$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/iEN4KjAN73As3bkfWRhFwyPDNiY.roa File: iEN4KjAN73As3bkfWRhFwyPDNiY.roa (raw, json) Hash identifier: wykRQkB6U3/+cnp9KTVrubgQKKYbRG10a9L03ciPFAA= Subject key identifier: 88:43:78:2A:30:0D:EF:70:2C:DD:B9:1F:59:18:45:C3:23:C3:36:26 Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 19C8 Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iEN4KjAN73As3bkfWRhFwyPDNiY.roa Signing time: Fri 22 Aug 2025 08:53:22 +0000 ROA not before: Fri 22 Aug 2025 08:53:22 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 38851 IP address blocks: 60.245.120.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6600 (0x19c8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:22 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=8843782A300DEF702CDDB91F591845C323C33626 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b6:2a:5d:70:1a:8e:6f:eb:04:c4:4b:4a:ca: e6:f8:6b:e3:df:f5:c6:25:cc:c1:34:f5:c5:41:4f: 81:6c:49:37:bd:e6:96:39:4f:b8:e3:87:2c:16:1e: 21:09:5a:f4:67:f7:0a:ce:7c:a2:8f:55:aa:86:cd: 81:63:90:92:de:9d:de:3f:ad:cb:17:d8:d6:d4:58: 75:c4:4e:61:70:12:02:79:c7:72:02:0b:28:6e:d6: 43:15:84:a2:27:27:25:27:3b:57:e1:cc:ed:80:eb: d2:6c:b5:c4:37:cb:5c:b5:48:c2:c6:0a:d6:93:76: eb:d4:69:8f:d0:f3:85:0a:a5:4d:87:a1:d3:7b:58: 6a:04:45:0b:25:15:61:7c:54:43:dd:2a:bc:cb:13: 1a:a9:ef:bd:be:a0:d8:28:f3:53:dd:30:57:ba:5a: bd:51:53:f8:75:df:14:0f:14:b6:e5:ea:04:19:ee: 62:3b:31:c6:bb:ad:a4:8c:09:c3:18:17:cf:4f:26: e9:46:2c:49:a1:ce:1d:ac:ae:1b:0a:eb:78:cf:c7: df:8f:74:0b:e2:a3:96:5e:ce:6f:1f:51:46:a9:9b: 97:5c:e4:d0:b2:3f:9d:9b:e0:18:cb:4b:a6:1d:cc: 04:18:64:20:a1:11:2f:c7:13:3b:af:d3:c8:59:9b: 9c:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:43:78:2A:30:0D:EF:70:2C:DD:B9:1F:59:18:45:C3:23:C3:36:26 X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/iEN4KjAN73As3bkfWRhFwyPDNiY.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 60.245.120.0/21 Signature Algorithm: sha256WithRSAEncryption a7:13:5b:74:9f:e6:3c:21:07:1d:37:83:98:2f:37:a6:70:a9: a1:45:94:cc:ad:0e:44:25:52:c5:b1:29:eb:80:cf:77:09:65: 72:42:1f:11:42:21:c4:06:60:db:09:f5:f8:8a:5d:e3:49:ab: 4d:89:c4:69:c7:c9:f8:6f:b9:ce:d0:3e:c3:7b:ec:f4:b6:d9: 63:57:5f:97:08:c8:7b:8e:87:49:5d:d0:7d:88:8c:2d:38:eb: 11:74:2b:69:f4:41:86:44:4b:82:83:9f:79:48:5b:8c:c8:ef: 91:6f:fd:d4:01:15:1f:0b:4b:8d:c7:49:7e:20:2b:73:b3:65: 0c:b0:ce:85:f3:0f:91:1a:5c:c8:c1:6c:92:7f:67:46:d7:f4: b4:fe:74:fc:68:47:79:b9:2f:54:da:97:c0:89:64:bb:39:43: 27:03:5d:15:dc:51:b4:27:40:f8:2f:bc:0d:24:59:b7:4b:8d: 08:9b:ff:50:13:38:2b:5c:08:ec:ce:e8:0a:9e:a2:ca:6f:68: 31:e4:9f:0e:a2:6e:47:a3:15:51:82:ca:27:62:60:fc:60:20: f5:5d:c7:33:af:3a:13:77:2d:75:17:fc:15:9e:15:6f:cc:04: b6:4b:fc:70:26:73:e4:92:cc:5c:56:6e:63:bd:21:0b:73:2f: ff:a6:fd:41 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzMjJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg4NDM3ODJBMzAwREVG NzAyQ0REQjkxRjU5MTg0NUMzMjNDMzM2MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCktipdcBqOb+sExEtKyub4a+Pf9cYlzME09cVBT4FsSTe95pY5 T7jjhywWHiEJWvRn9wrOfKKPVaqGzYFjkJLend4/rcsX2NbUWHXETmFwEgJ5x3IC Cyhu1kMVhKInJyUnO1fhzO2A69JstcQ3y1y1SMLGCtaTduvUaY/Q84UKpU2HodN7 WGoERQslFWF8VEPdKrzLExqp772+oNgo81PdMFe6Wr1RU/h13xQPFLbl6gQZ7mI7 Mca7raSMCcMYF89PJulGLEmhzh2srhsK63jPx9+PdAvio5Zezm8fUUapm5dc5NCy P52b4BjLS6YdzAQYZCChES/HEzuv08hZm5zZAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUiEN4KjAN73As3bkfWRhFwyPDNiYwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaUVONEtqQU43M0FzM2JrZldSaEZ3 eVBETmlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzz1eDAN BgkqhkiG9w0BAQsFAAOCAQEApxNbdJ/mPCEHHTeDmC83pnCpoUWUzK0ORCVSxbEp 64DPdwllckIfEUIhxAZg2wn1+Ipd40mrTYnEacfJ+G+5ztA+w3vs9LbZY1dflwjI e46HSV3QfYiMLTjrEXQrafRBhkRLgoOfeUhbjMjvkW/91AEVHwtLjcdJfiArc7Nl DLDOhfMPkRpcyMFskn9nRtf0tP50/GhHebkvVNqXwIlkuzlDJwNdFdxRtCdA+C+8 DSRZt0uNCJv/UBM4K1wI7M7oCp6iym9oMeSfDqJuR6MVUYLKJ2Jg/GAg9V3HM686 E3ctdRf8FZ4Vb8wEtkv8cCZz5JLMXFZuY70hC3Mv/6b9QQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:08:15 2025 by rpki-client