$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/xffnP06jJW7rSltNb65_-9irA5Q.roa File: xffnP06jJW7rSltNb65_-9irA5Q.roa (raw, json) Hash identifier: kE0fcYJla5JIculNAoaQpgueYiICgCqWDlwl9rqHMeg= Subject key identifier: C5:F7:E7:3F:4E:A3:25:6E:EB:4A:5B:4D:6F:AE:7F:FB:D8:AB:03:94 Certificate issuer: /CN=1D4D78F56750C7598953366D459A12B658B7FF38 Certificate serial: 043B Authority key identifier: 1D:4D:78:F5:67:50:C7:59:89:53:36:6D:45:9A:12:B6:58:B7:FF:38 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/xffnP06jJW7rSltNb65_-9irA5Q.roa Signing time: Fri 22 Aug 2025 08:58:58 +0000 ROA not before: Fri 22 Aug 2025 08:58:58 +0000 ROA not after: Sat 22 Aug 2026 08:14:28 +0000 asID: 18041 IP address blocks: 2406:bfc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 08:44:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1083 (0x43b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1D4D78F56750C7598953366D459A12B658B7FF38 Validity Not Before: Aug 22 08:58:58 2025 GMT Not After : Aug 22 08:14:28 2026 GMT Subject: CN=C5F7E73F4EA3256EEB4A5B4D6FAE7FFBD8AB0394 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c0:e9:78:ba:45:d5:89:d7:7e:09:74:19:8f: 09:21:63:9d:e3:2e:39:29:9a:d5:e0:2c:d3:5e:76: 80:3c:38:3e:ca:d3:2a:99:a6:74:e7:2a:5c:b0:ca: 11:22:e0:4f:4c:9a:08:59:f9:26:f2:bd:5e:28:84: fa:4a:b5:a5:24:b0:c8:0c:d5:9a:f4:2b:8d:32:b7: b2:2c:6c:d4:3c:3d:cc:29:95:2c:19:29:76:d6:bf: 6b:ab:7e:81:30:6b:39:a7:b4:b9:f1:de:55:fb:cc: e2:49:07:42:b5:0d:be:72:ec:88:84:80:0b:7b:d9: 22:5b:0b:51:75:38:fc:d5:d3:b9:26:3b:8e:c5:ce: 7a:28:8a:be:f6:44:1f:f6:f8:12:50:d8:f8:bf:f2: 0f:36:25:2d:31:1b:91:fb:75:52:23:29:a8:f5:79: 75:8f:57:90:f6:89:65:8c:c9:b0:e6:43:5d:c3:97: 73:8c:88:b4:5a:df:53:86:6d:13:04:f3:84:4d:f7: 61:7d:96:b7:f9:a6:de:61:be:d8:26:0a:5d:f1:57: 93:dc:27:77:eb:bf:e4:a3:4a:34:89:bf:39:af:3a: 35:2c:6a:de:05:07:3a:fe:f5:43:9f:c5:bb:86:f6: c3:ca:8b:f6:51:fa:6c:39:fe:ff:bb:84:48:ee:9c: de:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F7:E7:3F:4E:A3:25:6E:EB:4A:5B:4D:6F:AE:7F:FB:D8:AB:03:94 X509v3 Authority Key Identifier: keyid:1D:4D:78:F5:67:50:C7:59:89:53:36:6D:45:9A:12:B6:58:B7:FF:38 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/HU149WdQx1mJUzZtRZoStli3_zg.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HU149WdQx1mJUzZtRZoStli3_zg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NEBULAX/xffnP06jJW7rSltNb65_-9irA5Q.