$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/zRJpjajR3PPfEKnB11lEsBEM2Pc.roa File: zRJpjajR3PPfEKnB11lEsBEM2Pc.roa (raw, json) Hash identifier: CzMZ31n5uJYTMuQsDkpCvQymXaXlaut5eWMI0uJsKqU= Subject key identifier: CD:12:69:8D:A8:D1:DC:F3:DF:10:A9:C1:D7:59:44:B0:11:0C:D8:F7 Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Certificate serial: 1071 Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/zRJpjajR3PPfEKnB11lEsBEM2Pc.roa Signing time: Fri 22 Aug 2025 08:54:16 +0000 ROA not before: Fri 22 Aug 2025 08:54:16 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 9919 IP address blocks: 192.72.192.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 13:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4209 (0x1071) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665 Validity Not Before: Aug 22 08:54:16 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=CD12698DA8D1DCF3DF10A9C1D75944B0110CD8F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ef:4f:be:00:22:74:91:66:67:f1:1a:23:27: 38:50:c5:1d:1a:f0:98:8c:c7:e4:d5:cf:1e:21:9e: 5d:26:6d:5f:18:e7:bf:43:ea:77:32:a5:5c:65:7c: d7:1f:e5:2a:61:48:a5:14:1e:ab:17:39:55:b6:70: 4b:86:7c:31:d6:bb:57:29:25:66:64:50:ed:e1:53: 44:c1:f3:e0:16:3e:2a:78:59:1e:40:23:f2:e9:5f: dc:ec:b4:f6:91:12:20:6f:d8:18:11:b4:52:9c:b4: f4:01:95:cf:d2:82:ec:af:a9:1f:3e:5f:91:91:24: fc:29:21:f1:ad:55:1d:7a:27:08:cb:8c:56:cc:d5: 51:3c:50:c2:25:b4:f5:cf:9e:71:16:04:23:3c:b7: d1:f1:fb:d3:a8:95:63:b8:a7:28:b2:5f:b6:02:76: e0:7c:bc:47:d3:b8:6e:54:e4:ee:57:6a:9f:bb:bf: f0:11:bf:e0:1f:9b:dc:2f:cb:01:d5:15:f1:d5:38: 30:d0:5b:a1:4c:2a:0b:e5:d3:92:3c:8f:46:b4:36: 03:7a:3e:a3:60:94:d2:df:3f:1f:c1:a8:60:14:16: 87:4c:dd:be:21:8f:c2:e6:f8:3a:bf:03:f1:b4:d9: eb:48:67:a5:36:ba:9b:ee:1a:d0:a2:3c:71:5f:2e: 7e:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:12:69:8D:A8:D1:DC:F3:DF:10:A9:C1:D7:59:44:B0:11:0C:D8:F7 X509v3 Authority Key Identifier: keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/zRJpjajR3PPfEKnB11lEsBEM2Pc.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 192.72.192.0/19 Signature Algorithm: sha256WithRSAEncryption 1e:7e:64:9e:21:75:13:55:1d:22:42:21:16:a7:8a:51:8e:03: 21:a1:99:81:15:7e:db:2c:67:b6:c0:12:88:4e:cf:dc:82:c1: ba:db:9f:a3:0b:5b:82:33:b4:da:8f:2a:e3:ef:fd:50:b4:a0: d2:52:fa:a9:0f:3b:b0:b3:18:eb:91:c0:9f:e8:8c:0c:83:73: df:15:83:79:96:18:7d:d8:64:ab:fc:8c:61:b3:2c:bc:a4:7f: 42:c7:8d:d9:53:ef:28:2a:ff:24:43:c5:fc:15:c6:54:4d:76: e4:bb:38:37:c0:7b:14:53:fb:4e:30:ee:09:ea:8e:5f:0f:11: 0e:28:f3:f1:05:f8:3a:07:6f:db:58:15:3b:00:a8:84:02:f1: f2:bd:90:e1:d2:1d:56:20:5f:b5:91:96:f1:da:4d:c8:8e:c8: 04:7d:c9:f0:fe:30:d7:9c:0b:69:88:6b:96:7e:75:41:79:3f: 41:36:b5:2e:ee:8c:2a:da:fa:bb:a9:8a:a1:8b:25:e7:9d:38: 13:94:8a:c9:dd:a6:55:d0:a9:b5:5e:b7:1e:1e:c5:b4:c8:44: 7f:04:25:79:3a:cc:9c:45:56:be:c1:65:d5:8d:72:68:ab:38: 5b:3f:18:b9:d0:07:88:ef:89:4c:05:cf:90:ed:1d:31:4b:9d: 6d:eb:43:34 -----BEGIN CERTIFICATE----- MIIEzjCCA7agAwIBAgICEHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw ODU0MTZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKENEMTI2OThEQThEMURD RjNERjEwQTlDMUQ3NTk0NEIwMTEwQ0Q4RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDs70++ACJ0kWZn8RojJzhQxR0a8JiMx+TVzx4hnl0mbV8Y579D 6ncypVxlfNcf5SphSKUUHqsXOVW2cEuGfDHWu1cpJWZkUO3hU0TB8+AWPip4WR5A I/LpX9zstPaREiBv2BgRtFKctPQBlc/SguyvqR8+X5GRJPwpIfGtVR16JwjLjFbM 1VE8UMIltPXPnnEWBCM8t9Hx+9OolWO4pyiyX7YCduB8vEfTuG5U5O5Xap+7v/AR v+Afm9wvywHVFfHVODDQW6FMKgvl05I8j0a0NgN6PqNglNLfPx/BqGAUFodM3b4h j8Lm+Dq/A/G02etIZ6U2upvuGtCiPHFfLn6FAgMBAAGjggHqMIIB5jAdBgNVHQ4E FgQUzRJpjajR3PPfEKnB11lEsBEM2PcwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC 1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90 S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvelJKcGphalIzUFBmRUtuQjExbEVz QkVNMlBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcBIwDAN BgkqhkiG9w0BAQsFAAOCAQEAHn5kniF1E1UdIkIhFqeKUY4DIaGZgRV+2yxntsAS iE7P3ILButufowtbgjO02o8q4+/9ULSg0lL6qQ87sLMY65HAn+iMDINz3xWDeZYY fdhkq/yMYbMsvKR/QseN2VPvKCr/JEPF/BXGVE125Ls4N8B7FFP7TjDuCeqOXw8R Dijz8QX4Ogdv21gVOwCohALx8r2Q4dIdViBftZGW8dpNyI7IBH3J8P4w15wLaYhr ln51QXk/QTa1Lu6MKtr6u6mKoYsl5504E5SKyd2mVdCptV63Hh7FtMhEfwQleTrM nEVWvsFl1Y1yaKs4Wz8YudAHiO+JTAXPkO0dMUudbetDNA== -----END CERTIFICATE-----Generated at Sun Aug 24 09:43:22 2025 by rpki-client