$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/YbGnTW4nU7whUo_reR9sv2YVvf8.roa File: YbGnTW4nU7whUo_reR9sv2YVvf8.roa (raw, json) Hash identifier: oUxU8nNQkfGxGH9Uhz/iikAOWnDaQEcitAZZB42rbqg= Subject key identifier: 61:B1:A7:4D:6E:27:53:BC:21:52:8F:EB:79:1F:6C:BF:66:15:BD:FF Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 1070 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YbGnTW4nU7whUo_reR9sv2YVvf8.roa Signing time: Fri 22 Aug 2025 08:54:15 +0000 ROA not before: Fri 22 Aug 2025 08:54:15 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 4780 IP address blocks: 192.72.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4208 (0x1070) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 22 08:54:15 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=61B1A74D6E2753BC21528FEB791F6CBF6615BDFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:16:5c:5e:f4:bb:f5:2f:b8:02:0f:6c:bf:b1: 8b:81:60:89:9c:fb:81:8a:4b:73:6b:86:c5:01:52: d0:20:f4:84:9e:72:6b:b5:cf:d7:fd:d6:f4:a9:9b: 56:fb:42:cb:ac:37:64:07:0f:d0:d2:3e:76:ea:18: 32:14:77:38:3d:ff:67:6f:f6:32:83:f7:ae:09:76: 6c:fc:a7:97:3a:2a:56:b0:6c:b9:23:cf:df:c2:86: 6e:c6:3f:c0:a1:3e:31:eb:25:70:ce:b3:ca:40:23: 77:7a:90:2e:85:99:11:0f:a1:19:3f:9a:14:5c:c8: fd:b8:a0:ba:b6:a0:14:8b:6a:ac:5b:c9:ee:de:83: 1d:2c:15:19:53:80:e8:7e:e0:b1:94:ad:97:ab:4d: 0e:42:ac:89:74:de:37:b9:16:7a:d0:db:b9:ca:97: a1:fd:c5:c0:ef:7d:ae:d7:e2:4d:9a:2c:0d:fe:21: 5e:7b:01:11:37:69:63:96:62:6e:c7:b4:c8:67:8f: b7:51:a4:5e:b1:f5:a4:2c:01:ae:ee:6d:84:e5:54: 25:41:19:82:ae:14:47:8e:19:81:b3:ca:5c:83:94: cd:ce:f1:53:1d:e4:39:f3:4a:b5:63:e6:8b:9b:c3: fc:aa:51:6c:53:79:9b:96:8d:74:b6:0c:ce:5e:99: 7b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B1:A7:4D:6E:27:53:BC:21:52:8F:EB:79:1F:6C:BF:66:15:BD:FF X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YbGnTW4nU7whUo_reR9sv2YVvf8.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.16.0/20 Signature Algorithm: sha256WithRSAEncryption 03:87:87:52:e4:4d:6e:d3:bf:35:0b:9c:8d:d2:b5:23:be:8b: eb:a8:66:21:87:ee:0b:a6:65:97:b8:47:83:8b:56:5f:74:b1: 4c:23:4a:b0:d0:6b:3b:2d:ee:f6:3a:96:67:53:f6:b8:80:2f: 63:e4:66:b6:a9:bf:ea:ff:33:cc:95:aa:06:15:dd:f8:31:0d: 51:7e:b7:76:cc:ef:29:e4:9e:b0:f9:11:08:e2:32:4f:6c:56: d5:50:c1:f4:09:71:cd:8e:e5:12:6c:a5:37:2c:cf:e7:37:85: 65:16:bf:3d:91:5e:17:75:76:ce:5c:a6:2f:e0:ab:7a:44:c0: b0:fe:d4:61:d3:d0:2d:99:27:15:bf:36:0d:cf:f3:81:2f:d3: d7:b0:1b:cb:af:bb:81:a1:ae:d7:74:6e:fd:04:6e:3b:6d:3d: 10:21:2c:40:e0:da:ad:65:f1:cb:57:50:69:fd:e1:3a:f7:8e: c8:d5:8f:cd:e6:f3:e8:a1:46:2b:6b:18:76:9d:8f:31:98:75: 4a:0f:63:7d:4a:9a:5d:fa:36:b2:d7:66:e1:fe:e6:3b:5d:59: be:af:da:d7:33:e3:82:cf:fc:d5:83:df:83:62:5c:63:23:fa: 4f:33:40:59:da:ed:fd:3a:01:f1:5e:5d:e2:fb:60:63:5b:b6: 4e:5c:61:64 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw ODU0MTVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDYxQjFBNzRENkUyNzUz QkMyMTUyOEZFQjc5MUY2Q0JGNjYxNUJERkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCFlxe9Lv1L7gCD2y/sYuBYImc+4GKS3NrhsUBUtAg9ISecmu1 z9f91vSpm1b7QsusN2QHD9DSPnbqGDIUdzg9/2dv9jKD964Jdmz8p5c6KlawbLkj z9/Chm7GP8ChPjHrJXDOs8pAI3d6kC6FmREPoRk/mhRcyP24oLq2oBSLaqxbye7e gx0sFRlTgOh+4LGUrZerTQ5CrIl03je5FnrQ27nKl6H9xcDvfa7X4k2aLA3+IV57 ARE3aWOWYm7HtMhnj7dRpF6x9aQsAa7ubYTlVCVBGYKuFEeOGYGzylyDlM3O8VMd 5DnzSrVj5oubw/yqUWxTeZuWjXS2DM5emXvNAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUYbGnTW4nU7whUo/reR9sv2YVvf8wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWWJHblRXNG5VN3doVW9fcmVSOXN2 MllWdmY4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMBIEDAN BgkqhkiG9w0BAQsFAAOCAQEAA4eHUuRNbtO/NQucjdK1I76L66hmIYfuC6Zll7hH g4tWX3SxTCNKsNBrOy3u9jqWZ1P2uIAvY+Rmtqm/6v8zzJWqBhXd+DENUX63dszv KeSesPkRCOIyT2xW1VDB9AlxzY7lEmylNyzP5zeFZRa/PZFeF3V2zlymL+CrekTA sP7UYdPQLZknFb82Dc/zgS/T17Aby6+7gaGu13Ru/QRuO209ECEsQODarWXxy1dQ af3hOveOyNWPzebz6KFGK2sYdp2PMZh1Sg9jfUqaXfo2stdm4f7mO11Zvq/a1zPj gs/81YPfg2JcYyP6TzNAWdrt/ToB8V5d4vtgY1u2TlxhZA== -----END CERTIFICATE-----Generated at Sun Aug 24 11:43:59 2025 by rpki-client