$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/nN3jKdpai-dH0EejGxRzTAVYYVw.roa File: nN3jKdpai-dH0EejGxRzTAVYYVw.roa (raw, json) Hash identifier: aP1d3iNqLD2KIOsXXTXi9YHxv/xnYPLdyX/E8EfFPMo= Subject key identifier: 9C:DD:E3:29:DA:5A:8B:E7:47:D0:47:A3:1B:14:73:4C:05:58:61:5C Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Certificate serial: 1A3F Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nN3jKdpai-dH0EejGxRzTAVYYVw.roa Signing time: Fri 22 Aug 2025 08:53:51 +0000 ROA not before: Fri 22 Aug 2025 08:53:51 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 131597 IP address blocks: 106.105.224.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6719 (0x1a3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72 Validity Not Before: Aug 22 08:53:51 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=9CDDE329DA5A8BE747D047A31B14734C0558615C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:44:84:15:6e:fb:97:7b:1e:64:e7:0d:18:ca: ed:91:4b:ea:37:78:d2:21:d0:d1:6a:18:b8:09:09: ae:4a:d2:91:17:50:fc:b1:ee:32:f9:a2:68:bd:30: 32:cb:4c:a5:87:da:82:c1:eb:3b:7c:d9:c2:28:62: d4:26:20:ef:a1:3b:4a:e3:8c:4c:74:a7:b6:f9:e6: d6:de:0b:e4:6c:0b:90:7b:91:54:7e:cc:51:0f:c1: 0f:ca:81:31:e4:46:ae:5b:89:0d:86:d4:23:8e:1c: 4b:be:ca:a7:71:80:0d:55:cd:63:63:c3:76:11:9f: f2:6c:a9:77:de:68:ca:8f:fe:57:1f:9a:b7:4d:aa: ad:37:83:ce:38:01:3d:8a:58:ca:36:3c:b0:4a:e2: d2:64:6e:fd:c7:f6:73:c1:45:98:31:7c:a6:8f:08: aa:b1:85:56:64:a7:37:c4:78:62:5f:b8:b9:bc:b0: 81:c7:a2:1a:86:b6:2d:56:8c:74:27:15:f2:76:53: 38:d0:d7:0c:74:24:9e:52:06:77:c9:8e:6d:33:63: 3a:a8:30:84:b9:b7:e0:86:15:75:d3:d2:8f:3b:6f: 47:9c:f6:9a:6f:0a:d6:27:8d:49:9f:63:78:ea:3c: 18:cf:49:e4:1e:a2:b4:79:7e:8c:62:8c:0e:3f:58: ac:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:DD:E3:29:DA:5A:8B:E7:47:D0:47:A3:1B:14:73:4C:05:58:61:5C X509v3 Authority Key Identifier: keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/nN3jKdpai-dH0EejGxRzTAVYYVw.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 106.105.224.0/21 Signature Algorithm: sha256WithRSAEncryption c7:bc:d3:f2:92:af:f8:23:da:2b:ca:15:67:c6:6c:81:57:ea: 75:d3:83:e8:5d:1f:8b:d8:a6:09:08:cd:96:14:64:4c:aa:10: ab:dd:89:97:ea:8d:59:2e:35:96:45:92:17:eb:14:9c:e5:f4: d7:7e:1a:46:12:da:a7:6b:89:46:1f:26:f3:0c:ed:eb:b3:10: 89:51:98:c8:6a:8a:59:a0:24:4e:1e:0b:92:5a:c7:07:ab:27: 0e:9e:ef:e5:f2:aa:ec:33:58:07:c4:5e:25:17:73:82:c6:92: cb:7d:c7:b4:cf:c0:fb:cc:d4:38:2a:a9:ae:16:07:ad:61:27: fc:ce:67:47:eb:5b:dc:3f:e7:34:75:cd:59:a2:fd:0f:68:16: 39:17:ee:bc:65:b8:00:2b:41:4c:94:51:d7:b3:77:6e:24:7f: c9:bd:5e:bd:3f:81:26:b0:fe:47:80:31:e6:66:c3:92:aa:19: 12:d4:ec:3d:f9:35:9b:8a:22:99:8a:2e:1e:ea:b8:8f:75:a5: ad:d2:67:11:b0:e8:d5:7e:3d:b2:98:6d:30:8e:55:3e:be:35: c7:f4:4b:c4:33:e1:b7:6f:79:74:b9:5f:98:6d:d9:02:bc:d7: 40:2f:b2:37:1e:30:04:4c:b1:a1:f6:72:95:3b:0f:5c:2b:5c: 4f:09:c2:f6 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICGj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw ODUzNTFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDlDRERFMzI5REE1QThC RTc0N0QwNDdBMzFCMTQ3MzRDMDU1ODYxNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLRIQVbvuXex5k5w0Yyu2RS+o3eNIh0NFqGLgJCa5K0pEXUPyx 7jL5omi9MDLLTKWH2oLB6zt82cIoYtQmIO+hO0rjjEx0p7b55tbeC+RsC5B7kVR+ zFEPwQ/KgTHkRq5biQ2G1COOHEu+yqdxgA1VzWNjw3YRn/JsqXfeaMqP/lcfmrdN qq03g844AT2KWMo2PLBK4tJkbv3H9nPBRZgxfKaPCKqxhVZkpzfEeGJfuLm8sIHH ohqGti1WjHQnFfJ2UzjQ1wx0JJ5SBnfJjm0zYzqoMIS5t+CGFXXT0o87b0ec9ppv CtYnjUmfY3jqPBjPSeQeorR5foxijA4/WKzXAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUnN3jKdpai+dH0EejGxRzTAVYYVwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbk4zaktkcGFpLWRIMEVlakd4UnpU QVZZWVZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2pp4DAN BgkqhkiG9w0BAQsFAAOCAQEAx7zT8pKv+CPaK8oVZ8ZsgVfqddOD6F0fi9imCQjN lhRkTKoQq92Jl+qNWS41lkWSF+sUnOX0134aRhLap2uJRh8m8wzt67MQiVGYyGqK WaAkTh4LklrHB6snDp7v5fKq7DNYB8ReJRdzgsaSy33HtM/A+8zUOCqprhYHrWEn /M5nR+tb3D/nNHXNWaL9D2gWORfuvGW4ACtBTJRR17N3biR/yb1evT+BJrD+R4Ax 5mbDkqoZEtTsPfk1m4oimYouHuq4j3WlrdJnEbDo1X49sphtMI5VPr41x/RLxDPh t295dLlfmG3ZArzXQC+yNx4wBEyxofZylTsPXCtcTwnC9g== -----END CERTIFICATE-----Generated at Sun Aug 24 11:53:15 2025 by rpki-client