$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/S9RpgUxGrAnKrPrjO4Fo6o6uPQQ.roa File: S9RpgUxGrAnKrPrjO4Fo6o6uPQQ.roa (raw, json) Hash identifier: kuX0NhtWiY31JJsPSXtd2n1iWv4i7nrtRuRxd0dwWuc= Subject key identifier: 4B:D4:69:81:4C:46:AC:09:CA:AC:FA:E3:3B:81:68:EA:8E:AE:3D:04 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 19B6 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/S9RpgUxGrAnKrPrjO4Fo6o6uPQQ.roa Signing time: Fri 22 Aug 2025 08:53:17 +0000 ROA not before: Fri 22 Aug 2025 08:53:17 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18049 IP address blocks: 106.107.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 17:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6582 (0x19b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:17 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=4BD469814C46AC09CAACFAE33B8168EA8EAE3D04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3d:65:50:71:12:8e:ea:4d:47:3c:e3:0e:d0: e5:d3:14:56:1e:f5:25:a9:9a:e0:c1:4d:4f:7e:62: 1d:d7:9b:f8:59:67:47:81:ca:96:44:d8:4c:3a:ae: 9e:e8:1c:1f:d6:bd:72:f6:a4:b3:5c:92:b4:0b:1b: 07:00:19:8b:57:71:ea:cf:dd:7d:3f:00:6a:3c:f2: bf:94:15:29:5b:04:f5:2b:82:c4:2c:d3:da:62:73: d2:31:55:01:9c:93:c6:58:26:84:f2:fe:03:bc:17: 6d:d8:8f:f4:9d:a9:74:40:f7:8c:6a:a3:62:f5:b1: c1:f0:f5:93:27:45:f6:d9:a8:a5:2e:04:a9:ca:d0: 0f:6d:79:d1:0a:d4:25:77:25:f2:91:bd:1b:b6:6c: 03:fe:dd:91:f0:cd:7a:a9:df:ba:b1:1f:69:00:b4: e1:8e:b0:7c:2a:c2:af:d5:6e:10:d7:dc:87:d3:13: 2c:ce:b8:0f:87:e6:8f:4f:12:a2:f7:ae:96:ae:1b: a1:e5:49:c3:04:3e:b2:63:6e:6d:24:67:2c:cd:0b: ac:9e:17:40:be:7b:b6:a6:51:1a:f7:6a:db:e4:e2: bd:e5:95:14:a5:05:06:a8:59:f3:68:6d:22:1b:20: 90:05:2c:02:6b:1b:a5:9e:54:ea:0b:d7:52:8d:34: 0d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:D4:69:81:4C:46:AC:09:CA:AC:FA:E3:3B:81:68:EA:8E:AE:3D:04 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/S9RpgUxGrAnKrPrjO4Fo6o6uPQQ.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.107.128.0/17 Signature Algorithm: sha256WithRSAEncryption 5c:01:e9:7f:72:4c:f2:44:1c:43:b2:46:82:26:50:6a:50:4e: ea:78:e3:a3:67:04:f3:4f:54:7e:d4:b3:0a:9e:da:49:8b:2e: 26:44:60:6a:08:6c:38:8b:3b:94:6b:63:00:f7:9d:6c:f8:1e: c1:bd:5c:56:49:7b:ff:f1:71:64:16:00:13:22:67:d4:7e:28: aa:d3:6b:d1:35:3a:e8:84:ab:6a:d0:fe:0a:97:f7:06:e8:e8: 2e:23:aa:46:d6:40:78:5c:1e:4b:7d:30:a9:bf:7d:bf:0f:c8: 80:59:ff:ac:41:d5:15:73:1f:69:59:1d:23:a7:ca:da:5d:5b: a5:a0:ea:04:e9:3e:04:5b:04:f0:4e:eb:35:60:30:e7:3b:4d: 92:36:2b:99:fe:81:9e:e8:64:ac:83:1a:3d:78:67:5d:80:a0: 41:3d:27:42:78:f5:9d:73:13:ad:29:03:d6:27:e4:77:40:05: 19:65:f6:b9:91:ba:75:3c:b3:53:4b:39:7b:8c:84:d7:4c:dd: 93:72:72:0e:4c:db:84:b7:69:a3:c2:0c:ba:70:24:0d:c5:9c: 92:17:56:99:bd:fc:42:b4:2d:48:62:85:d4:fc:03:72:ef:03: 1d:36:4c:86:6c:84:70:d8:63:0f:66:fd:eb:98:e8:70:6e:42: c7:4f:6a:5e -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGbYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzMTdaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRCRDQ2OTgxNEM0NkFD MDlDQUFDRkFFMzNCODE2OEVBOEVBRTNEMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5PWVQcRKO6k1HPOMO0OXTFFYe9SWpmuDBTU9+Yh3Xm/hZZ0eB ypZE2Ew6rp7oHB/WvXL2pLNckrQLGwcAGYtXcerP3X0/AGo88r+UFSlbBPUrgsQs 09pic9IxVQGck8ZYJoTy/gO8F23Yj/SdqXRA94xqo2L1scHw9ZMnRfbZqKUuBKnK 0A9tedEK1CV3JfKRvRu2bAP+3ZHwzXqp37qxH2kAtOGOsHwqwq/VbhDX3IfTEyzO uA+H5o9PEqL3rpauG6HlScMEPrJjbm0kZyzNC6yeF0C+e7amURr3atvk4r3llRSl BQaoWfNobSIbIJAFLAJrG6WeVOoL11KNNA3PAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUS9RpgUxGrAnKrPrjO4Fo6o6uPQQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUzlScGdVeEdyQW5LclByak80Rm82 bzZ1UFFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB2prgDAN BgkqhkiG9w0BAQsFAAOCAQEAXAHpf3JM8kQcQ7JGgiZQalBO6njjo2cE809UftSz Cp7aSYsuJkRgaghsOIs7lGtjAPedbPgewb1cVkl7//FxZBYAEyJn1H4oqtNr0TU6 6ISratD+Cpf3BujoLiOqRtZAeFweS30wqb99vw/IgFn/rEHVFXMfaVkdI6fK2l1b paDqBOk+BFsE8E7rNWAw5ztNkjYrmf6BnuhkrIMaPXhnXYCgQT0nQnj1nXMTrSkD 1ifkd0AFGWX2uZG6dTyzU0s5e4yE10zdk3JyDkzbhLdpo8IMunAkDcWckhdWmb38 QrQtSGKF1PwDcu8DHTZMhmyEcNhjD2b965jocG5Cx09qXg== -----END CERTIFICATE-----Generated at Sun Aug 24 13:52:45 2025 by rpki-client