:00:0d:de:b5:07:f9:f9:cc:5d:4a:9e:5e: 68:c8:39:9e:ab:75:f4:44:23:e8:f1:ff:01:96:52: 20:ae:48:1e:11:95:27:8c:c0:cc:dc:8a:12:09:43: bc:5e:17:6e:95:79:89:e5:0b:ab:43:14:36:07:b5: cc:a4:ef:4a:58:02:19:87:8b:e0:c3:a6:e0:59:6e: 27:64:b3:11:3a:74:27:84:c2:d6:b6:57:3f:5c:f4: 33:01:0d:e3:a0:5c:26:79:a7:e2:13:e2:bb:50:7a: f4:1c:4f:42:9c:6f:2e:8b:68:1e:51:e7:e3:ec:ee: 8e:60:75:70:a4:b1:94:54:9c:2b:5f:d4:4c:dd:35: 5d:8b:89:3d:21:91:73:bf:d1:1e:cd:9c:d4:97:ee: d4:89:c6:e2:17:ba:f3:7e:05:e3:e8:bd:e9:9b:bc: 56:f6:74:34:7c:f6:54:27:4d:31:11:9d:48:42:9e: 2f:ac:ec:d1:cd:93:76:8e:f6:52:6f:c8:12:5b:f4: db:9e:fa:13:7c:0c:ac:46:3a:75:8c:a3:47:e9:0e: cb:80:ed:5d:3b:5d:3a:ce:40:de:b1:2c:8d:19:1c: 0e:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:2D:AE:C9:67:D9:54:F5:2C:1E:B1:C2:8B:A4:82:7B:CC:C3:50:F4 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Jy2uyWfZVPUsHrHCi6SCe8zDUPQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.240.0/21 Signature Algorithm: sha256WithRSAEncryption 33:df:ee:e0:2e:c0:8c:54:cb:68:e9:2d:eb:91:5a:40:89:c6: 52:37:53:97:d0:71:60:cb:9d:43:f0:05:56:c2:f0:72:0a:32: 1c:54:3a:f7:b3:25:8b:07:dd:12:90:4d:6c:5c:ed:25:df:c8: 1a:12:cc:b0:bc:d1:de:99:77:a4:cf:4f:84:c0:65:2d:5f:46: 16:de:01:dc:b8:1a:3d:0c:3b:90:81:0c:dd:8f:ed:96:21:84: 00:61:d0:29:bc:b9:d8:12:fa:83:81:b6:9c:d7:44:2d:54:f6: e2:f2:97:cd:8e:83:88:3d:a0:d7:15:3a:b4:ba:cf:3d:b8:99: bb:64:b2:d1:3c:bc:d4:39:e6:20:ab:f2:ec:3a:6e:c1:46:7f: 99:68:96:62:da:a6:b5:5a:73:08:bf:57:03:f9:b7:78:3a:3a: ec:06:24:e7:ff:ed:3b:99:b5:ff:c7:96:1d:56:5b:35:f6:7e: d5:f3:4e:5b:da:c3:62:af:22:78:fb:c6:f5:45:3f:18:cb:0b: 9a:18:e7:49:5d:e2:72:da:c1:dc:06:75:20:a7:36:e8:15:ea: 9b:80:a2:b4:fd:03:0c:92:cf:c3:df:d3:7a:98:00:1f:a6:13: cd:c4:86:e8:d5:60:6c:75:d0:61:a0:60:de:3e:a2:f4:aa:e1: 78:2f:a1:1e -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw ODU0MTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDI3MkRBRUM5NjdEOTU0 RjUyQzFFQjFDMjhCQTQ4MjdCQ0NDMzUwRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe2isI0KxhRuQUkudZ/nijIVbE6caYzkeOhnBjeuQUgQAN3rUH +fnMXUqeXmjIOZ6rdfREI+jx/wGWUiCuSB4RlSeMwMzcihIJQ7xeF26VeYnlC6tD FDYHtcyk70pYAhmHi+DDpuBZbidksxE6dCeEwta2Vz9c9DMBDeOgXCZ5p+IT4rtQ evQcT0Kcby6LaB5R5+Ps7o5gdXCksZRUnCtf1EzdNV2LiT0hkXO/0R7NnNSX7tSJ xuIXuvN+BePovembvFb2dDR89lQnTTERnUhCni+s7NHNk3aO9lJvyBJb9Nue+hN8 DKxGOnWMo0fpDsuA7V07XTrOQN6xLI0ZHA4nAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUJy2uyWfZVPUsHrHCi6SCe8zDUPQwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSnkydXlXZlpWUFVzSHJIQ2k2U0Nl OHpEVVBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN BgkqhkiG9w0BAQsFAAOCAQEAM9/u4C7AjFTLaOkt65FaQInGUjdTl9BxYMudQ/AF VsLwcgoyHFQ697MliwfdEpBNbFztJd/IGhLMsLzR3pl3pM9PhMBlLV9GFt4B3Lga PQw7kIEM3Y/tliGEAGHQKby52BL6g4G2nNdELVT24vKXzY6DiD2g1xU6tLrPPbiZ u2Sy0Ty81DnmIKvy7DpuwUZ/mWiWYtqmtVpzCL9XA/m3eDo67AYk5//tO5m1/8eW HVZbNfZ+1fNOW9rDYq8iePvG9UU/GMsLmhjnSV3ictrB3AZ1IKc26BXqm4CitP0D DJLPw9/TepgAH6YTzcSG6NVgbHXQYaBg3j6i9KrheC+hHg== -----END CERTIFICATE-----Generated at Sun Aug 24 07:43:28 2025 by rpki-client