$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCREE/9Earbhkqa-LgKS3Zg9gzfEBE5p0.roa File: 9Earbhkqa-LgKS3Zg9gzfEBE5p0.roa (raw, json) Hash identifier: Yro1LcI6Kqx48UAAj4bjWnwW3ENJmLQLiXoZ5hUTbAI= Subject key identifier: F4:46:AB:6E:19:2A:6B:E2:E0:29:2D:D9:83:D8:33:7C:40:44:E6:9D Certificate issuer: /CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90 Certificate serial: 0D82 Authority key identifier: 3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/9Earbhkqa-LgKS3Zg9gzfEBE5p0.roa Signing time: Fri 22 Aug 2025 08:44:31 +0000 ROA not before: Fri 22 Aug 2025 08:44:31 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18183 IP address blocks: 103.189.132.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3458 (0xd82) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90 Validity Not Before: Aug 22 08:44:31 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=F446AB6E192A6BE2E0292DD983D8337C4044E69D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c9:1e:fd:45:4c:74:48:e3:29:1d:11:36:1b: 21:0f:32:65:39:c5:89:7a:f2:31:07:de:62:38:02: 6e:55:3f:c4:7c:b1:b4:85:3d:e5:e7:2a:3a:3e:c2: 55:65:2f:17:c7:96:65:88:26:fb:1a:db:fc:19:98: 7b:b9:3a:2f:dc:c4:b3:7b:e0:55:b8:51:1f:f9:88: 1b:7f:bb:eb:e5:fb:3a:cf:23:12:67:2f:a0:89:8a: 65:a9:5d:8e:03:bd:99:30:0c:54:13:ea:08:a1:d6: d3:9b:b3:45:ee:c0:5e:51:35:76:88:1f:7d:35:4c: 4d:62:87:0f:83:95:e8:da:ca:1c:9c:cb:69:55:64: d8:9b:3d:05:32:16:64:91:9d:56:f3:88:48:f2:b9: d6:26:c9:b6:f6:7b:b1:81:2f:47:7b:7a:c9:76:19: d7:05:32:b9:04:23:f2:53:c2:60:26:bc:44:0c:36: 3a:6d:3e:8a:18:1e:08:e5:bd:11:e6:76:73:8a:97: 74:46:83:10:d4:c9:d6:0c:72:52:88:0f:ba:47:6f: ec:93:2f:7c:a5:9f:4a:d9:9c:17:d6:c8:92:3c:37: d1:bc:6e:75:8b:2e:53:8e:48:ed:d3:40:40:f8:97: d1:f0:31:1a:fe:d9:f1:ef:b8:74:21:3e:85:02:21: 4c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:46:AB:6E:19:2A:6B:E2:E0:29:2D:D9:83:D8:33:7C:40:44:E6:9D X509v3 Authority Key Identifier: keyid:3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/9Earbhkqa-LgKS3Zg9gzfEBE5p0.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.189.132.0/23 Signature Algorithm: sha256WithRSAEncryption 31:2a:a5:1b:b1:43:4a:f9:e9:56:06:44:65:53:3a:93:72:b4: 6b:a8:68:12:84:91:2e:85:1d:eb:b4:05:f1:fe:5d:c2:bd:74: ee:8b:b6:96:e2:c1:e4:a9:07:09:ef:f3:a9:c3:cd:e7:7a:e0: 4e:be:42:97:aa:81:23:83:67:d2:fc:4a:d4:2b:3a:46:f4:84: 23:55:30:0e:f0:dc:51:85:78:2c:a8:50:42:2c:e7:c8:56:0c: 7d:d1:4d:e3:b9:5b:3b:8b:f6:1e:1e:eb:34:ee:90:86:0b:b2: e7:eb:36:1d:bc:37:fc:06:33:a2:b6:77:4e:4b:48:93:3e:10: 91:6c:f2:b9:1b:7c:3c:fd:da:66:76:d7:bb:32:7d:d9:d6:06: 47:84:02:3c:f3:8e:e3:28:2a:2b:43:ef:0f:d8:b8:d7:1b:2b: 9e:e1:32:ec:7e:a6:bc:4e:77:0a:2f:de:03:6f:2a:aa:eb:7f: 13:3d:86:b7:a8:fd:d8:2a:08:f9:b5:d6:93:29:21:17:cf:f6: b1:2e:74:c0:1c:a9:6f:26:85:b1:8d:c6:d5:6f:d4:48:0b:19: c9:c9:30:f7:0d:e0:6c:7e:ce:50:bb:15:0f:24:16:54:cd:29: 9e:e1:bb:b3:dd:6a:60:af:9d:34:68:95:f7:d6:26:db:d6:11: 87:a2:fd:58 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICDYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0I0 OUI4N0EzRkYzODk2MzRDN0QwOTBENzZEQUVBQTk2RkVFRkQ5MDAeFw0yNTA4MjIw ODQ0MzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEY0NDZBQjZFMTkyQTZC RTJFMDI5MkREOTgzRDgzMzdDNDA0NEU2OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCryR79RUx0SOMpHRE2GyEPMmU5xYl68jEH3mI4Am5VP8R8sbSF PeXnKjo+wlVlLxfHlmWIJvsa2/wZmHu5Oi/cxLN74FW4UR/5iBt/u+vl+zrPIxJn L6CJimWpXY4DvZkwDFQT6gih1tObs0XuwF5RNXaIH301TE1ihw+Dlejayhycy2lV ZNibPQUyFmSRnVbziEjyudYmybb2e7GBL0d7esl2GdcFMrkEI/JTwmAmvEQMNjpt PooYHgjlvRHmdnOKl3RGgxDUydYMclKID7pHb+yTL3yln0rZnBfWyJI8N9G8bnWL LlOOSO3TQED4l9HwMRr+2fHvuHQhPoUCIUwrAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQU9Earbhkqa+LgKS3Zg9gzfEBE5p0wHwYDVR0jBBgwFoAUO0m4ej/ziWNMfQkN dtrqqW/u/ZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNSRUUv TzBtNGVqX3ppV05NZlFrTmR0cnFxV191X1pBLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS9PMG00ZWpfemlXTk1mUWtOZHRycXFXX3VfWkEuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ1JFRS85RWFyYmhrcWEtTGdLUzNaZzln emZFQkU1cDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ72E MA0GCSqGSIb3DQEBCwUAA4IBAQAxKqUbsUNK+elWBkRlUzqTcrRrqGgShJEuhR3r tAXx/l3CvXTui7aW4sHkqQcJ7/Opw83neuBOvkKXqoEjg2fS/ErUKzpG9IQjVTAO 8NxRhXgsqFBCLOfIVgx90U3juVs7i/YeHus07pCGC7Ln6zYdvDf8BjOitndOS0iT PhCRbPK5G3w8/dpmdte7Mn3Z1gZHhAI8847jKCorQ+8P2LjXGyue4TLsfqa8TncK L94Dbyqq638TPYa3qP3YKgj5tdaTKSEXz/axLnTAHKlvJoWxjcbVb9RICxnJyTD3 DeBsfs5QuxUPJBZUzSme4buz3Wpgr500aJX31ibb1hGHov1Y -----END CERTIFICATE-----Generated at Sun Aug 24 06:49:51 2025 by rpki-client