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:bfc0::/32 Signature Algorithm: sha256WithRSAEncryption 96:25:c2:87:15:64:b4:05:09:aa:cc:05:3b:a7:c3:3d:85:f0: 34:c9:0d:26:93:6e:44:6c:21:3b:ce:bf:8d:fb:cc:42:7d:da: ca:00:80:c9:27:14:4c:05:25:15:d9:8a:55:86:50:fa:bb:e3: 13:cd:c6:20:b6:97:7c:d3:93:f6:d0:2e:28:ed:4d:0a:d5:d1: fa:35:79:b1:00:d6:85:8c:89:92:70:91:25:12:74:1f:d5:59: d4:6a:e4:53:f8:6c:a1:75:3f:50:52:4c:16:4a:41:e7:c6:7c: c6:a7:36:04:a7:a4:9b:f7:f3:ac:19:b6:d2:2d:08:b2:3e:16: 59:29:cb:7c:14:ca:bf:00:78:9a:e6:d2:61:74:a9:17:8d:52: 41:05:f3:29:4f:b0:ce:94:43:6d:7d:50:60:33:a7:c0:80:62: 53:e9:fa:b8:9d:9d:50:c6:bd:49:cd:cf:e3:cd:7c:91:c2:30: fd:c7:8c:e9:4a:a5:6b:ea:2f:f5:97:fa:dc:4f:26:62:a6:59: 84:25:b5:a5:20:23:03:38:6e:36:f2:e7:41:dd:4c:67:fc:96: b9:7a:0b:64:41:5b:bf:40:7a:f1:fa:3c:56:26:83:df:67:99: 95:51:9a:a6:34:1c:03:33:4c:be:fe:39:6d:3b:2b:16:8e:1e: 12:43:94:d1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICBDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUQ0 RDc4RjU2NzUwQzc1OTg5NTMzNjZENDU5QTEyQjY1OEI3RkYzODAeFw0yNTA4MjIw ODU4NThaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM1RjdFNzNGNEVBMzI1 NkVFQjRBNUI0RDZGQUU3RkZCRDhBQjAzOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpwOl4ukXVidd+CXQZjwkhY53jLjkpmtXgLNNedoA8OD7K0yqZ pnTnKlywyhEi4E9MmghZ+SbyvV4ohPpKtaUksMgM1Zr0K40yt7IsbNQ8PcwplSwZ KXbWv2urfoEwazmntLnx3lX7zOJJB0K1Db5y7IiEgAt72SJbC1F1OPzV07kmO47F znooir72RB/2+BJQ2Pi/8g82JS0xG5H7dVIjKaj1eXWPV5D2iWWMybDmQ13Dl3OM iLRa31OGbRME84RN92F9lrf5pt5hvtgmCl3xV5PcJ3frv+SjSjSJvzmvOjUsat4F Bzr+9UOfxbuG9sPKi/ZR+mw5/v+7hEjunN7/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxffnP06jJW7rSltNb65/+9irA5QwHwYDVR0jBBgwFoAUHU149WdQx1mJUzZt RZoStli3/zgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkVCVUxB WC9IVTE0OVdkUXgxbUpVelp0UlpvU3RsaTNfemcuY3JsMGAGCCsGAQUFBwEBBFQw UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J Q0NBL0hVMTQ5V2RReDFtSlV6WnRSWm9TdGxpM196Zy5jZXIwDgYDVR0PAQH/BAQD AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL05FQlVMQVgveGZmblAwNmpKVzdyU2x0 TmI2NV8tOWlyQTVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACQGv8AwDQYJKoZIhvcNAQELBQADggEBAJYlwocVZLQFCarMBTunwz2F8DTJDSaT bkRsITvOv437zEJ92soAgMknFEwFJRXZilWGUPq74xPNxiC2l3zTk/bQLijtTQrV 0fo1ebEA1oWMiZJwkSUSdB/VWdRq5FP4bKF1P1BSTBZKQefGfManNgSnpJv386wZ ttItCLI+Flkpy3wUyr8AeJrm0mF0qReNUkEF8ylPsM6UQ219UGAzp8CAYlPp+rid nVDGvUnNz+PNfJHCMP3HjOlKpWvqL/WX+txPJmKmWYQltaUgIwM4bjby50HdTGf8 lrl6C2RBW79AevH6PFYmg99nmZVRmqY0HAMzTL7+OW07KxaOHhJDlNE= -----END CERTIFICATE-----Generated at Sun Aug 24 07:18:24 2025 by rpki-client