$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/SXNrZ5Jz3QY0J5f0TZfZmh7wSZc.roa File: SXNrZ5Jz3QY0J5f0TZfZmh7wSZc.roa (raw, json) Hash identifier: LmSpure0DYNnRbdaK/Ifeb7Kk2Rwus/vkzLEgAEyZXs= Subject key identifier: 49:73:6B:67:92:73:DD:06:34:27:97:F4:4D:97:D9:9A:1E:F0:49:97 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 1067 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/SXNrZ5Jz3QY0J5f0TZfZmh7wSZc.roa Signing time: Fri 22 Aug 2025 08:54:13 +0000 ROA not before: Fri 22 Aug 2025 08:54:13 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 192.72.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4199 (0x1067) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 22 08:54:13 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=49736B679273DD06342797F44D97D99A1EF04997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b5:3c:11:d6:87:24:43:a9:56:f9:a8:d8:50: a5:dd:36:1f:f6:c7:34:5b:ad:d1:62:f5:f5:95:29: 53:5f:16:9a:4c:c0:85:7d:4c:78:17:c0:21:04:e2: a4:44:6e:cf:3d:72:4b:4a:89:d9:95:09:78:e7:c6: e5:5b:58:73:ad:4d:10:57:4b:d5:8f:b8:09:30:9a: ed:16:16:65:93:5d:ba:16:f0:00:c0:a7:f1:9b:6f: 78:33:ad:86:d3:60:fc:07:07:88:71:6f:e0:f9:44: 6a:5e:c6:3a:67:46:a0:2e:cb:6b:ee:4e:8f:f8:d6: eb:12:5f:9c:d8:84:e5:eb:75:5d:5d:7c:ee:40:0f: db:72:ef:82:9d:f3:49:df:de:fb:c7:2f:60:ad:51: fb:75:06:5d:01:7e:15:1d:3d:3c:60:36:36:fb:fe: ac:cd:84:06:0d:c0:32:20:cf:f1:c8:71:ef:0d:76: bd:b1:d6:a0:dd:a6:93:e1:48:af:f2:ea:bf:08:11: d9:d0:99:38:8b:e0:99:72:0b:26:65:bc:a6:6f:e8: 8f:33:02:0d:77:37:8e:ff:b4:84:89:cd:b9:42:c5: ef:23:71:0c:83:cc:e2:12:3a:73:ea:b5:8e:ec:74: 7c:ab:e3:69:44:98:25:49:f9:ac:5b:a4:d0:06:50: 76:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:73:6B:67:92:73:DD:06:34:27:97:F4:4D:97:D9:9A:1E:F0:49:97 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/SXNrZ5Jz3QY0J5f0TZfZmh7wSZc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.16.0/20 Signature Algorithm: sha256WithRSAEncryption 64:5f:6c:38:a6:e3:1a:06:2b:e4:50:b4:06:8a:c5:cf:47:27: 94:e3:0f:ae:27:e3:3a:c9:e0:e3:7d:71:1e:8f:3b:b8:07:cf: 9b:11:ba:49:5c:bb:53:f2:4d:94:8d:f6:d2:4e:08:ad:46:c4: 55:dc:b6:29:3d:95:c0:92:01:30:00:a2:56:2a:b7:8e:e1:ab: 25:7f:64:72:4e:66:09:f4:fa:6b:6d:96:f2:5c:9d:2a:91:e6: b4:55:77:71:a2:19:f0:18:e1:aa:a1:b7:72:fb:f9:77:96:f2: 96:b6:c0:c5:a0:96:d5:90:44:be:ab:3b:aa:eb:62:01:29:d3: bb:2b:0b:19:a0:d6:fc:15:4c:9e:82:33:53:87:f9:25:d8:e7: 82:0e:3a:be:1e:c3:20:74:48:81:02:94:47:06:74:7b:2d:2b: 10:47:a0:22:2f:0d:c2:f0:6d:a4:b8:9f:18:e9:08:f6:a9:ee: d1:36:6c:c1:bd:84:c2:57:0f:cd:f9:4e:df:85:8c:86:9c:30: 45:44:46:3c:75:53:32:da:60:8c:87:5a:99:f8:c9:8d:b9:8e: 59:63:99:89:f9:5b:02:fd:e3:58:7f:0f:a4:37:67:50:49:ff: 6c:c3:f2:64:d0:d2:d9:74:cc:20:68:5b:5b:a8:b5:13:04:08: 4a:78:e7:77 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw ODU0MTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQ5NzM2QjY3OTI3M0RE MDYzNDI3OTdGNDREOTdEOTlBMUVGMDQ5OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFtTwR1ockQ6lW+ajYUKXdNh/2xzRbrdFi9fWVKVNfFppMwIV9 THgXwCEE4qREbs89cktKidmVCXjnxuVbWHOtTRBXS9WPuAkwmu0WFmWTXboW8ADA p/Gbb3gzrYbTYPwHB4hxb+D5RGpexjpnRqAuy2vuTo/41usSX5zYhOXrdV1dfO5A D9ty74Kd80nf3vvHL2CtUft1Bl0BfhUdPTxgNjb7/qzNhAYNwDIgz/HIce8Ndr2x 1qDdppPhSK/y6r8IEdnQmTiL4JlyCyZlvKZv6I8zAg13N47/tISJzblCxe8jcQyD zOISOnPqtY7sdHyr42lEmCVJ+axbpNAGUHaFAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUSXNrZ5Jz3QY0J5f0TZfZmh7wSZcwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvU1hOclo1SnozUVkwSjVmMFRaZlpt aDd3U1pjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN BgkqhkiG9w0BAQsFAAOCAQEAZF9sOKbjGgYr5FC0BorFz0cnlOMPrifjOsng431x Ho87uAfPmxG6SVy7U/JNlI320k4IrUbEVdy2KT2VwJIBMACiViq3juGrJX9kck5m CfT6a22W8lydKpHmtFV3caIZ8BjhqqG3cvv5d5bylrbAxaCW1ZBEvqs7qutiASnT uysLGaDW/BVMnoIzU4f5Jdjngg46vh7DIHRIgQKURwZ0ey0rEEegIi8NwvBtpLif GOkI9qnu0TZswb2EwlcPzflO34WMhpwwRURGPHVTMtpgjIdamfjJjbmOWWOZiflb Av3jWH8PpDdnUEn/bMPyZNDS2XTMIGhbW6i1EwQISnjndw== -----END CERTIFICATE-----Generated at Sun Aug 24 09:44:46 2025 by rpki-client